NEWS FROM THE LAB - Thursday, October 18, 2012

'Cyber Pearl Harbor' Posted by Mikko @ 16:52 GMT

US Defense Secretary Leon E. Panetta has warned that the United States faces a possible 'Cyber Pearl Harbor' attack by foreign computer hackers.

Is the risk level really so high?

In order to estimate the risk of an attack, you have to understand your enemy.

There are various players behind the online attacks, with completely different motives and with different techniques. If you want to effectively defend against attacks, you have to be able to estimate who is most likely going to attack you, and why.

A common fear people have is that somebody would somehow take down the Internet. If we forget the technical difficulties of such an attack, let�s think for a moment who would want to do that and why. Spammers and online crime gangs definitely wouldn�t want to take down the Internet, as they need it to earn their living. Hactivists groups or movements like Anonymous probably wouldn�t really want to do it either, as these people practically live online. And a foreign nation-state could probably benefit much more by tapping Internet traffic, using the net for espionage or by inserting forged traffic.

We can apply a similar thinking model to any other critical infrastructure sector, including electricity distribution, water supply, nuclear systems and so on. Some of them are more likely to be targeted than others, but the defense must start from understanding the enemy. It�s quite clear that real-world crisis in the future are very likely to have cyber components as well.

If we look for offensive cyber attacks that have been linked back to a known government, we mostly find attacks that have been launched by United States, not against them. So far, antivirus companies have found five different malware attacks linked to operation 'Olympic Games' run by US and Israel. When New York Times ran the story linking US Government and the Obama administration to these attacks, White House started an investigation on who had leaked the information. Note that they never denied the story. They just wanted to know who leaked it.

As United States is doing offensive cyber attacks against other countries, certainly other countries feel that they are free to do the same. Unfortunately the United States has the most to lose from attacks like these.


Mikko Hypponen