Feature

Analysis: Targeted attacks set new challenges

The phrase 'cold war' is one that most people would consider to have been consigned to history after the USSR collapsed and the Berlin Wall came down.

But the phrase is being heard again, with a sense of urgency and a new spin - cyber cold war - following the Chinese hack attacks on Google. For the channel, this could aid a sales pitch, but equally it is something the channel needs to be aware of as the security landscape changes.

In a nutshell, the internet search giant had followed a policy of allowing a high degree of censorship in China to appease the Communist authorities. But following the hack attack, which many view as having been state-backed, Google has announced plans to pull out of the country.

Sophisticated threats

More worrying is the way the attack was carried out and the degree of sophistication used by those aiming to cripple a global commercial operation.
 
The obvious question about whether or not it could happen again seems to have been answered already. It is not so much a question of if, but when, as global attacks happen with alarming regularity. According to the latest McAfee cyber security report, which was issued at the world economic forum annual meeting in Davos last week, critical infrastructure is under constant cyber attack.

In the report, In the Crossfire: Critical infrastructure in the age of cyberwar, the Centre for Strategic and International Studies (CSIS) found that not only is the risk of attack increasing, but so is the understanding that there are problems.

"In today's economic climate, it is imperative that organisations prepare for the instability that cyber attacks on critical infrastructure can cause," says Dave DeWalt, president and chief executive officer of McAfee, who commissioned the report.

"From public transportation, to energy, to telecommunications; these are the systems we depend on every day. An attack on any of these industries could cause widespread economic disruption, environmental disasters, loss of property and even loss of life," he adds.

Working together

But organisations are still in the early stages of readying themselves to prevent those attacks. The CSIS found that most sectors believe they are unprepared, with India and Mexico the least confident countries.

The recession has forced cuts in security budgets which have contributed to the potential problems. Added to that is the involvement of governments wading in to undermine enemies and rivals.

One answer is for more joined up thinking, with governments and companies working together.
"Relationships between the governments and private sector organisations involved are complex, but it is essential that each has faith in the other's ability. The security industry will always strive to stay one step ahead, but in the absence of any technological silver bullet, regulation has a role to play in defending critical infrastructures around the world," says Stewart Baker, distinguished visiting fellow at CSIS.

The crucial question is whether or not that will happen. Resellers at the front line will realise that something significant has changed in the security game, but will their customers?

"The attack announced by Google and identified by McAfee was the most sophisticated threat seen in years, making it a watershed moment in cybersecurity because of the targeted and coordinated nature of the attack," says DeWalt. The question is, just how many people really understand what he means by that?

Changing threats

There have been several stages in the development of security products, the most obvious being the shift from physical to digital. But even in the past 20 years it is possible to identify three broad stages of development:

  • Stage one involved geeky clever virus writers exploiting the infancy of the internet to show off and cause disruption to gain publicity.
  • Stage two saw the arrival of cyber criminals, keen to remain hidden in the shadows, exploiting weaknesses to gain access to sensitive and valuable digital data.
  • Stage three is when the security debate reaches a political and global dimension. The Chinese attack on Google marks the moment when attacks can be motivated by politics and the phrase 'cyber war' comes into play.

The problem is that all of these stages have blended together, making it much harder for resellers and their customers' security managers to keep on top of it.

This was first published in January 2010

Join the conversation Comment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.