Global Cyber Attacks Multiply Exponentially

The Year of Red October

You could be forgiven for hitting the panic button if you discovered that firefighters had given up and sought divine intervention to control a blaze.

Something like that would have been the case, however, when the security chiefs of some major US banks, generally considered the best in their business within the private sector, recently turned to the National Security Agency for help to protect their computer systems after a barrage of attacks on their web sites rendered them helpless.

All right, the NSA isn't God, but you get the point. It is less than three weeks into the new year and the signs are already on the wall: this is going to be a busy year of cyber espionage and cybercrime activities.

Those cyber-attacks - said to be the most sophisticated known form of distributed denial-of-service, or DDoS - have so far disrupted the web sites of the Bank of America, PNC Bank, Wells Fargo, Citigroup, HSBC and Sun Trust, according to the Washington Post earlier this month.

The increasingly complex cyber intrusions began a year ago, have intensified since September and targeted up to seven banks a day in recent weeks - though oddly only on Tuesdays, Wednesdays and Thursdays - the report said.

The involvement of the NSA amplifies the US government's fears about unprecedented aggression on the commercial world, the financial sector in particular.

Another report, in the Wall Street Journal, indicated that US officials suspected the attacks on US banks may have originated in Iran in apparent retaliation for the sophisticated Stuxnet virus that sought to disable the Iranian nuclear program. However, the Iranian government "categorically denies" any involvement in the attacks, said Alireza Miryousefi, spokesman for Iran's mission to the United Nations.

"The malicious, false allegations against Iran are aimed at demonizing Iran and provide the excuse for further actions," he added.

Other Iranian officials said the original IP (internet protocol) addresses were from Italy and the United Kingdom and used Iranian computers to cover up the original attack.

But the US government and American businesses aren't alone in being attacked by the mysterious cyber attacks, or spared for that matter. Just last week, the Russian internet security firm Kaspersky said they discovered a previously unknown and advanced cyber espionage network that has been collecting top secret data from diplomatic, scientific and corporate computers around the world since 2007.

Although dubbed "Red October" - after the book and movie "The Hunt for Red October" by spy novelist Tom Clancy, given the "Russian-speaking origins" of the attackers, the malware may have been set up by Chinese hackers, according to one report that explained the vulnerabilities used for these programs were first identified by the Chinese.

This network has been siphoning "classified information and geopolitical intelligence" from embassies and other diplomatic and governmental locations, research institutions, trade and commerce organizations, nuclear and energy research entities, oil and gas companies, aerospace and military units.

Wherever they have originated from. hundreds of infections have so far been located worldwide, mostly in central Asia and the former-Soviet Eastern European countries, plus others in Western Europe and North America.

The network has taken advantage of certain vulnerabilities found in Microsoft Office software like Excel or Word, along with the use of spear-phishing attacks - sending fraudulent e-mails that seem to originate from someone within an organization which then try to trick the recipient into revealing confidential data or clicking on an unsuspected link.

Perhaps the most disturbing finding, however, is that contrary to the report of Iranian involvement, there is little to suggest these are state-sponsored activities and no sign of what has been done with the stolen data.

The thought of some restless computer whiz kids simply plying their trade in some form of competitive cyber games of stealing data for points offers no comfort. Stolen highly classified and sensitive data translate to risks and vulnerabilities. The world can ill afford such data falling into the wrong hands.

Think again if you were tempted to conclude that individuals are safe from the radar of cyber criminals.

Just last week, The Register, the London-based publication which covers the tech industry, reported that those Cisco VoIP (Voice-Over-Internet-Protocol) - and most VoIP - phones commonly found in offices have security vulnerabilities that can transform them into eavesdropping and bugging devices.

The report cited research findings from Columbia University that showed how the operating system kernel in these phones was not correctly validating data supplied by accompanying applications, meaning the system instead trusted the software to act responsibly.

In short, that phone on the desk could be your ultimate traitor, capable of constantly exposing all conversations within the four walls of your office.

But your smartphone is also not a trusted ally. Some news reports surfaced last week that millions of mobile phones in China unsuspectingly harbor a huge botnet.

A botnet is a network of internet-connected computers infected by some malicious malware so that their security defenses were breached and control was ceded to some third parties, usually to criminals who would then send out spam email messages, spread viruses, attack computers and servers and commit other kinds of crime and fraud.

In other words, a botnet could remotely hijack a smartphone for fraudulent activities without the slightest knowledge of the phone owner.

Most notably, most of the known botnets target Microsoft Windows systems, according to Wikipedia.

Another well publicized bit of news earlier this month relates to the software Java, which the US Department of Homeland Security urged the public to disable from their computers to prevent potential exploitation by criminals to commit identity theft.

These cyber espionage and cyber criminal activities aren't anything new but the rapid technological advances in computing and electronic devices in recent years, coupled with the equally phenomenal surge in use by the masses, have thrown the doors wide open for rampant and flagrant abuse. And the tide is moving in fast and is up above our knees.

(Vanson Soo runs an independent business intelligence and commercial investigations practice specialized in the Greater China region. A version of this also appeared in The Standard of Hong Kong. Email: soovans@gmail.com)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Protected by WP Anti Spam