August 26th, 2005

The myth of the cyber-meltdown

Posted by George Ou @ 10:36 am

Categories: Security

Tags:

We’ve all heard of the impending doom of the cyber-meltdown by all the so-called experts in cyber-terrorism but unfortunately they couldn’t be further from the truth.  There will be no cyber-meltdown in the form of a massive cyber-attack that will cripple the Internet and IT infrastructure.  Not only is such a thing extremely unlikely on a technical level, but it’s foolish to think that any terrorist is interested in a glorified denial of service cyber attacks designed to kill computers because they’re much more interested in killing civilians.  They’re not interested in shutting down a bunch of computers or networks for a few hours because they’re more interested in shutting down critical infrastructure such as buildings and bridges.

Having said all that, the real and present danger is cyber-intrusion and it’s growing by leaps and bounds.  This includes cyber-terrorism, government and corporate cyber-espionage, and cyber-crime and it’s all about intrusion for the purpose of acquiring information.  If anything, denial of service attacks and worms that harass the computing world are the enemy of cyber-intruders because they raise the alarm bells and harden the network against further exploit.  No serious hacker in the arena of cyber-intrusion is interested raising any alarm bells because it will only result in the loss of a valuable backdoor planted deep inside the soft underbelly of the network. 

In the case of cyber terrorism, valuable information comes in the form of military planning and blueprints for public buildings and bridges.  Such information is extremely valuable to Al Qaeda for the purpose of planning their next terrorist bombing.  According to Roberto Preatoni who founded Zone-H.com and is an instructor on cyber-intrusion, he had actually seen evidence that Al Qaeda hackers gave blueprints of US military bases to the terrorists.  The reconnaissance value in cyber-intrusion is almost priceless whereas a denial of service attack is nothing more than a temporary nuisance that only draws unwanted attention.  The only time denial of service attacks makes sense to cyber-criminals is when they’re trying to blackmail individual businesses with the threat of a distributed denial of service attack, but this is usually under the radar where it doesn’t draw any attention.

In this weeks report on the massive and escalating number of Chinese cyber attacks against US military and Government networks in our new ZDNet Government section, the story illustrated the alarming exponential rate of growth in cyber-warfare.  Russian President Vladimir Putin recently boasted that his country had the world’s best hackers, but China is trying to challenge Russia for that title.  So far they’ve only managed to lead in the quantity of attacks but not capability.  According to Preatoni who has seen the state of Chinese cyber penetration research labs, China lags behind Russia on most things but excels in Internet Explorer exploit research.  Foreign Governments and terrorists alike have found that cyber-intrusion pays great dividends and are actively recruiting hackers to wage cyber-warfare.  The US and other technologically advanced nations have the most to lose because they are the most computerized and susceptible to cyber-intrusion.  With over 3 million computers in just the Department of Defense alone, the US military has a huge problem keeping intruders out.  Information security in general is far behind the times and the problem seems to get worse with each passing day.  While "expert" witnesses divert congress and the media to the myth of the cyber-meltdown as the next great imminent threat, the real problem of cyber-intrusion grows and the era of cyber-warfare is upon us.