Friday, February 10, 2012

Can Hackers Destroy The Internet?



Can Hackers Destroy The Internet?
http://www.forbes.com/sites/kenrapoza/2012/02/08/can-hackers-destroy-the-int
ernet/


Botnets, trojans, SQL injections and DDoS attacks.  Most internet users have
no idea what those things are, or how they are shaping the future of their
connected lives.  One thing is certain, more computers and wireless devices
are going to be compromised this year than were last year.  Some companies
will go out of business as a result. State secrets will be revealed.  A
mysterious charge will appear on your credit card bill each month.

Over 70,000 new cyber security threats are discovered on a daily basis.
Even the strongest networks are not safe from hackers. Last year's
well-reported hacks included the Central Intelligence Agency, U.K. Treasury,
Lockheed Martin, and Sony's famous compromise of 77 million online user
accounts in August and again in October 2011. The Apple operating system is
not safe. PC systems are definitely not safe. Android smartphones are a
mobile hackers favorite platform.

Some will be the handiwork of hactivist groups like Anonymous, trying to
make a socio-political point by interrupting corporate and government
computer servers; others will be multimillionaire criminals hiding out in
Moscow, writing malware so sophisticated, like the new Foncy trojan that it
disguises itself as an EA Sports NFL Madden 2012 download.  Click on it, and
instead of Tom Brady throwing spirals to the Brady Bunch, this program will
remotely operate your Android phone. Only, it's not crank calling your
girlfriend. It's downloading your credit card information.

"Cyberspace is crucial for social and economic development and we are
getting to a point where attacks can destroy the internet infrastructure,"
said Alexander Ntoko.  He's the head of the corporate strategy division at
the International Telecommunication Union, a UN agency. Ntoko is also
responsible for managing the execution of the ITU's Global Cybersecurity
Agenda, a global framework for international cooperation launched by the ITU
Secretary-General way back in 2007 in response to calls from ITU members for
someone to organize a global effort to rebuild trust and security in the
information society.

Eugene Kaspersky is the jovial, traveling salesman and CEO of Moscow-based
Kaspersky Lab, one of the biggest internet security firms in the world. He
is not as upbeat on stage as he appears in real life. He is the Nouriel
Roubini of cyber space, the web's own Dr. Doom.

"If we fail to patch these holes in the internet that all of these threats -
from hactivists to cyber gangs to state sponsored cyber attacks like Stuxnet
- then the internet as we know it is gone," he told a gathering of about 100
journalists and IT specialists in Cancun this week.

"We Are Legion. We Do Not Forgive. We Do Not Forget." - Anonymous

What's in store for 2012? The usual, only kicked up a notch. Every year, the
wall around the internet gets broken down a bit more. The cyber Orcs of
Middle Earth are beating down the gates and they keep coming. Waves and
waves of them in fact keep marching over the hills, like the CGI armies of
endless muscular bad guys in the Lord of the Rings trilogy.  Where does it
end, you wonder.  You just keep seeing Orcs as far as the eye can see.

This year will see more Advanced Persistent Threats, or APT,
state-sponsored cyber attacks, more Android OS malware, new MacOS malware,
stolen certicates and more crypto attacks, super sophisticated attacks
against big security firms like VeriSign, and more attacks against the
cloud.

In the internet story, there are five main and supporting actors. The most
spectacular antagonists are the hactivists like Anonymous and LulzSec; the
most dangerous are the criminal gangs like ZeuS; and the most sophisticated
actors are the nation states that were behind the stuxnet worm that infect
Iran nuclear power plants in 2010. The protagonists in all this are the
software giants and the IT security firms like Symantec, McAfee and
Kaspersky, to name the top three.  Anonymous will try to hack into Google
again this year.  Nations will continue with their cyber wars.  In 2012, all
of these guys will have at each other on a daily basis.

And it's getting worse.

"The internet was not designed with security in mind and now we are all
scrambling to patch the various platforms out there to keep it safe. There
are tons of people working on this now and every day they find more holes in
the system so you are reaching a point where the internet as we know it will
probably always exist, but it will coincide with another internet where
anonymity is impossible," said Roel Schouwenberg, Senior Anti-Virus
Researcher at Kaspersky Lab in Massachusetts, their U.S. headquarters.


The New York Times looked into this as recently as 2009. It's not a new
concept. I asked Roel if people in the IT security business were seriously
thinking that a safer, secondary internet was possible, if not a necessity.
"I think everyone would like to have a new internet at this point. It's just
getting more and more crazy."

Apparently, a lot of influential people agree with him, not just the IT
security guys who profit from internet security.  More governments are
looking into cyber security now than ever before.  They see it as one of the
most important security problems in the world. Forget uploading an SMS
Trojan that keeps texting 1-900 numbers. What about Iran breaking into the
CIA computers and discovering the name of every deep cover agent in the
Middle East? What if LulzSec wants to protest the military industrial
complex and cracks into Lockheed Martin's specs for a new F-35 and posts it
on their website?

That's made the internet the fifth domain of the military going forward.
Ex-CIA director and current Secretary of Defense Leon Panetta said recently
that the U.S. has to be prepared not only to defend against cyber attacks,
"but if necesary we are going to have to be prepared to be be aggressive
when it comes to cyber efforts as well."

Some companies have been hacked out of business.  Dutch firm DigiNotar was
providing the digital infrastructure to the Dutch government before hackers
made a fool of it. It was hacked repeatedly in July 2011.  The hackers
generated websites like the Mossad, CIA and M16 as being the source of the
attacks. But IT security analysts working on the DigiNotar hack found
another site that was sourced. An unknown, written in Farsi:
RamzShekaneBozorg.com.  Translated, it means, God, great cryptologist, I
will sacrifice my life for my leader. Or something like that.

Was it an Iranian government operation? Was it a Muslim in The Netherlands?

Cyber criminals can earn millions. They have made enough money to retire,
buy night clubs, yachts, and move their businesses into the real world. If
the police have not collected sufficient info on them, they will get away
with helping make the internet the dark alley it is becoming.

Stefan Tanase, Senior Security Researcher at Kaspersky said that in 1994
there was one virus discovered every day. In 2011, there was one new virus
discovered every second. "Cyber criminals are behind most malicious code.
They are making profits. They are reinvesting those profits. And they have
exit strategies. It's becoming mature," he said.

Mega Upload started back in 1998 from the humble beginnings in the bargain
basement biz of stealing calling card numbers they got from hackers in the
U.S. "That's how Kim Dotcom at Mega started his career," said Tanase during
a presentation to media on Tuesday. Behind him, a heavy set Kim Dotcom is on
some beach with a big yacht in the background, an exotic girl in a bikini
that underweighs him by about 100 pounds lays at his feet in a green-blue
sea.  Kim was making $50 million a year when he got arrested last month for
copyright infringement.

The criminal code writing gang known as Koobface earned $2 million a year
until info was disclosed about them by Facebook in 2011.  The Russians and
Ukrainians behind Koobface are now on the run.

Hactivists, cybercriminals, and state sponsored cyber attacks are all
turning the internet inside out. That doesn't just impact a laptop. It
impacts smart phones and tablets, too. Anything that is wired to a computer
server on line is threatened by these actors.  The problem is, no one in
government or law enforcement has a handle on it. They can't even agree how
to define cyber crime and cyber warfare.

"If it causes serious financial damage, it is a cyber crime," said
Kaspersky. "If there is a damage to a nation's infrastructure, owned by the
state, and done by another state, then it is an act of war. If hactivists
and cybercriminals are behind it, it is possible to investigate it through
police. If it is against a nation, then Interpol can get other countries to
investigate. And if one country doesn't want to get involved, then maybe
they are the ones launching the attacks," he said.

The IT security and software industry is still unsure what to do with all
the information. They believe that learning how malware creators work, and
how their programs work, will help protect internet structures from attacks.

The best solution would be to create an internatioanl cyber security agency,
which defines rules of engagement for cyber attacks by a state, said
Kaspersky.  Still, that would not help in stopping the ZeuS' or LulzSec's of
the web.

"If you look at all the malware modifications a year ago for mobile devices
alone, you would see maybe 30 to 40 modifications per month. Now we get 30
to 40 modifications a day," said Denis Maslennikov, a long haired Russian
malware analyst based in Moscow. Talking about mobile malware to Denis is
like talking about Manchester United to a working class Brit; the New York
Yankees to a kid raised in Brooklyn.

He flipped open a simple, old school, black Samsung cell phone. "Look, 99%
of the malware created is to generate profits and they are succeeding.
That's why I'll never get a smart phone."

==========================================
(F)AIR USE NOTICE: All original content and/or articles and graphics in this
message are copyrighted, unless specifically noted otherwise. All rights to
these copyrighted items are reserved. Articles and graphics have been placed
within for educational and discussion purposes only, in compliance with
"Fair Use" criteria established in Section 107 of the Copyright Act of 1976.
The principle of "Fair Use" was established as law by Section 107 of The
Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain
permission or pay royalties for the use of previously copyrighted materials
if the purposes of display include "criticism, comment, news reporting,
teaching, scholarship, and research." Section 107 establishes four criteria
for determining whether the use of a work in any particular case qualifies
as a "fair use". A work used does not necessarily have to satisfy all four
criteria to qualify as an instance of "fair use". Rather, "fair use" is
determined by the overall extent to which the cited work does or does not
substantially satisfy the criteria in their totality. If you wish to use
copyrighted material for purposes of your own that go beyond 'fair use,' you
must obtain permission from the copyright owner. For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml

THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS
PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.

--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
 
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.

No comments:

Post a Comment