Code War replacing Cold War: security experts

Nations will launch online attacks and extremist groups will add cyber attacks to their tactics, according to Cofer Black, who spent 28 years in the Central Intelligence Agency before becoming a private consultant.

"You had the Cold War, the global war on terrorism... now you have the Code War," Cofer said at a major Black Hat computer security gathering in Las Vegas.

"The natural thing will be for Al-Qaeda to fall back to things that are small and agile," he continued. "They will enter the cyber world."

It will fall to computer security specialists such as the 8,500 Black Hat attendees to fortify defenses against such attacks and overcome the challenge of identifying culprits.

Figuring out who is behind cyber attacks is imperative as the United States and other countries weigh the option of real-world military retaliation for virtual incursions, according to Cofer.

"Boy, hold onto your seat," he told the gathering. "I could see myself in the situation room on the receiving end of a technical attack with physical dimensions saying 'Who did this and what are we going to do?'"

A sophisticated hacking campaign exposed earlier by computer security firm McAfee was no surprise to Cofer, who saw it as a sign of more to come.

The United States, United Nations, defense contractors and the International Olympic Committee were targets of a massive global cyber spying campaign, McAfee said, with China seen as the likely culprit.

California-based McAfee said in a report that it had identified 72 victims in 14 countries of a hacking effort dubbed "Operation Shady RAT," which it traced back to at least 2006.

McAfee vice president for threat research Dmitri Alperovitch described it as a "five-year targeted operation by one specific actor" but declined to identify the country responsible.

The "compromised parties" included the governments of Canada, India, South Korea, Taiwan, the United States and Vietnam, McAfee said, as well as a US Department of Energy research laboratory and around a dozen US defense contractors.

Others included computer networks of the United Nations, the Association of Southeast Asian Nations, the International Olympic Committee, Asian and Western national Olympic committees and the Montreal-based World Anti-Doping Agency.

Alperovitch, the lead author of the report, said the intrusions into the systems of defense contractors targeted "sensitive military technologies."

"We believe based on the targeting and the scale and the impact of these operations, and the fact that they didn't just have an economic gain in mind but also political and military, that that this is clearly a nation-state but we're not pointing the finger at anyone," Alperovitch said.

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said the evidence may not be "conclusive in a legal sense," but suspicion points toward China.

"Validation of threat and attack will come into your world," Cofer told the Black Hat gathering.

"Chaos and confusion can be inhibitors to clear action," he continued. "There is a delay to validation, and this is a great problem."

Attribution is challenging because attackers can obscure trails with tactics such as bouncing off computer servers in various countries or using virus-infected computers without owners knowing.

Collaboration between various players on the Internet could make it harder for hackers to hide, according to Microsoft Security Response Center director Mike Reavey.

"There are ways that the industry can do more to make attribution easier," Reavey said. "You can apply tools we use to fight crime in the physical world to the cyber world."

(c) 2011 AFP