Code War replacing Cold War: security experts

Aug 04, 2011 by Glenn Chapman
Analyists at the US National Cybersecurity & Communications Integration Center (NCCIC) in Arlington
File photo of analyists at the US National Cybersecurity & Communications Integration Center (NCCIC) in Arlington. Figuring out who is behind cyber attacks is imperative as the United States and other countries weigh the option of real-world military retaliation for virtual incursions

A US counterterrorism expert warned that the Cold War has given way to a "Code War" in which cyber weapons can be unleashed with devastating consequences.

Nations will launch online attacks and extremist groups will add to their tactics, according to Cofer Black, who spent 28 years in the Central Intelligence Agency before becoming a private consultant.

"You had the Cold War, the global war on terrorism... now you have the Code War," Cofer said at a major Black Hat computer security gathering in Las Vegas.

"The natural thing will be for Al-Qaeda to fall back to things that are small and agile," he continued. "They will enter the cyber world."

It will fall to such as the 8,500 Black Hat attendees to fortify defenses against such attacks and overcome the challenge of identifying culprits.

Figuring out who is behind cyber attacks is imperative as the United States and other countries weigh the option of real-world military retaliation for virtual incursions, according to Cofer.

"Boy, hold onto your seat," he told the gathering. "I could see myself in the situation room on the receiving end of a technical attack with physical dimensions saying 'Who did this and what are we going to do?'"

A sophisticated hacking campaign exposed earlier by firm McAfee was no surprise to Cofer, who saw it as a sign of more to come.

The United States, United Nations, defense contractors and the International Olympic Committee were targets of a massive global cyber spying campaign, McAfee said, with China seen as the likely culprit.

California-based McAfee said in a report that it had identified 72 victims in 14 countries of a hacking effort dubbed "Operation Shady RAT," which it traced back to at least 2006.

McAfee vice president for threat research Dmitri Alperovitch described it as a "five-year targeted operation by one specific actor" but declined to identify the country responsible.

The "compromised parties" included the governments of Canada, India, South Korea, Taiwan, the United States and Vietnam, McAfee said, as well as a US Department of Energy research laboratory and around a dozen US defense contractors.

Others included computer networks of the United Nations, the Association of Southeast Asian Nations, the International Olympic Committee, Asian and Western national Olympic committees and the Montreal-based World Anti-Doping Agency.

Alperovitch, the lead author of the report, said the intrusions into the systems of defense contractors targeted "sensitive military technologies."

"We believe based on the targeting and the scale and the impact of these operations, and the fact that they didn't just have an economic gain in mind but also political and military, that that this is clearly a nation-state but we're not pointing the finger at anyone," Alperovitch said.

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said the evidence may not be "conclusive in a legal sense," but suspicion points toward China.

"Validation of threat and attack will come into your world," Cofer told the Black Hat gathering.

"Chaos and confusion can be inhibitors to clear action," he continued. "There is a delay to validation, and this is a great problem."

Attribution is challenging because attackers can obscure trails with tactics such as bouncing off computer servers in various countries or using virus-infected computers without owners knowing.

Collaboration between various players on the Internet could make it harder for hackers to hide, according to Microsoft Security Response Center director Mike Reavey.

"There are ways that the industry can do more to make attribution easier," Reavey said. "You can apply tools we use to fight crime in the physical world to the cyber world."

Explore further: Angry Bitcoin investors demand answers at Tokyo creditors' meet

add to favorites email to friend print save as pdf

Related Stories

Too much hysteria over cyber attacks: US experts

Feb 15, 2011

Overblown talk of full-on cyber war between nations fueled by recent attacks like the computer worm Stuxnet could hamper Internet security efforts, officials and experts warned Tuesday.

Report: Global cyberattack under way for 5 years

Aug 03, 2011

(AP) -- A computer security firm says cybercriminals have spent at least the past five years targeting more than 70 government entities, nonprofit groups and corporations to steal troves of data.

Recommended for you

Social Security spent $300M on 'IT boondoggle'

4 hours ago

(AP)—Six years ago the Social Security Administration embarked on an aggressive plan to replace outdated computer systems overwhelmed by a growing flood of disability claims.

Six charged in global e-ticket hacking scheme

4 hours ago

Criminal charges were filed Wednesday against six people in what authorities said was a global cyber-crime ring that created fraudulent e-tickets for major concerts and sporting events.

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

paulthebassguy
2 / 5 (12) Aug 04, 2011
Why does everything have to be a " war"? Can't these people understand peace and cooperation?
TheSpiceIsLife
not rated yet Aug 04, 2011
More Fear Uncertainty and Doubt from those trying to create an industry for themselves, keep the defence dollars rolling.
Dichotomy
not rated yet Aug 04, 2011
The best defense against cyber attacks is simple; A wired and closed computer network. Need to move something from the network to the internet via email or vice-versa, use a disk and a seperate machine. Again not rocket science. If you don't want it compromised don't put it on a machine connected to the internet, its that simple.