McAfee Thursday issued its annual Virtual Criminology Report on current and emerging global cyber security trends, much of which reiterates what has been apparent for some time: there is a cold war taking place through the Internet with the help of malicious hackers.
The report, a collection of input from the FBI, NATO, the Serious Organised Crime Agency (SOCA) in England and experts from leading security groups and universities, covers three significant trends facing the Internet and world community, which are pretty much one in the same.
They are: an increase in international espionage, with "cyber cold war" becoming a reality; an increase in threats to personal data and online services; and an underground economy that equips criminals for cyber crime with increasingly sophisticated tools.
According to the London Times, the Pentagon logged more than 79,000 attempted intrusions in 2005, and about 1,300 were successful, including penetrating of computers for the Army's 101st and 82nd Airborne Divisions and the 4th Infantry Division. Chinese hackers have also intruded on the State Department's computers and the US Naval War College's network.
It has gotten to the point that President Bush said he would raise the issue with Chinese President Hu Jintao at the APEC Summit last September. China denied involvement even though security experts fairly conclusively traced the source of the attacks back to China. "I don't expect that governments will jump up and raise their hand and say 'yes it was us'," said Craig Schmugar, a threat research manager for McAfee's Avert Labs.
But despite Bush's comments to Hu and an urgent warning to Congress from the US-China Economic and Security Review Commission about the Chinese threat to American systems, it seems to take a lot to get some attention on the problem. "Some of these attacks aren't a priority, due to a lack of resources. Unfortunately, it's going to get worse before they finally put some muscle behind it," said Schmugar.
The second issue is the increasing sophistication of threats. "It's hard not to notice that," noted Schmugar. "The Storm worm will be a poster child to other malware authors." Storm was a particularly nasty worm that has been very hard to eradicate because it is so complex and sophisticated and its method of replication is so hard to stop.
Part of the problem is cyber criminals now have access to the equivalent of a software development kit to build their malware, meaning even a beginner can now make a fairly dangerous piece of malware.
Schmuger also said there is an increase in the sophistication of attacks. Whereas before malware was hidden in an out of the way location easily blocked by security software and gateways, now there is an increase in compromised reputable sites, either through ad sites or cross site scripting.