Growth of dangerous targeted attacks
While law enforcement was becoming more effective against cybercriminals, 2012 also saw growing concern about state-sponsored cyber attacks, as well as exploits launched in apparent cooperation with states to achieve strategic objectives. To the extent that these attacks proliferate and are confirmed, high-value government and private targets will face worrisome new risks. Lower value targets will also need to increase vigilance in order to avoid becoming collateral damage. This will mean, among other things, strengthening their own network security efforts—and integrating them with other security services to detect and repel attacks more rapidly.
In this category, the Flame attack got the most publicity in 2012, but its significance and effectiveness were far from clear. More recently, the destructive Shamoon Trojan (Troj/Mdrop-ELD) apparently caused significant damage throughout the Middle East’s energy sector. According to the BBC and The Register, it infected some 30,000 computers, taking Saudi Arabia’s national oil company network offline. Soon thereafter, Qatar’s natural gas firm RasGas was attacked, taking its network and website offline as well, and leaving its office systems unusable.
We saw hints of organized cyber attacks against the U.S. Late in September, U.S. Senator Joseph Lieberman pointed to massive recent DDoS attacks targeting Bank of America, JPMorgan Chase, Wells Fargo, Citigroup and PNC Bank, and alleging without public proof that these attacks were “done by Iran… [as] a response to increasingly strong economic sanctions the U.S. and its allies have put on Iranian financial institutions. It is, if you will, a counter attack...”
According to Bloomberg, whatever their source, these new attacks “have breached some of the nation’s most advanced computer defenses and exposed the vulnerability of its infrastructure.”
By their very nature, state-sponsored cyber attacks (and attacks by highly-sophisticated private teams closely allied with states) are difficult to track and prove—and equally susceptible to being overhyped. Nevertheless, more actors appear to be developing the capability to execute such attacks. And, once they possess such a capability, the temptation to use it will be substantial.
< Back Next >