A call for de-escalating cyber espionage
Posted on | August 17, 2010 | add a comment
Earlier this month, Sophos published its mid-year 2010 Security Threat Report, revealing some alarming attitudes in support of escalating cyber espionage. In this LastWatchdog guest post, Chet Wisniewski, Sophos senior security advisor, expresses his concerns about such attitudes.
By Chester Wisniewski
In the first half of 2010 two notable incidents raised awareness of cyber-war and cyber-espionage among computer users. Google and other companies were compromised during the “Operation Aurora†attacks and Google pointed a finger at China, insisting the attack was politically motivated and the work of the Chinese government.
We also recently saw a new zero-day exploit in Windows used in an attempt to compromise critical infrastructure, the level of sophistication of which implies government sponsorship. All of this has sparked a debate among users about whether governments should engage in this activity.
Scary attitudes
In a poll of 1077 computer users, 63% said they believe that it is acceptable for their country to spy on other nations by installing malware or by hacking. Seven percent of those polled think that using crippling denial of service attacks against another country’s communications or financial infrastructure is acceptable during peacetime.
This attitude scares me. We seem to be reacting out of panic to a perceived threat in a way that will only cause the problem to escalate. I prefer the views of my colleague Paul Ducklin, who suggested we hijack this idea of cyber-warfare and turn it into cyber-victory. We should come together to better secure our computers for the sake of more secure nations.
You may differentiate between cyber-espionage and directly attacking another nation’s infrastructure to cause harm or denial of service, but we should not enter the 21st century with either cold-war style spy tactics or stockpiles of virtual weapons.
Productive discussions
Unfortunately SophosLabs are now processing more than 60,000 new malware samples per day, a 50% increase since this time last year. This is a daunting figure and shows that the pace of innovation among criminals shows no sign of slowing. Prompting our governments to accelerate this arms race will not result in any winners.
The good news is that we are seeing users engaging in intelligent, productive discussions about what we can and should do to stem the tide. People are using social networking to reach out to one another and lend a helping hand. If we intend on creating a more secure internet, it is going to require cooperation and a sense of community. I hope we can report progress on this front when we publish the next edition of the Sophos Security Threat Report.