How concerned should the UK be about cyber terrorism?

In view of the cyber-warfare dimension to the Russia-Georgia conflict, and the Chinese cyber-espionage ongoing against the west since c.2003 ("Titan Rain", and so on), how concerned should we in the UK be about state-sponsored hacking?

Chinese and Russian electronic incursions against other nations' Critical National Infrastructures worldwide have been well publicised. Such concerns about electronic attacks are not limited to the UK (see National Risk Register 2008, section 2.111).

An article by the Times of India reported that digital attacks on Indian systems have been traced back to "Internet Protocol addresses of servers in China believed to be under indirect control of the People's Liberation Army". In Germany Chancellor Angela Merkel's office had a number of computers compromised, and this was blamed on Chinese "hackers".

The list of complaints goes on

Computer espionage is not under the sole ownership of China and Russia though. Reports of corporations mysteriously owning Intellectual Property of their competitors (Kvaerner vs VAI) have been raised. Other nations are also accused, including Israel, which on 6 September 2007 launched an air raid on Syria. The question was why the defence system did not detect the non-stealthy F15s and F16s. It is suggested that an electronic attack like the US Suter system was launched. This "invades communications networks, sees what enemy sensors see and even takes over as systems administrator so approaching aircraft cannot be seen."

As well as organisations, and nation states, other groups are also blamed. The Computer Crime Research Centre claims that Pakistani hackers and terrorists were targeting Indian infrastructure. Even the US recognises the need for electronic attack capability by establishing the Air Force Cyber Command which will "provide combat-ready forces to conduct sustained combat operations through the electromagnetic spectrum", although it is worth noting its future is now in question.

It is perfectly clear that electronic warfare is not conducted by only two nations. The capability and incentive exists for other countries, corporations, terrorist groups and individuals (see Solo, Nasa, Pentagon hacks).

However what real evidence actually exists? The IP addresses that appear to come from an IP block owned by . Unless proper forensic analysis can be done on the system, we do not know if it perpetrated the attack or was just another system in an elaborate chain. There is no way of confirming if it was state sponsored, a blind eye was turned or nothing was known.

How concerned should we be? Whether the attack comes from the other side of the world or an insider does it matter? Capability for attacks exist with individuals (see MafiaBoy) just as it does entire nations, so the bottom line is expect the worst and protect your infrastructure for all eventualities.

This was last published in September 2008

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close