Yesterday I attended a lunch hosted by security vendor Websense. The company trotted out the usual warnings about script kiddies having become hardened criminals, applications being the target for modern attacks, the Web as the most likely vector and the company's products as an especially-cunning risk-reducer.
Nothing to write about there.
But then came the company’s guest, Bob Hinch, National IT Security Manager at News Limited. Hinch said one of the big problems he faces is denial of service (DOS) attacks on News properties. Those attacks, he said, are more likely to occur when News reports on matters that may irk a foreign power.
I asked if that means coverage of Falun Gong, a quasi-religious organisation opposed by the Chinese Communist party, means his team scrambles to ensure it can defend News against incoming DDOS attacks.
Hinch said his team does not monitor the company’s output to create a better defensive posture, but that stories of this sort see increased volumes of threatening email . Those emails, he said, make quite explicit threats and appear credible.
As I left the lunch, I thought about writing a story along the lines of “China attacks News Ltd.” It would have been a nice angle, as it would have built on the idea that foreign governents are warring online, as shown by Operation Aurora and the infamous cyber-takedown of Estonia that was first alleged to have been perpetrated by Russia.
As I reflected on the angle, I decided against the story. For one, Hinch’s evidence was an assertion and I’d like more proof before giving credence to such a serious allegation, given how easy it is to mask one's identity online. Secondly, even if the threats come from China, it’s a big leap to assume that any attack emanating from that nation is sponsored by or connected to its government. We don't assume that governments of other nations known as a source of cybercrime sponsor those activities, so why the different logic in this case? It’s also, as has been pointed out elsewhere, currently quite fashionable – and insulting – to assume that any IT concern from China always has an eye on its national security and their products cannot therefore be trusted.
Thirdly, it’s surely naive to assume that any nation ignores the Net as a tool in its defence and/or espionage activities. ASIO last year said Australia is under constant attack online. I suspect we are not fighting back by fixing bayonets!
So sure: there may be Reds under the Routers. But before we all get too excited about this, lets remmeber there are almost certainly idealogs of every other hue trying to find an open port too!