Report: Countries prepping for cyberwar

Countries armed with "cyberweapons," according to McAfee.

(Credit: McAfee)

Major countries and nation-states are engaged in a "Cyber Cold War," amassing cyberweapons, conducting espionage, and testing networks in preparation for using the Internet to conduct war, according to a new report to be released on Tuesday by McAfee.

In particular, countries gearing up for cyberoffensives are the U.S., Israel, Russia, China, and France, the says the report, compiled by former White House Homeland Security adviser Paul Kurtz and based on interviews with more than 20 experts in international relations, national security and Internet security.

"We don't believe we've seen cases of cyberwarfare," said Dmitri Alperovitch, vice president of threat research at McAfee. "Nations have been reluctant to use those capabilities because of the likelihood that [a big cyberattack] could do harm to their own country. The world is so interconnected these days."

Threats of cyberwarfare have been hyped for decades. There have been unauthorized penetrations into government systems since the early ARPANET days and it has long been known that the U.S. critical infrastructure is vulnerable.

However, experts are putting dots together and seeing patterns that indicate that there is increasing intelligence gathering and building of sophisticated cyberattack capabilities, according to the report titled "Virtually Here: The Age of Cyber Warfare."

"While we have not yet seen a 'hot' cyberwar between major powers, the efforts of nation-states to build increasingly sophisticated cyberattack capabilities, and in some cases demonstrate a willingness to use them, suggest that a 'Cyber Cold War' may have already begun," the report says.

Because pinpointing the source of cyberattacks is usually difficult if not impossible, the motivations can only be speculated upon, making the whole cyberwar debate an intellectual exercise at this point. But the report offers some theories.

For instance, Alperovitch speculates that the July 4 attacks denial-of-service on Web sites in the U.S. and South Korea could have been a test by an foreign entity to see if flooding South Korean networks and the transcontinental communications between the U.S. and South Korea would disrupt the ability of the U.S. military in South Korea to communicate with military leaders in Washington, D.C., and the Pacific Command in Hawaii.

"The ability of the North Koreans to disable cybercommunications between the U.S. and South Korea would give them a huge strategic advantage" if they were to attack South Korea, he said.

There have been earlier attacks that smack of cyberwarfare too. Estonian government and commercial sites suffered debilitating denial-of-service attacks in 2007, and last year sites in Georgia were attacked during the South Ossetia war, orchestrated by civilian attackers, the report says.

The report concludes that if we aren't seeing it already, cyberwarfare will be a reality soon enough.

"Over the next 20 to 30 years, cyberattacks will increasingly become a component of war," William Crowell, a former NSA deputy director, is quoted as saying. "What I can't foresee is whether networks will be so pervasive and unprotected that cyberwar operations will stand alone."

[Paldasan]

You'll find a number of suspicious incidents have occurred this year in Australia, starting a very short time after a merger between Rio Tinto and Chinalco was knocked back by Rio. In another completely unrelated incident after this knockback a Rio employee was imprisoned in China for "attempting to bribe officals".

[Warhaven]

Since when was bribing officials illegal in China?

[n3td3v]

The long term strategy is for America to incite cyber war with the East. They want to use Cyber war and cyber terrorism to hold countries to economic ransom if countries do not comply with political and military objectives.

America will use the threat of shutting off critical infrastructure of countries if political leaders don't agree to deals that America want to make with others.

This (cyber war / cyber terrorism) is a far more clean cut and covert 'serious consequences' punishment than sending in the B-52's or sending in CIA human assets on the ground to carry out over throw ops against a government not complying with trade and industry deals between governments in the east and west.

This what you see on media outlets is a secret war build up that is due to be played out as soon as U.S intelligence are happy Obama has done enough to secure cyber.

U.S can't carry out the ops it wants to carry out in the cyber domain until its country has met a certain standard of cybersecurity which it is currently not met.

The U.S can only carry out pocket attacks right now on small countries such as Estonia, Georgia etc because U.S isn't fully secure yet to defend a counter attack that would be expected against a cyber offensive carried out by U.S.

The strategy is to make all attacks appear to be coming from Russia or other enemy state of the U.S., the U.S are ininfiltrating computers of those states, as well as covert ops by CIA to physically plant malcode within major defence companies and technology makers.

The U.S are too scared to carry out a major cyber offensive right now cause their cyber infrastructure security is poor, as soon as it isn't U.S plan cyber attacks on major countries.

Because of the poor U.S cyber defense capability right now, U.S only have limited cyber offensive capability, its all U.S have the gutts to do right now until their cybersecurity is shored up.

[freemarket--2008]

Sounds like a bunch of hype to me. US citizens love their internet and won't stand the government messing things up. If they start doing stupid crap, there will quickly be hell to pay.

If China starts something, there will be massive boycotts of Chinese-made products. As pervasive as they are, we can certainly find other sources fairly quickly.

Russia could cause problems, but I'm not sure what they would gain other than pissing many countries off.

[n3td3v]

@freemarket--2008

For sure these media reports are hype, but the threat of cyber war could become a problem once U.S manages to shore up cyber defenses.

U.S is more than capable of carrying out a cyber offensive on major countries right now, they can't use that capability to the full though without a defense posture to match to fend off a counter-strike.

If U.S hit a major city of a powerful country right now with a cyber attack, the country they hit would take down the U.S cyber infrastructure in no time.

U.S can't afford that possiblity at-the-moment of a counter-strike taking out the U.S., so U.S are playing it cool until the next 5 to 10 years when the political system in U.S has finally got cyber defenses in the private and public sector properly shored up.

The real time people should get worried about cyber war is when there is evidence the white house has managed to get the cyber defenses sorted out then you'll start to see U.S becoming far more agressive in its cyber activities as a political weapon.

In short, you can't go on a major cyber offensive without an adequate cyber defense, thats where we're at right now with U.S

[gfsdfge]

you've been reading to many spy novels dude.

[ddesy]

I think you spend to much time listening to conspiracy nuts like Alex Jones. This sounds like his irrational claims.

[ckurowic]

Being in a position where I get to see this stuff first hand quite often, n3td3v is actually correct. Those of who bashing him or claiming he reads too many novels need to pull their heads out of their behinds. The truth is often scary. Its not a conspiracy theory at all!

[georghess]

There is indeed a power-struggle ... BUT most of this is played up by "Security Companies" like McAffee to position their product on the market !!!

[Byteme2009]

To those who think that n3td3v is being paranoid or such, I am sad to say but he is probably a lot closer to being correct than you may think. We aren't talking necessarily about getting into nations military network and launching missiles or that kind of thing, but disruption of communications and services is a viable military objective that in some cases could currently be done via these means. It would make perfect sense to use this method if available.

If you need to shut down say weapons production in an industrial area, you may have several choices - maybe sending in a large military presence to fight their way in, or just bombing the heck out of the area. Both costly as far as financially, loss of life, and potential media fallout if there are large civilian casualties. What if you can send in a special forces unit or two to just take out a major component in the power station that feeds the plant that could take weeks or months to repair? Crippling ground communication lines in the first gulf war by special forces units was a major mission objective. Blowing the fiber-optic network lines and then placing mines around the access point for the first crew to respond for repair worked pretty well. Now we are getting to the point where you may not have to drop a bomb, fire a bullet, or risk any troops. If you can cripple the infrastructure of a country with cyber-attacks rather getting into an on the ground war then why wouldn't you?

[visgee]

Cyber warfare is the way wars will be waged in future. We are so dependent on computers and networks that it has to be a target for DOS and other mass lamming of vital networks. North Koreans have some sort of cyber warfare ability. Pakistan and China have been practicing indirect warfare by defacing some sites of their neighboring country. Better we be prepared than getting caught unaware and then running around in circles to thwart and reduce consequences of the attack. interconnected world makes it equally difficult to identify the source of attack.

[n3td3v]

@visgee

Nobody cares about web site defacement, thats the least of it. The website defacements are usually carried out by civilian sympathizers not connected or sponsored by government or military.

It's not of interest to a government or military to deface web sites, the units in the government and military don't want you to know they are responsible for anything, they want to remain stealth.

For a government or military to deface a web site would be giving away clues, thats not something they would do.

You'll see website defacement during cyber war although they won't be of the actual unit carrying out an operation, its sympathizers doing it.

[freemarket--2008]

The first thing we should do is shut down internet access on all zombie systems no matter where they are. That will make DDOS attacks much harder. Give people fair warning to clean up their systems then throw the switch. A side benefit would be a significant reduction in SPAM and cybercrime.

[renGek]

We'll probably eventually have cyber borders sadly. It makes sense for businesses to jump on the bandwagon. For years I wondered how tv/cable broadcasters would compete in the future if we had tv options from outside the US. If we couldn't go beyond the confines of the u.s. that would be the easy solution. So they'll jump on it.

Music/movie industry will as well because it will make piracy much harder.

And remember, in this country all you have to do is say its not patriotic or "because of security concerns" and you can have your way of any security policy no matter how ridiculous.

[tinlizziedl]

The internet is so decentralized- any attack would have to strike discrete targets. All telecom firms at once, for example. Have the government lean on hardware manufacturers to build in a hidden back door into networking and server gear.

How many telecom companies tear apart their servers and routers to find the purpose of every single chip? Would an AV program catch something that resides at the hardware BIOS level, simply listening for it's coded command to wreck havok?

[Michichael]

Oh you mean like those hard back doors in stuff sold to the military by China?

http://news.zdnet.co.uk/security/0,1000000189,39417171,00.htm

[ddesy]

Sorry, but any back door created by anyone for any purpose is a bad idea. That is, unless you really want cybercriminals to have easy ways into everything!

[NervClaX]

This is why our military hardware shouldn't be made in China. They could have spyware and killswitches in everything, man. We should be putting killswitches in pirated software on Chinese networks. Those Chinese loves them some pirated software.

And having a separate internet would only create a false sense of security. Somewhere along the line, it would be penetrated. If banks, hospitals, and the military use separate but parallel networks, it's because they want to ensure better speeds for their critical data. They're not blind to the fact they could be hacked.

[ckurowic]

"Preparing"? Where have you been lady?

[ProDigit]

you'd think that nations would have a larger brain than the brain of a teenager...
I mean, the only way to get connected 'safe' is by running a separated net, separated from the internet!

I thought any major government, and especially the military knew this by now...

[NervClaX]

Think outside of the box, please! Tapping into another country's communications could be a FAR more useful tactic in cyberwarfare than simply disabling a network. By disabling the enemy's network, you're also limiting your capacity for counterintelligence. Why bring it down when you could be inside, listening, spreading misinformation.

You think they're not doing that already? Please. Sun Tsu - Art of War, man.

[nauj_solrac]

It's good to see Canada is not involved in any of this cyberwar cr@p!

We are peaceful and diplomatic. =)