November 22, 2005 12:23 PM PST
Foreign powers are main cyberthreat, U.K. says
- Related Stories
Nigeria joins antiscam effortNovember 4, 2005
'Bot herders' may have controlled 1.5 million PCsOctober 21, 2005
U.S. cybersecurity due for FEMA-like calamity?October 10, 2005
Asian Trojans attacking U.K., agency warnsJune 16, 2005
Cybersecurity and the question of leadershipNovember 18, 2004
The National Infrastructure Security Co-ordination Centre said on Tuesday that the most significant electronic threats are content-based, targeted, Trojan horse e-mail attacks from the Far East.
"Foreign states are probing the CNI for information," said Roger Cummings, the director of NISCC, speaking at SANS Institute's launch of its Top 20 Critical Internet Vulnerability Listing in London.
The agency is in charge of defending the U.K.'s critical national infrastructure, which is made up of financial institutions; key transport, telecom and energy networks; and government organizations.
NISCC is working with its equivalents in the countries concerned to try to shut the attacks down, Cummings said. The agency cannot name the countries concerned as this may "ruin diplomatic efforts to halt the attacks," he added.
The attackers appear to be aiming to gather commercially or economically valuable information, according to NISCC research.
"We call it the 'malicious marketplace,'" Cummings said. "Exploit writers can make money by selling exploits. Who are the most capable organizations to make use of exploits? Foreign states are the most capable actors. They are currently sitting up at the top of the marketplace."
Cummings said the most significant element in the malicious marketplace is foreign states, whose target is information. Next are criminals who are trying to compromise the CNI in order to sell information. Hackers motivated by kudos or money have "a variable capability" when it comes to attacks, Cummings said. However, these pose a more serious threat than terrorists, who currently have a low capability, he said.
However, there is a chance that these groups will increasingly work together, Cummings noted.
"The risk from criminals increases when they get into bed with hackers. The capability of terrorists will increase if they employ hackers," he said. "We are concerned that the malicious marketplace will make available exploits that can do us damage."
Although foreign states are currently the most capable of launching attacks, NISCC expected criminal capability to "expand and start to bump against foreign states," Cummings said.
Cyberterrorism is a controversial subject within the security industry. Some experts, such as Bruce Schneier, have claimed the threat doesn't exist. Speaking in April, Schneier, the chief technology officer at Counterpane Internet Security, said that some organizations have been abusing the term in an attempt to fuel their budgets.
Cummings said people needed to be aware of the threat from terrorism, but stressed that he didn't want to hype the threat or alarm people.
"We are constantly aware that terrorists can attack us in a whole host of ways. There is concern that terrorists can acquire exploits through the malicious marketplace. We would say there is hype around cyberterrorism, but we need to remain eternally vigilant," Cummings said.
Tom Espiner of ZDNet UK reported from London.
1 commentJoin the conversation! Add your comment