Cyber Spying Set to Explode

Organized criminal activity will continue to be a big risk on the Internet next year, but the growing tumors of cyber espionage and cyber warfare could metastasize, suggests security firm McAfee.

In fact, it predicts that the rise in international cyber spying will pose the single biggest security threat in 2008, based on findings from its annual cyber security study.

Other threats will be a continuation of such long-standing trends as targeted hacking against banking and financial operations, and the commercialization of the malware market.

State-Sponsored Hack Attack

These latter trends have been on security researchers' radar for many years, but cyber spying is a relatively new development, noted Dave Marcus, security research and communications manager for McAfee Avert Labs.

This year, "we have seen a huge increase in cyber attacks against national security," he told TechNewsWorld. Some of the attacks have targeted the United States. Others have been directed against such countries as Germany, India, Australia, New Zealand and Estonia.

"You don't always go for the biggest kahuna on the block -- sometimes it is smarter to target second-tier interests and then use that information to target first-tier intelligence assets," Marcus said, referring to the attacks against New Zealand.

Targets include national infrastructure network systems, such as electricity, air traffic control, financial markets and government computer networks, according to the report, which found that there are 120 countries using the Internet for Web espionage operations.

As in the early days of malware activity, cyber attacks are steadily increasing in sophistication and purpose: They have progressed from initial curiosity probes to well-funded and well-organized operations for political, military, economic and technical espionage, the report said.

China's Role

China is widely suspected of sponsoring many of these attacks. In September, for instance, it was reported that the People's Liberation Army had made numerous incursions into the Pentagon over a period of several months.

Although it has acknowledged publicly that it engages in cyber spying, Marcus noted, the Chinese government often denies specific incidents. "However there is usually some indication -- a China-based IP address or Web site -- that points back to the government or country."

Other sponsors -- although there is less evidence supporting their governments' participation in these activities -- include Korea and Germany.

Warnings Premature?

While there appears to be a general consensus that cyber espionage is on the rise, there's less agreement on whether it is approaching the level of cyber warfare.

"Warfare means there is death and economic devastation," Dmitri Alperovitch, principal research scientist with Secure Computing, told TechNewsWorld. "The events we have seen thus far do not come close to that."

The massive denial of service attacks that took down Estonia's banking and government networks earlier this year posed a major inconvenience, Alperovitch said, but it has since been determined that little or no information of value was lost in the attacks.

"It was more a cyber riot than cyber war," he remarked. "The country's security was never in jeopardy."

The most likely scenario to unfold, in Alperovitch's view, is an attack on a country's network in conjunction with a terrorist attack or traditional warfare.

This could take the form of another terrorist attack like 9/11, for example, accompanied by a targeted cyber attack on the online network used by first responders. Another possibility might be a cyber attack interfering with supply chain or other mobilization operations timed to coincide with an air or ground assault.

Other Trends

Meanwhile, conventional Internet malfeasance is expected to continue to flourish, McAfee said.

Cybercrimes will range from resilient super viruses that modify themselves over and over again and contain highly sophisticated functionality, such as encryption, to new twists on old themes, such as vishing -- that's phishing on VoIP (Voice over Internet Protocol).