Discussing cyber terrorism is like discussing a disease. It’s confusing, complex, frightening and infused with a sense of deep foreboding.
Ars Technica posted a story this week that has all those elements in abundance. The bottom line is that researchers have turned up a massive (39 country-strong) espionage network that has gone undetected for five years.
The main source in the story is Kaspersky Lab’s researcher Kurt Baumgartner. The network, dubbed “Operation Red October,” seems to be all over the place, which makes the fact that it has gone undetected for half a decade pretty alarming. The fact that such a big operation can hide in plain sight – even after it is uncovered – is perhaps the scariest part:
Little is known about the people or organizations responsible for the project, and conflicting data makes it hard to attribute the nationality of the attackers. While the malware developers spoke Russian, many of the exploits used to hijack victim computers were initially developed by Chinese hackers. Also clouding the identity of the attackers is the long roster of victims. The Russian Federation was the most targeted country, followed by Kazakhstan, Azerbaijan, Belgium, India, Afghanistan, Armenia, Iran, and Turkmenistan. In all computers belonging to 39 countries from a variety of continents are infected.
The fact that United States is not named in the top level of victims is cold comfort in our interconnected world. The problem is that the bad guys are every bit as smart as those on the right side of the line.
This BusinessWeek story from Jan. 11 is a bit ironic in that it is based on the idea that the government needs help in getting the good information it develops on cyber threats before the public. The piece reports that Lockheed Martin and CenturyLink are the first companies to enter a federal program in which they receive cybersecurity information from the feds and repackage it for sale to subscribing companies.
The story offers a quote from Eric Rosenbach, a deputy assistant secretary of defense for cyber policy, in which he says that profit can be a great security motivator:
“The vision is we take something unique that isn’t available in the public domain and give it to the private sector and rely on their ability to innovate, push and market,” said Rosenbach, who previously was a national security adviser to former Senator Chuck Hagel, President Barack Obama’s choice to be the next defense secretary.
More news came last week from EurActiv as the newly launching European Cybercrime Centre (EC3) – which was set to debut on Jan. 11 – said it would work closely with the FBI and Secret Service. The story says EC3 will take aim at attacks on e-banking and other financial institutions, online child sexual exploitation and, according to the story, other “crimes affecting the EU’s critical infrastructure.”
There is no shortage of news about cyber criminality. The juxtaposition of these three stories in particular raises an interesting point. The latter two – about the innovation of the U.S. government in pushing security by letting for-profits get involved and the cooperation between the feds and the European Union – make the first a bit scarier. It seems odd and disconcerting that, in an age where so much time and money are spent on fighting cyber terrorism, an extraordinarily sophisticated network such as the one described at Ars Technica could run under the radar for so long.