Cyber Security Challenges
The number of cyber attacks and cyber espionage cases is expected to increase in 2015, and extremist groups will strengthen their internet offensive, according to a report issued by the security company McAfee.
România Internațional, 02.01.2015, 13:59
The number of cyber attacks and cyber espionage cases is expected to increase in 2015, and extremist groups will strengthen their internet offensive, according to a report issued by the security company McAfee. “Long-term players will become stealthier information gatherers, while newcomers to cyber-attack capabilities will look for ways to steal sensitive information and disrupt their adversaries”, reads the document. But what does cyber security stand for today, when a growing number of vulnerabilities are discovered?
Here is Bogdan Botezatu, a representative of the anti-virus software developer Bitdefender: “The concept is hard to define, given that every day around 400,000 new viruses are created, and their number is growing. Ever more cyber crime groups are generally targeting either our private information, or our identification data.”
According to analysts, some extremist groups and organisations will rely even more on cyber networks in order to launch attacks. At the same time, hackers will improve their methods to enter victim networks and steal data without being detected, and then re-sell or use those data. The report also warns that the increasing proliferation of IoT (Internet of Things) devices in environments such as health care could provide the access of malicious parties to personal data that are even more valuable than credit card data. GSM networks worldwide have been subject to espionage, and at least 14 states have already been affected.
We asked Bogdan Botezatu how efficient prevention mechanisms are in such cases: “Basically no part of our digital communication is safe any longer, because so far we have dealt with conventional criminals, with crime groups that exclusively targeted the consumer segment, in other words, the end consumers. Today we are talking about cyber warfare, about a context in which governments with virtually unlimited resources are directly involved in cyber espionage. We were able to tackle crime groups targeting end consumers, because their resources were relatively limited, but when a state actor is involved in cyber warfare, it can force companies to disclose certain information, reveal data and traffic for specific users or force entire networks, such as high-level internet providers, to route traffic through the state first. If we look at the cyber landscape of the past year, we see that cyber threats coming from governments are extremely sophisticated, resisting even top-level anti-virus products, because the respective governments can afford to buy operating system security breaches, in order to reach very large sections of the population.”
Cyber crime is on the rise, and as technology advances, the impact of such attacks becomes increasingly stronger. Giants like Facebook, previously seen as invincible, become victims. The National Security Agency (NSA), one of the most powerful and well equipped intelligence services in the US, has “lost” 58,000 documents with classified information which were made public in what is viewed as “one of the most significant information leaks in the history of the USA.” The already famous author of the 2013 attack was Edward Snowden, an IT professional under an NSA project contract.
Also last year, in spring, the 50 million users of the popular document archiving service Evernote were announced that the security of their accounts was compromised and asked to change their passwords. Evernote then introduced a new authentication system. In February 2013, the accounts of 250,000 users of the micro-blogging and social network Twitter were also compromised, when cyber criminals stole user names and passwords. E-commerce giants were also affected by cyber attacks. In May 2014, the well-known American site eBay publicly acknowledged that it was the victim of the largest cyber attack to date, in which the personal data of 233 million users were stolen.
Bogdan Botezatu explains what is actually at stake here: “The purpose of all these attacks is of a financial nature, such eliminating a certain competitor from the market and suspending their services for an indefinite time, so that major companies may be blackmailed by certain actors on the IT market in exchange for financial gains.”
A large-scale cyber attack with a disastrous impact on society is a risk that has long been threatening the world, specialists say. The most recent mention of such a prospective attack was made in late September by the representative of an important financial overseeing authority in the USA. The respective official spoke about the possible launch of a so-called cyber Armageddon, which may leave deep marks on the financial system for a long time, with effects comparable to those of the 9/11 attacks.