The Internet Grows More Dangerous

Any assumption that technological advances in cyber security have made the Internet safer is simply wrong. Consider just a few examples:

• A Microsoft Windows computer worm labeled "Stuxnet" is now targeting industrial software and equipment.
• Malware has been widely detected in several cloud computing services and are now showing up on mobile devices as well.¹
• According to an eCrimes Trends Report, phishing attacks were up 12 percent in the first quarter of 2011.²
• Distributed Denial-of-Service (DDoS) attacks, which focus on a single target to overwhelm it, creating a denial of service for regular users, are on the rise. Such attacks were run recently against the NASDAQ stock exchange, the department of Defense Research and Development of Canada, WordPress, eight Tunisian government Web sites, and Egypt's official government Web sites.
• Even as American members of an international hacker group known as "Anonymous" were arrested in states all across the country, the group claimed responsibility for breaching cybersecurity at NATO and accessing large volumes of highly classified documents.³ In the aftermath, NATO found itself trying to determine the extent of the damage done by the group posting many of the documents online and working to identify how the hackers gained access.

These are just a few of the many varieties of attacks that are on the rise. The motivations range from financial and geopolitical gains to a thirst for notoriety. Like terrorists, the latter group of hackers is particularly hard to defend against because they simply want to make a name for themselves. They have no concern whatsoever for the inconvenience and economic damage their activities cause.

The more dependent we become on cyberspace, the more vulnerable we become to all these threats. Unfortunately, there is no practical way for society to become less dependent. Why? Because business efficiency and productivity has increased with every step we've taken toward greater reliance on computers and networks.

§§§§§§§§§§

It began with mainframes, transitioned to minis, moved to PCs, and accelerated dramatically with the dawn of the World Wide Web. Now, it's moving to new heights thanks to cloud computing. Because so much mission-critical activity is rapidly migrating to cloud computing, keeping it secure has itself become "mission critical."

Even more challenging is the increased reliance of individuals on the Internet, which is driven by innumerable benefits. Our dependence involves everything from social networking and messaging to online banking, travel, entertainment, and stock brokerage services.

§§§§§§§§§§

Perhaps even more dangerous is how branches of our government, including the military, now operate in, and are dependent on, cyberspace.

It's this increased activity and dependence on the Internet that is making it not only a more tempting target, but one with more opportunities and vulnerabilities.

Attacks are now coming in many new forms, while criminals and enemies learn to more effectively exploit traditional cybercrime techniques. For example, cybercriminals are still using time-tested scams, with ill-gotten gains ranging in the billions every year. However, cybercrime is not just inflicting pain on unsuspecting consumers. Businesses, and even government agencies around the globe, are being disrupted.

§§§§§§§§§§

The Internet Crime Complaint Center, which is a collaboration between the FBI and National White Collar Crime Center, reports that the largest and most successful cybercrime schemes of 2010 were:⁴

• Auction frauds
• Counterfeit cashier's checks
• Credit card fraud
• Debt elimination schemes
• Parcel courier e-mail schemes
• Employment and business opportunity frauds
• Escrow services frauds
• Identity theft
• Internet extortion
• Investment frauds
• Lotteries
• Hoaxes like the well-known "Nigerian letter" scheme
• Phishing
• Third-party receiver of funds schemes

§§§§§§§§§§

The highest-profile cases have resulted when company employees inadvertently open the door for criminals, especially those seeking to steal confidential customer information.

One of the most common ways is through a lax password policy. Writing in MIT Technology Review,⁵ Christopher Mims describes this danger as follows: "Your company's data is only as secure as the weakest security of the most fly-by-night Web site to which anyone in your organization has ever given their password."

§§§§§§§§§§

Mims explains that the more a password is used, the less secure it becomes. As a result, user data is being leaked with increased frequency. Web applications, whether personal or business, simply cannot be protected from someone who has acquired the key that gains entrance.

To protect yourself and your business, Mims offers several password tips that can help keep your network secure.

• First, make it company policy that users must change their passwords periodically, using strong passwords.
• Next, passwords that gain access to sites that use credit card or bank information should have unique passwords that are used nowhere else.
• Similarly, e-mail account passwords should also be unique. In both cases, these unique passwords will keep hackers from accessing e-mail accounts or bank accounts using passwords obtained from some other less-secure sites.
• All other sites, other than email or financial, can have the same, throwaway password. However, if something seems critical, give it a unique password.

§§§§§§§§§§

Another type of damaging cyberattack that can be inadvertently invited in by an employee, is the so-called "fake antivirus attack."⁶

In this scheme, visiting a compromised Web site triggers a fake warning that a virus has been detected on the computer. The unsuspecting user is prompted to click on a button to run a scan. Since it appears to be a legitimate warning from installed virus protection software, and since users are constantly warned to run antivirus software, they are preconditioned to click on the button.

Often, they are presented with an offer to purchase software that will clean and protect the computer. In the best-case scenario, someone in a far-off region of the globe becomes a bit richer for doing nothing except taking your credit card order.

But in many cases, malware is installed that can steal passwords or enslave a computer, making it part of a remotely controlled gang called a botnet. Because this malware is invited in, even well-maintained computers can become infected.

At the very least, this can cost an IT department time and resources to fix. Far worse is the possibility that the security of the company's information can be compromised — and if part of that information is customer data, the consequences can be dire.

But, even these attacks on corporate customer databases aren't the biggest threats that can be seen rapidly growing. When attacks move beyond individuals and businesses, striking civil infrastructures, it becomes "cyberwar."

Such attacks can take many forms. For example, attacks can be directed against gas or oil refineries, can bring energy production to a halt, or can trigger large-scale industrial accidents. Others that attempt to disrupt banking and stock exchange operations can paralyze segments of a national economy.

Attacks on government installations and military targets could potentially limit a nation's ability to respond to a military threat.

§§§§§§§§§§

So, whether it's a hoax that leads to the purchase of bogus virus software, or an all-out cyber attack on a military network, the Web is becoming increasingly dangerous, and this requires increased vigilance at all levels. Businesses, in particular, need to be aware that their growing reliance on technology and the Internet is introducing a larger measure of vulnerability that must be addressed.

§§§§§§§§§§

Given this trend, we offer the following three forecasts for your consideration:

First, cloud computing will become the prime target for cybercriminals in the next five years.

This new realm will be targeted for two reasons. First, as new technologies develop, security measures tend to lag, providing vulnerabilities that can be exploited. Secondly, for cloud computing to be fully leveraged, it necessitates that useful, and therefore sensitive, information be available in the cloud. These two realities will have hackers working overtime to extract what they can while their window of opportunity remains open. Expect, for example, to see cloud outages as a result of distributed denial-of-service attacks.

Second, attacks on mobile devices such as cell phones and PDAs will grow dramatically.

This new vector of attack is virtually guaranteed by the explosion of applications that are being downloaded onto these devices and the content that is being uploaded to Web sites. It's a mix that is ripe for illegal cyberactivity.

Third, Voice-over-IP will experience new and sophisticated attacks.

According to the National Vulnerability Database, VoIP systems contain almost 100 common vulnerabilities and exposures. It is believed that VoIP-ready firewalls and other information security countermeasures will not provide adequate protection, making VoIP a vulnerable target for hacking.