/ 4 January 2008

Cyber spies and ether espionage

A ”cyber cold war” is developing as international web espionage and cyber attacks become the biggest threats to internet security, according to a report.

Computer security firm McAfee says governments and government-allied groups are engaging in increasingly sophisticated cyber spying, with many attacks originating from China. About 120 countries could be developing the capacity for such activities.

What started as probes to see what was possible have become well-funded and well-organised operations for political, military, economic and technical espionage, the report says, with perpetrators aiming to cause havoc by disrupting critical national infrastructure systems.

Targets include air-traffic control, financial markets, government computer networks and utility providers. In September it was reported that Chinese hackers, including some believed to be in the state military, had been attacking the computer networks of British government departments, including the Foreign Office.

China has spelled out in a white paper that ”informationised armed forces” are part of its military strategy.

McAfee, whose report was compiled with input from Nato, the FBI and the UK’s Serious Organised Crime Agency, quoted Nato insiders as saying that the cyber attacks on Estonia earlier this year, which disrupted government, news and bank servers for weeks, was the tip of the iceberg.

In May the Baltic state said that at least one million computers had been used in the onslaught, which saw hundreds of thousands of hits bombarding Estonian websites to jam them and make them unusable. The method is known as ”distributed denial of service”.

The attack coincided with the climax of a dispute between Moscow and Tallinn over a Soviet World War II memorial in the Estonian capital, but officials avoided accusing the Kremlin directly. Russian officials have denied any responsibility.

In the past year there have been reports of cyber attacks against government targets in the United States, Germany, India, New Zealand and Australia. China has denied involvement.

”We have seen attempts by a variety of state and non-state organisations to gain unauthorised access to, or otherwise degrade, department of defence information systems,” a Pentagon spokesperson told researchers.

Nato experts said attackers are using Trojan horse software to focus on specific government offices and 99% of cases are probably still undetected. ”The complexity and coordination seen during the Estonia attacks was new,” a Nato insider said. ”There was a series of carefully timed attacks using different techniques and specific targets. The attackers stopped deliberately rather than being shut down.”

James Mulvenon, an expert on China’s military who is also director of the Centre for Intelligence and Research in Washington, said the Chinese were the first to jump ”feet first” into 21st-century cyber warfare technology.

Peter Sommer, a computer crime expert who contributed to the report, said: ”There are signs that intelligence agencies around the world are constantly probing other governments’ networks, looking for strengths and weaknesses and developing new ways to gather intelligence.”

Jeff Green, senior vice-president of McAfee Avert Labs, said: ”Cyber crime is now a global issue. It has evolved significantly and is no longer just a threat to industry and individuals, but increasingly to national security. We’re seeing emerging threats from increasingly sophisticated groups attacking organisations around the world.”

The report also highlights new threats to consumers, with cyber criminals targeting internet-based telephone networks in what is known as ”vishing”. There is also ”phreaking” — hacking into tele­phone networks to make long-distance phone calls — and the problem of the growing ”white market”, where software flaws are bought and sold for tens of thousands of dollars.

Users of social networking sites such as Facebook and MySpace are also vulnerable. — Â