Now we’ve all installed firewalls, antivirus software, and anti-spyware, and we’ve probably got something to check for rootkits and any other nasties, but now even that isn’t enough. It appears that gone are days of the sad little nerd trying to claim fame in his sad little nerd community by launching a virus on the rest of us that basically says, “I am here, look at me”. I’m sure there are still people like that passing their time in this particular way, but they are not the problem.
The next level of attack on ordinary people, like you and I, came from organized crime. Every time we inadvertently found ourself trying to download something free off the Internet we also downloaded a piece of software that exposed our files to outsiders – the growth of broadband helped criminals no end. Not only could they see the existence of our files labelled secret_passwords.doc and home_accounts.xls, they could download their contents and steal our identity at the bank as they withdrew all our hard-earned cash. Next they turned our computers into zombies that sent out millions of spam e-mails over our broadband connection when we left it for a few minutes.
But now we have reached a new level of sophisticated attack and from the unlikeliest of bedfellows. I’m talking about legitimate governments and terrorists! Now I’m sure that your government and mine can’t possibly be involved – it’s always the others! For example, there has been wide reporting in the press that the Chinese plan to have electronic supremacy by 2050. Apparently, hackers within the Chinese People’s Liberation Army have revealed China’s plan to control other countries’ military networks and disable their financial and communications capabilities. It seems that superiority in any future war lies in successful cyber assaults, and, what’s worse, globally there are an awful lot of vulnerable systems. It also seems that the Chinese have produced a blueprint for Cyber warfare.
Obviously, a successful cyber attack could destabilize a country – which is probably why those hackers who can’t get a job for a legitimate government are being recruited to help terrorists. Although it doesn’t appear to have happened, 11 November was meant to see a denial of service by al-Qaeda. This was the date set for a cyber jihad against non-Moslem targets. The attack was meant to work by allowing sympathizers to download a tool that when coordinated with thousands of other like-minded people would cause the denial of service attack.
Now I know the Internet is full of paranoid ravings and conspiracy Web sites, but it does seem like an extra problem to worry about – maybe the Internet won’t be there tomorrow morning when I try to log on. The only good inference you can draw from this is that if these cyber attacks are well known, there must be a lot of people in white hats preventing such attacks from happening. But, perhaps equally worryingly, they must be thinking about ways to wage cyber war on whoever they think of as wearing black hats. Let’s hope the War of the Web never gets passed the planning stage – take it away Jeff!