Monday, 14 February 2011

Security fears

30 December 2010 Last updated at 12:10 By Maggie Shiels Technology reporter, BBC News, Silicon Valley front covers of magazines on security Industry insiders say cyber attacks will increase in 2011 The biggest security concerns for the coming year will be cyber-sabotage and cyber-espionage, say industry experts.

They cite the success of the Stuxnet worm in attacking industrial control systems as a prime example of what to expect in 2011.

Other predictions include a rise in sophisticated malware, Wikileaks-style breaches and a focus on mobile.

But Stuxnet type attacks top the list of forthcoming fears after the success it had interfering with Iran's nuclear power generation efforts.

In November, Iran's president Mahmoud Ahmadinejad confirmed that Stuxnet had hit its target.

"They succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts," Mr Ahmadinejad told a news conference.

'Destruction'

Researchers who have studied Stuxnet say its complexity suggests it could only have been written by a "nation state" in the West, rather than an organised crime group.

Security firm Kaspersky described Stuxnet as "a working and fearsome prototype of a cyber-weapon that will lead to the creation of a new arms race".

Guard at Bushehr nuclear power plant, Iran - 21 August 2010 Iran had denied that the virus had damaged any of its nuclear plants

Art Coviello, president of security firm RSA, agreed with Kaspersky's assessment.

"Stuxnet is the most troubling risk to me when I think about the conflict of cyber warfare," he said.

"I also realise all civilised nations of the world recognise that cyber warfare will escalate to the point of mutually assured destruction," he said.

"I would hope we all recognise that but I worry about [Stuxnet] getting in to the hands of non-state actors," Mr Coviello told BBC News.

Some experts believe that not only will there be more incidents in 2011 involving Stuxnet but there will be attempts to improve it.

"I would love to say that Stuxnet is something that is unique but I don't think that is going to be the case," said Jason Urso, chief technology officer for Honeywell and an expert in the security of manufacturing and industrial plants.

"The publicity surrounding Stuxnet will bring awareness to the fact that these critical infrastructures like power plants, oil refineries and so on are using systems that can be vulnerable if not secured in the right way," he said. "I think there is a real concern for copy-cat style attacks."

Hacks and attacks

Sharing the headlines with Stuxnet were the hack attacks carried out by supporters of whistle-blowing website Wikileaks. In late 2010, Wikileaks began releasing some of a cache of 250,000 leaked US diplomatic cables.

Wikileaks website The diplomatic cables released by Wikileaks were the focus of world attention.

Members of a group calling themselves Anonymous attacked Amazon, Mastercard, Visa and PayPal in retaliation for those firms hampering Wikileaks' ability to raise funds.

The attacks took the form of Distributed Denial of Service (DDoS) attacks. These involve bombarding a website with data to the point that it is overwhelmed.

Dr Hugh Thompson, a professor of computer science at Columbia University, said these events have changed security for the long term.

"Now we have people who are viewing these types of attacks under the lens of activism and that is a dangerous sort of thing to do when talking about companies," he said.

"It will change some of the elements of enterprise security which has previously centred around worrying about firewalls and data leaks," said Dr Thompson. "Now, if companies fall out of favour for whatever reason, like BP over the oil spill, there is now this other route where people can protest in the future.

"That is scary from an enterprise security perspective," he said.

Net security expert Dan Kaminsky said DDoS attacks were likely to proliferate in 2011 because of their simplicity.

"There is very little technological skill involved in creating a denial of service attack," he said. "They will never go away and the barrier to entry is very low yet their effectiveness is perceived as high and that means we will see more and more of them."

Art Gilliland, a vice president at security giant Symantec, said the Wikileaks debacle underscored the need to shift the focus from securing infrastructure to securing content.

"The level of professionalism in the hacker community is driven by the fact they are going after corporate information whether its credit card details or intellectual property or embarrassing documents.

"If they are able to sell it, like any market it creates a specialisation in the market and tools to make the hacker community more sophisticated - whether it's for financial gain or some sort of government nation state priority."

Mr Gilliland said that while DDoS attacks would not go away, the real hackers or criminals will keep their eyes fixed on the financials.

"There is some press value in taking down a website but not a lot of money and that is where the level of investment will go - stealing information because there is money there," he said. "The big pain will come from stealing that content or information and holding that party or organisation or government entity to ransom."

Future targets

Another top target in 2011 is likely to mobile phones, which are increasingly being turned into virtual wallets and being used in the workplace.

The M86 Security Labs predicted in its threat report for 2011 that the "exploding smartphone market and growing tablet demand will lead to more mobile malware".

iphone with shots of applications in background Mobile security is a big worry for 2011 as more people use them for work

Mr Coviello from RSA does not disagree but is more sanguine about the scale of a problem.

"For me mobile is just another end point," he said. "Okay, it's a different end point and there will be new viruses developed to attack it and new pieces of malware but they are the same kinds of things used to attack physical end points today like PC's and the internet as a whole.

"Mobile devices do mean more transactions, more flow of information and the law of averages is that there will be more security problems but they have to be taken in context."

From Symantec, Mr Gilliland agreed.

"It is clear you will see more attacks in this landscape because people are doing more of their lives on these devices but with the proliferation of operating systems there is no one clear target.

"If there starts to become a "winner" in that platform it will become a more attractive target," he said. "For example, if you look at the demographics of who buys the iPhone or iPad, they are usually technically savvy, typically wealthier and therefore maybe that is a richer target landscape."


View the original article here