Pierluigi Paganini
February 22, 2012
What are the main dangers for our infrastructures? Too much threats which any country is exposed. The situation is bleak, suddenly the sectors of defense found themselves vulnerable to cyber threats. Once nations shown their proud arms, flaunt power, intimidating opponents in this way. Today the way of fighting is radically changed, the battleground is cyberspace, the armies are composed by groups of hackers and cyber weapons are sophisticated weapons designed to attack strategic targets … mainly the wars today are silent. This last aspect is not negligible, country like China has started the warfare first of many other nations, the objectives of raids and of cyber operations of industrial espionage are often realized when the main damages had been already caused. In some cases we speak of a competitive advantage than a decade, we think the case study of Nortel and the damage caused by a decade of spying. The political landscape has radically changed, today countries like U.S., Japan and Russia are subject to the offensive of those nations once been relegated to marginal roles on the international stage. In mid July 2010, security experts discovered the virus called Stuxnet that had infiltrated computers inside nuclear plants and other infrastructures in country like Iran. It is considered “the first” cyber weapon of the history.
It is completely changed the way to conduct intelligence operations now moves through a meticulous analysis of the battlefield, Internet, studying the operations in the cyber space of opposing forces, nations and companies to spy.
Many aspects are profoundly changed, alliances that were once unimaginable has become reality today and they are able to frighten technologically advanced nations such as Israel and U.S.. For example let me cite China-Iran axis, or the support provided by China itself to nations like North Korea in offending military targets such as South Korea or Japan.
All this turmoil has the main effect of addressing significant capital in critical areas such as cyber defense to compensate cyber gap. Uncomfortable situation that governments tend to conceal and hide from its citizens, I live in Italy and if I go on the streets to ask ordinary people the cost of spending on warfare they will take me for a fool.
The awareness level on the topic is practically zero. The question remains how much effective are these measures and what is the level of security we are able to provide? We are in an embryonic stage in which it is too early hazard a hypothesis about the real state in term of security of the critical infrastructures all over the world. Who is threaten our tranquility?
Main threats come from:
The threat of cyber crime and those made by the actions of protest of groups of hacktivists are sources of considerable concern. So far this year we have witnessed an escalation of the phenomenon of hacktivism, the Anonymous group seems to have upped the ante, between doubts and misgivings about the real genesis of operations, numerous attacks have been registered against government sites and security agencies.
Gen. Keith Alexander, current director of the National Security Agency warned regarding the possibility that groups of hacktivist will have the ability in short term to bring cyber attack to the national power supplies causing a limited power outage in the US..
Power supplies are just one possible target, don’t forget the critical of telecommunications systems, gas and oil storage and transportation, banking and finance, transportation, water supply systems and emergency services. The profile of cyber assaults against US government and corporate targets is increasing manifesting high skill in the cyber strategy of the attacks.
If forces like those of hacktivist have the technical capacities and critical mass such that they can influencing foreign policy, are we sure that among their goals there are critical infrastructures?
Why the group that draws its strength from the masses should attack them, put them in danger?
Does Anonymous want this?
In an official message to the Wall Street Journal Anonymous regarding the accusation has written
“Ridiculous! Why should Anonymous shut off power grid? Makes no sense! They just want to make you feel afraid.”
“Why would Anons shut off a power grid?” reads a tweet from the @YourAnonNews feed. “There are ppl on life support / other vital services that rely on it. Try again NSA. #FearMongering”
The researcher of the Mercatus Center at George Mason University, Jerry Brito, told that Anonymous has never made a threat to the electrical grid or to other critical infrastructure.
But then, why these rumors began to circulate in authoritative newspapers? More of the group itself I’m scared of misuse of the name Anonymous, someone using the causes of the hacktivists to create a climate of emergency, declare openly to the world that we are terribly vulnerable.
Maybe someone is convinced that scaring the public is possible to remove the masses from the ideology behind the staged protests. The sad aspect is that someone could use the threat to justify expenses never disclosed before, in a state of emergency is known that many canonical steps for approval of investments are deliberately skipped to the benefit of nearby businesses to governments.
Why we intend to define the components of Anonymous cyber-terrorists and cyber criminals?
Mr. Richard Stiennon, Chief Research Analyst at IT-HARVEST, draws some distinctions in the definitions as well. A cybercriminal is generally motivated purely by profit. That is a different goal than cyber espionage, which seeks to access intellectual property for military or industrial strategic advantage, or cyberwar, which focuses on actually sabotaging infrastructure, disrupting critical systems, or inflicting physical damage on an enemy.
Do you recognize anonymous in one of these definitions?
The reality is dramatic, many countries like America and european members states are vulnerable to cyber attacks. Tens and thousands of critical structures are still vulnerable and in many cases also not counted. The real problem will be actions of cyber-terrorism, the business of terror is aware of the situation of the infrastructures and it is ready to hit. Consider for example how a terrorist act is mutated, once a group of subversive planned in secret the attack todays is it try to involve young guys to masquerade the real source of the attacks. The cyber recruiting is really simple, it is enough to announce an operation of Anonymous in specific channel (e.g. chat, social networks) to attract young people living in myth of the hacker, unaware of the real targets of a mission. The availability of tools for offense on the internet makes it easy circumvention of our children.
It ‘s time to come out, inform the masses, but in proper manner, absurd that person like my father still ignore terms like cyber terrorism and cyber weapons.
Pierluigi Paganini
