Cyber threats scare a society increasingly dependent on technology

Pierluigi Paganini May 13, 2015

Experts estimated that between 25 to 50 billion devices will be connected to the internet by 2020 will be exposed to an increasing number of cyber threats.

Until the end of 2020, experts estimated that between 25 to 50 billion devices on the planet will be connected to the internet, and counting that the Internet of Thing will keep growing it also means that for the hackers the opportunities to exploit devices are growing too.

As you may realize hacking campaigns nowadays are more sophisticated that even before and take are taking advantage of people’s mistakes to get some gains. Besides these facts, there is also the action of state-sponsored hackers involved in information warfare operations, hacktivists and malicious people, all these actors concur to make the cyberspace unstable.

Ray Boisvert, former Director General of the Counterterrorism program for the Canadian Security Intelligence Service (CSIS) talked in April at a conference, “What is a great cyber intelligence tool today is tomorrow’s exploit,”

Boisvert emphasized that “Stuxnet” (a NSA creation) gave a huge knowledge to many parties of the cyberwar game, because after being reverse-engineered it was used to develop by malware authors as base for new malware.

But the question remains, which are the four cyber threats that are emerging?

Each country has their own cyber program, making an asymmetrical warfare

Cyber warfare doesn’t require a significant number of troops or a superior set of bombs,” said the cyber security expert David Kennedy, and he is right, a small group of knowledgeable people can do a lot of damage, and Iran was one of the first to realize that and develop their or cyber program.

The Iranian cyber program has grown beyond expected and the attacks run by Iranian hackers include private firms, government and military entities, Oil and Gas companies, energy, transportations, airlines, airports, hospitals, aerospace industries, you name it, they have done all.

But lately a hot case has been the attack to Sony Pictures on December 2014, performed by North Korea hackers dubbed GoP, where 11 terabytes of confidential data were stolen.

cyber threats

What to expect in the next months?

Cyber Warfare is already a part of the military doctrine

Using again Iran as an example, its predicted that its predicted that its predicted that its predicted that “In 10 years’ time, Iran’s cyber capabilities will be more troubling than its nuclear program,” observed geopolitical expert Ian Bremmer.

Iran increased the budget for the cyber security department, spending nowadays around $19.8 million per year, but of course Iran it isn’t alone in the race, so almost every country is doing the same. Another example to prove the point, Chine increased their budget for cyber security in 20-30%,

“They [the Chinese] have previously devoted substantial resources to cyber espionage and theft,”, “China’s vision of combined operations, with cyber as a strong component of its capability, will significantly challenge American freedom of action in the Pacific.”  said Paul Rosenzweig, a cyber-security expert.

And we can’t forget about Russia, they “will be responsible for conduction offensive cyber activities, including propaganda operations and inserting malware into enemy command and control systems,” said James Clapper, a US director of national intelligence.

In 2011, Russian hackers were responsible for exploiting a breach in the stock exchange market, “inserting a digital bomb.

Identify theft is increasing and spreading fast

About identity theft, it’s largely used to exploit the weakest link in the security chain, the humans. When someone is trying to hack a huge corporation, one of the first things that he does is trying to identify the internal staff of the organization, then he tries to target it with surgical attacks, for example a spear “phishing attack”

SCADA systems are a target for hackers

SCADA systems, responsible for controlling many industrial processes like power grid and oil and gas pipelines are a privileged target for hackers. Targeting a SCADA system used in a critical infrastructure it is possible to cause serious damage to a Government. Recently the expert discovered the present of the dreaded “BlackEnergy malware” in US infrastructures that were targeted by Russian hackers.

As confirmed by the last report issued by the US-CERT, the number of attacks against SCADA systems is increasing and in the majority of cases it conducted by sophisticated APT groups.

It is easy to predict a rapid increase of successful attacks because we are depending even more in the technology, it is important that citizens, private companies and Governments will increase their efforts to assume a proper security posture.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog

Edited by Pierluigi Paganini

(Security Affairs –  cyber threats, hacking)

you might also like

leave a comment