Online Attacks for Political Reasons
It seems that the only time that state-sponsored online attacks are covered in the media is when someone wants to create a short term scare campaign that is focussed on driving business to a company, or on increasing funding or perceived relevancy for a government agency or group of agencies. Perhaps the best known case in the last few years was in Estonia, though there remains contention about who exactly was behind the attacks. Even though the official story is that an ethnic Russian in Estonia was responsible, there are those who still believe that the attacks were coordinated and managed from Russia.
State sponsored attacks are always guaranteed to attract interest, but the idea of semi-state and stateless organisations developing online attack capabilities for political goals is also starting to attract attention. With many of the groups that have openly admitted to developing such capability already engaged in open attacks in other environments and many also attracting designation as 'terrorist' groups, an online attack that is claimed by or attributed to one of these groups is considered far more likely than a state-sponsored attack. While the technology and methods used may be no different from those used in spam, phishing, and other online criminal activity, it is the political intent behind their use which places them in a separate class.
Supporting this argument is a number of claims by different terror groups that they have access to an electronic attack capability surfacing in recent weeks and months. These claims are actively promoted by the groups, who argue that it allows them to level the playing field against their opponents and, more importantly for them, it provides a means to disrupt their opponents without significant risk to themselves.
Even though online attacks offer far less personal risk to the instigators, there are still some global regions where this is not the case. Earlier this year Israel killed a Palestinian believed to have been in charge of the online attack element for a Palestinian militant organisation, but this is probably the only global region where an electronic attacker may be at significant personal risk.
India is the latest country to join the ranks of those accusing China of attacking their internal networks and systems. This accusation is more significant than most, given the geographic proximity of the two countries and their historical military and political tension (including two current disputed regions and a number of historical armed conflicts).
It will be interesting to see how the two most populous and rapidly developing countries in the world handle this sort of activity and how each responds to claimed attack and counter attack, given that the attacks may be attributed to state-sponsored, semi-state, and stateless bodies in varying proportions. Though the scale of the attacks is relatively small, given the overall size of both countries, the economic and technological boost that has been delivered with the outsourcing industry means that some of the juciest targets in India are actually datasets belonging to foreign companies.
There is no sign that these sorts of attacks will increase in scope anytime soon, but it is something to consider with data security concerns - especially in an outsourced environment. You might wake up one day to find that your data is being held ransom or under attack by an external party that is actually targeting your supplier and not you directly. That is cold comfort for the people whose data lies within that dataset and it will be you ultimately held responsible for its safety.
30 June 2008
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.