'Cyber-terrorism does not pose a significant threat to the Western security' - British expert

Photo: EPA

As global internet community grows by the minute, cyber-security experts continue to wonder how to make internet a safer place. In an interview to the Voice of Russia, Peter Warren, Chairman of Cyber Security Research Institute, UK, shared his thoughts on the issues of cyber-security and cyber-terrorism. According to Mr Warren, the possibility that terrorist organizations will use the internet to fulfill their malicious plans is rather low since a computer attack does not have that ‘chilling effect’ which is so often sought by terrorists.
The threat of cyber-crime, on the other hand, remains very real. In pursuit of greater revenues companies often rush to place their software on the market while being reluctant to check their new products for possible vulnerabilities which all too often serve as entry points for cyber-attacks. To minimize the probability of cyber-crime the expert urges to rethink the whole process of computer industry. Voice of Russia: Many international terrorist groups now actively use computers and the internet to communicate, but cyber-terrorism still remains a relatively rare occurrence. Do you think that terrorist networks might be avoiding the internet? Peter Warren: Yes, apart from for communication and fund-raising purposes, international terrorist groups are actually avoiding the internet at the moment. The reason for such avoidance is that it scares them. One of the primary characteristics of modern terrorist organizations is that they like to be anonymous. The traditional cell structures that they have been running for years helped them to achieve a very high level of anonymity and they do not want to compromise it. Those terrorist networks that have expertise to carry out a cyber-attack are well aware that the very moment they hit the internet they will be running a risk to be tracked and found because such organizations are being quite heavily monitored by the intelligence agencies all over the world. So, what is more likely is that a national-state player – a state with competence – could seek to destabilize an opponent by outsourcing the capability to the terrorist organization. Voice of Russia: Following your line of reasoning, it seems that cyber-violence is a particular kind of state-terrorism. Is this what you are implying? Peter Warren: I would say that this is a very real possibility and it is a very real trend. The only entity that has a capability to carry out an attack on a state’s critical infrastructure is another state. To achieve deniability, such a state could use a terrorist organization as a proxy. Voice of Russia: It is often claimed that the harm from cyber-terrorism can be compared to the harm from a more direct, physical terrorist attack. Would you agree? Peter Warren: That is actually the other issue because of which terrorist organizations are avoiding the internet. It is in the agenda of being a terrorist that you want to cause an outrage that scares people and makes them extremely anxious. The global reaction to 9/11 attacks is the best illustration of what terrorists ideally seek to achieve. Their main aim is to induce terror and it is fairly difficult to do it through the internet. If you are a terrorist organization and you use a virus that deteriorates the performance of the British transport system, for example, then all that this cyber-attack will do is cause a lot of irritation. It will not cause terror. In this respect, at the moment, cyber-terrorism per se does not pose a significant threat to the Western security; cyber-crime does. Voice of Russia: How about the harm that a cyber-attack can cause to a state’s economy or military infrastructure? We all remember how Iran’s nuclear infrastructure was attacked by Stuxnet. Would you say that this is not terrifying enough if a nuclear plant goes astray due to a cyber-attack? Peter Warren: This is the point I was about to come onto. There is now a fairly universal agreement that the Stuxnet attack on Iranian nuclear plant was put together by the joint efforts of the American-Israeli team and was not the work of any terrorist organization. Quite simply, for a terrorist group, such an attack was not ‘terrifying’ enough and was too ‘well-planned’ in a sense that the virus did not go much further than it was intended to. Although there was leakage of Stuxnet to India and some other areas, the attack was still very well-managed for a terrorist act. However, if such tool as Stuxnet got into the hands of genuine terrorists, the consequences could have been much worse. The nuclear reactor could have simply exploded and the damages would have been massive. This is why, as I said before, terrorist organizations with expertise in cyber-attacks are very closely monitored nowadays. Voice of Russia: It is interesting that a person or an organization behind the Stuxnet attack still remains unknown. Although, as you say, there are some speculations about the identity of the initiators, no one knows for sure who the attacker was. Why such difficulty with the perpetrator's identification? Peter Warren: This is one of the main problems with cyber-crime because you never know for sure where the things are coming from. One of the main problems with identification is the profound deficiency in the routing system in the internet. There have been some suggestions about how to fix this, but they all stumble upon the problem of funding. It is estimated that it would cost around eighteen billion dollars to correct the deficiencies. While this is not a considerable sum in terms of eradicating the issue, this budget would have to be agreed on internationally which is very difficult. That said, however, the intelligence agencies in Russia, in the UK, in America have developed a mechanism that allows them to track the virus to its origin. Obviously, the agencies will never tell the press how they do this, but it is known for sure that it is possible to locate the attackers. Voice of Russia: Vulnerabilities in software and computer system configurations provide the entry points for cyber-attacks. How can these deficiencies be minimized? Peter Warren: Vulnerabilities in code is a huge issue. The problem is that the way computer industry has been evolving as a very competitive market, security has always been a very low priority. Companies are constantly worried about what their competitors are doing so they want to rush out their software as quickly as they possibly can with no concern for security. In this sense, to minimize these vulnerabilities, we have to rethink the whole process of computer industry. Companies should not be allowed to place products on the market until these have been checked by cyber-security experts. Voice of Russia: In your opinion, what is the most effective countermeasure against cyber-attacks? Peter Warren: I think that one of the most effective means to prevent cyber-crime is raising public awareness. The other thing that can be done is the introduction of mandatory reporting mechanisms of cyber-crime. At the moment we are in an absolutely terrible state when the people will not even admit that they have been attacked precisely because they do not know how to deal with the problem. The third thing that is absolutely necessary is the creation of a global cyber-crime research organization. Although a European-wide research center has already been created for these purposes, there is a burning need for an international response. Admittedly, this is going to be very difficult to achieve because there is no legal consensus on the universal definition of cyber-crime. There are also some governmental organizations that actually have quite an intimate connection with cyber-crime. In essence, these organizations use hackers as deniable mercenaries which makes them significant intelligence assets. Voice of Russia: What about the social networks such as Facebook and Google+? Do they provide a fertile ground for recruitment of potential cyber-criminals? Peter Warren: Facebook and social media groups do currently provide a relatively fertile area for cyber-crime recruitment insofar as it is quite easy to find sympathizers. However, all the subsequent agreements are made elsewhere due to heavy monitoring of the social networks by the intelligence agencies. Source: Voice of Russia

Read More........→February 08, 2013

EC3 to fight cybercrime with Russia and Singapore

The EU says online fraud and organised crime on the internet is on the rise. Last year, credit card fraud alone cost Europeans 1-point-5-billion euros. To combat the increase in online criminal activity the EU has, today, opened a new cybercrime centre – known as EC3. The centre will focus on tackling identity theft, fraud and child exploitation online.

Cyber criminals are equipped to use technology to commit their crimes. They’re infiltrating our computers, our bank accounts, our smart phones and even our social networks – a worrying trend! The latest E.U. figures show, young Europeans spend 80% of their day on the internet. Designed to combat the rise in online criminal activity, the new European Cybercrime Center will pull expertise and promote the sharing of evidence from across the Eurozone. Troels Oerting will head the new cybercrime center EC3. He says we need to change our cybercrime strategy. We have tried many-many years to protect ourselves out of this with safer infrastructure, but this is simply not enough. Just like in the offline world, we need not only to put a lock on the door, we also need to have a criminal-free environment where we can go safely. A recent survey of the E.U. internet uses found high levels of concern about cyber security. 89% of those polled said they’d avoid disclosing personal information online due to security concerns, with 3 out of 4 citizens agreeing risk of becoming a victim of cybercrime has increased over the past year. But why is there a need for a pan-European organization? Troels Oerting, the head of EC3 again: We know about this threat. But do we have the European oversight? No! Is this important? Yes. And why? Because we have no geographical lens in this crime. The crime is not conducted in Stockholm or Vienna. It’s conducted all over by the same groups which we cannot identify. However, Chris Bellamy, Professor of Maritime Security says getting all the member-states to work together won’t be easy. I think it’s going to be a real challenge for them actually to exchange information and evidence. The rules are evidence are extremely strict. And I suspect that the problem will be getting police forces to send information to them. I think in some cases, of course, although there aren’t supposed to be any political differences between the countries of the E.U., the fact is that some political difference and indeed countervailing interests may reel their heads. The new EC3 center will focus on three main areas of cybercrime: online fraud, including incepting payments made on smartphones, identify theft and tackling child exploitation online. Authorities at EC3 will focus on the most dangerous cybercrime threats and key criminal groups who are operating at E.U. level. Last year credit card fraud alone cost Europeans 1.5 billion euros. Cecilia Malmström is the E.U.’s Home Affairs Commissioner. She says evidence collected online could often be more revealing to authorities than evidence found offline. A good piece of information is often all that is needed to combat criminals online. It can open up the whole network. The cybercrime center will also trade national law enforcement authorities and support them in their own cybercrime investigations. But Troels Oerting, the head of EC3, says there’s also a need for global cooperation on tackling cybercrime. EC3 is already working with Singaporean authorities and Troels Oerting is also hopeful of successful cooperation with Russia. We’re also negotiating an agreement with Russia that is just in its stage. I guess in this year we hopefully can sign it which will then enable them to actually exchange information with us. EC3 will now become the focal point in the Eurozone’s fight with cybercrime. The center is based in Hague and already began tackling criminal activity online, but is not expected to be fully functional until 2015. Source: Voice of Russia

Read More........→January 29, 2013

Russian hackers will launch blitzkrieg cyber-attacks on U.S. banks next spring, security experts warn

Victims: This map shows the locations of victims of the Project Blitzkrieg pilot campaign whose infected computers are reporting back to Romanian Control servers, according to McAfee Global Threat Intelligence Experts have warned that hackers' plans to launch massive cyber-attacks on U.S. financial institutions are not just a possibility but a 'credible threat'. According to a report released by internet security firm McAfee, the impending attack on banks - dubbed 'Project Blitzkrieg' - could result in millions of dollars of losses. 'McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned,' the company said in a report published yesterday. Source: The Coming Crisis

Read More........→December 18, 2012

Hackers could create havoc with global air traffic

LAS VEGAS — Air traffic control software used around the world could be exploited by hackers to unleash squadrons of ghost planes to befuddle those entrusted to keep the skies safe, a security researcher said Friday. Cyprus-based Andrei Costin demonstrated his findings at a Black Hat gathering of cyber defenders in Las Vegas. “This is for information only,” Costin said as he outlined how someone with modest tech skills and about $2,000 worth of electronics could vex air traffic controllers or even stalk celebrities traveling in private jets. “Everything you do is at your own risk.”  Costin’s target was an ADS-B system in place for aircraft to communicate with one another and with air traffic control systems at airports.The system, which has been rolled out internationally in recent years in a multi-billion dollar upgrade, was designed to better track aircraft so airport traffic can flow more efficiently. A perilous flaw is that the system is not designed to verify who is actually sending a message, meaning that those with malicious intent can impersonate aircraft either as pranks or to cause mayhem, according to Costin. “There is no provision to make sure a message is genuine,” he said.“It is basically an inviting opportunity for any attacker with medium technical knowledge.” Air traffic controllers faced with a signal from a fake airplane resort to cross-checking flight plans, putting relevant portions of air space off limits while they work. “Imagine you inject a million planes; you don’t have that many people to cross-check,” Costin said. “You can do a human resource version of a denial of service attack on an airport.” Denial of service attacks commonly used by hackers involve overwhelming websites with so many simultaneous online requests that they crash or slow to the point of being useless. Aviation agencies are adept at identifying and locating “rogue transmitters” on the ground, but not at countering signals from drones or other robotic aircraft becoming more common and available, according to the researcher. Another danger in the new-generation air traffic control system, according to Costin, is that position, velocity and other information broadcast by aircraft isn’t encrypted and can be snatched from the air. “Basically, you can buy or build yourself a device to capture this information from airplanes,” Costin said. He listed potential abuses including paparazzi being able to track private jets carrying celebrities or other famous people. Costin showed how a friend was able to identify a plane broadcasting the identification numbers of Air Force One, the military jet used by the U.S. president, and plot it on a map on an iPad. “It can be a very profitable business model for criminals to invest a small amount of money in radios, place them around the world” and then sell jet tracking services or information about flights, the independent researcher said. “If it was Air Force One, why does Air Force One show itself?” Costin wondered aloud. “It is a very high profile target and you don’t want everyone to know it is flying over your house.” There are websites with databases matching aircraft registration numbers with listed owners. Source: Sam Daily Times

Read More........→December 16, 2012

Cyber clues link U.S. to new computer viruses

The U.S. may have developed three new previously unknown computer viruses for use in espionage operations or cyber warfare, says American computer security firm Symantec in its report. A study shows that Washington is using computer technology to promote its interests in the Middle East. For one, the U.S. was behind the Stuxnet, a computer worm used to collect information about the Iranian nuclear programme in 2010, as well as the development of Flame, a tool for cyber monitoring. Symantec and Russia’s Kaspersky Lab linked Stuxnet to Flame saying that part of the Flame programme is nearly identical to code found in a 2009 version of Stuxnet. Source: Voice of Russia

Read More........→October 19, 2012