Saturday, June 11, 2011

IMF Hacked, Again - or - 'This isn't Cyberwar: It Just Acts Like Cyberwar'?!

I really hope that the key people who may have clicked the wrong link, or opened the wrong attachment, are a trifle less clueless than Dilbert's manager:



Still, there have been a lot of hack attacks so far this year.

Big ones:
  • Sony
  • Lockheed Martin
  • Oak Ridge
  • L-3 Communications
  • Grumman
    (see June 1, 2011)
Now we hear that the IMF's network has been compromised.

Again.

I hope I don't seem overly-concerned: but it's hard for me to shake the impression that all is not well with corporate and government information networks. Sure: Hacking Sony's Playstation database isn't quite like the International Monitory Fund network leaking. I include Sony's cyber-security woes in that list, because ideally a company as savvy as Sony shouldn't have let that happen.

Something, I think, has gone wrong with too many major commercial and government networks this year.

So, do I think it's time to run in circles and scream like a demented cat? No: That does not appear to be a reasonable approach.

On the other hand, I very sincerely hope that the White House cyber security coordinator has some response in mind. Besides calling cyber war a "turbo metaphor:" one that doesn't quite fit the sort of espionage we've been seeing. I think he's got a point, by the way, about staying calm:Here's what got me started with this post:
"IMF hit by 'very major' cyber security attack"
US & Canada, BBC News (June 11, 2011)

"The International Monetary Fund (IMF) says it has been targeted by a sophisticated cyber attack.

"Officials at the fund gave few details but said the attack earlier this year had been 'a very major breach' of its systems, the New York Times reports.

"Cyber security officials said the hack was designed to install software to create a 'digital insider presence'.

"The IMF, which holds sensitive economic data about many countries, said its operations were fully functional.

"The cyber attack took place over several months, and happened before former IMF chief Dominique Strauss-Kahn was arrested over sexual assault charges...."

"...A cyber security expert told Reuters the infiltration had been a targeted attack, which installed software designed to give a nation state a 'digital insider presence' at the IMF.

" 'The code was developed and released for this purpose,' said Tom Kellerman, who has worked for the Fund...."

'Epidemic' Sounds Dramatic

I think there are a whole lot of hack attacks happening - major ones - this year. I also am a little cautious when someone uses emotive terms like "epidemic."

Still, these anonymous "experts" may be right.
"Targeted cyber attacks an 'epidemic'"
Maggie Shiels, Technology, BBC News (June 2, 2011)

"The targeted attack used by hackers to compromise e-mail accounts of top US officials is reaching 'epidemic' proportions, say security experts.

"The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored.

"Via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names.

"Such attacks are often aimed at top officials or chief executives.

"Such attacks are not new, say security professionals, but they are becoming more commonplace.

" 'What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuable information and valuable data,' said Dan Kaminsky, chief scientist at security firm DKH...."

'This isn't War - It Just Acts Like War?!'

Or, famous last words?
"Cyber war threat exaggerated claims security expert"
Maggie Shiels, Technology, BBC News (February 16, 2011)

"The threat of cyber warfare is greatly exaggerated, according to a leading security expert.

"Bruce Schneier claims that emotive rhetoric around the term does not match the reality.

"He warned that using sensational phrases such as 'cyber armageddon' only inflames the situation.

"Mr Schneier, who is chief security officer for BT, is due to address the RSA security conference in San Francisco this week

"Speaking ahead of the event, he told BBC News that there was a power struggle going on, involving a 'battle of metaphors'.

"He suggested that the notion of a cyber war was based on several high-profile incidents from recent years.

"They include blackouts in Brazil in 1998, attacks by China on Google in 2009 and the Stuxnet virus that attacked Iran's nuclear facilities.

"He also pointed to the fallout from Wikileaks and the hacking of Republican vice-presidential candidate Sarah Palin's e-mail.

" 'What we are seeing is not cyber war but an increasing use of war-like tactics and that is what is confusing us...'..."

"...His point of view was backed by Howard Schmidt, cyber security co-ordinator for the White House.

" 'We really need to define this word because words do matter,' said Mr Schmidt.

" 'Cyber war is a turbo metaphor that does not address the issues we are looking at like cyber espionage, cyber crime, identity theft, credit card fraud...."
Okay: no turbo metaphors.

The IMF has been hacked. Again.

American defense contractors have been hacked. Several Times. This year. And the year isn't half-over yet.

Still, it could be worse.

Hey, the North American power grid is still working: right?

So, hey: how bad can it get? (June 1, 2011)

Like I said: Famous last words?

Related posts:
In the news:

No comments:

Unique, innovative candles


Visit us online:
Spiral Light CandleFind a Retailer
Spiral Light Candle Store

Blogroll

Note! Although I believe that these websites and blogs are useful resources for understanding the War on Terror, I do not necessarily agree with their opinions. 1 1 Given a recent misunderstanding of the phrase "useful resources," a clarification: I do not limit my reading to resources which support my views, or even to those which appear to be accurate. Reading opinions contrary to what I believed has been very useful at times: sometimes verifying my previous assumptions, sometimes encouraging me to change them.

Even resources which, in my opinion, are simply inaccurate are sometimes useful: these can give valuable insights into why some people or groups believe what they do.

In short, It is my opinion that some of the resources in this blogroll are neither accurate, nor unbiased. I do, however, believe that they are useful in understanding the War on Terror, the many versions of Islam, terrorism, and related topics.