U.S., Israel At High Risk of Cyber attacks
Joel Leyden, Israel News Agency
The next large-scale military or terrorist attack on the United States or Israel, if and when it happens, may not involve airplanes or bombs or even intruders breaching American and Israeli borders.
Cyberattackers shut down one Georgian government site and defaced another with images of Adolf Hitler.
Instead, such an assault may be carried out in cyberspace by shadowy hackers half a world away. And Internet security experts believe that it could be just as devastating to the U.S.'s economy and infrastructure as a deadly bombing.Experts say last week's attack on the former Soviet republic of Georgia, in which a Russian military offensive was preceded by an Internet assault that overwhelmed Georgian government Web sites, signals a new kind of cyberwar, one for which the United States is not fully prepared.
"Nobody's come up with a way to prevent this from happening, even here in the U.S.," said Tom Burling, acting chief executive of Tulip Systems, an Atlanta, Georgia, Web-hosting firm that volunteered its Internet servers to protect the nation of Georgia's Web sites from malicious traffic.
"The U.S. is probably more Internet-dependent than any place in the world. So to that extent, we're more vulnerable than any place in the world to this kind of attack," Burling added. "So much of what we're doing [in the United States] is out there on the Internet, and all of that can be taken down at once."
"This is such a crucial issue. At every level, our security now is dependent on computers," said Scott Borg, director of the United States Cyber Consequences Unit, a nonprofit research institute. "It's a whole new era. Political and military conflicts now will almost always have a cyber component. The chief targets will be critical infrastructure, and the attacks will emerge from within our own computer systems."
Hackers mounted coordinated assaults on Georgian government, media, banking and transportation sites in the weeks before Russian troops invaded. Known as distributed denial of service, the attacks employ multiple computers to flood networks with millions of simultaneous requests, overwhelming servers and crippling Web sites.
Hackers shut down the Web site of the Georgian president, Mikheil Saakashvili, for 24 hours and defaced the Georgian parliament site with images of Adolf Hitler. Saakashvili blamed Russia for the attacks, although the Russian government said it was not involved.
Web sites and computer networks have been targeted by hackers for decades, although large-scale, coordinated cyberattacks are still a relatively new phenomenon. Some Internet-security experts believe that the Georgia conflict marks the first time a known cyberattack has coincided with a ground war, but others said that similar computer attacks have accompanied military operations in the Middle East and elsewhere.
The challenge to U.S. security experts is that such attacks can be mounted anonymously, and relatively cheaply, from anywhere in the world. Georgia's attackers employed "botnets," or malicious automated programs that take root undetected in far-flung computers and barrage their targets with useless data. By last Friday, some of those botnets were originating from Comcast Internet addresses in the United States, Burling said.
"It only takes a couple of experts; it doesn't take a whole cyber infantry division to pull something like this off," said Don Jackson, director of threat intelligence for SecureWorks, an Atlanta-based computer security firm. "For a very small investment in resources, you can have a huge impact."
In the United States, government computer networks parry millions of attempted intrusions every day, Internet-security experts say. The U.S. Department of Homeland Security created a National Cybersecurity Center this year to coordinate federal cyberdefense efforts and quicken responsiveness. However, a recent Homeland Security Department intelligence report, obtained by The Associated Press, concluded that there are no effective means to prevent a coordinated attack on U.S. Web sites.
"When it comes to our government IT security, we're pretty strong in protecting against [attacks]," Homeland Security spokesman William R. Knocke told CNN. "But I wouldn't say ... we're 100 percent impenetrable."
So what would a cyberattack on the United States look like? And where is the U.S. most vulnerable? It depends on who you talk to.
Borg does not believe that the U.S. is susceptible to the kind of attacks launched at Georgia.
"We can command so much bandwidth that it's hard to overwhelm our servers," he said. "We are vulnerable to more sophisticated attacks, but right now most of the people who want to do us harm don't have those capabilities."
The Web sites of key government security agencies, such as the Pentagon and the Central Intelligence Agency, are difficult to bring down, experts said. So are the computer networks of large American banks. But experts say a successful, large-scale attack on U.S. computer systems could hobble electric-power grids, transportation networks and industrial-supply chains.
"You'd see some disruption of essential services, like electricity. You'd definitely see espionage," said James A. Lewis, a senior fellow at the Center for Strategic and International Studies in Washington. "Would it be decisive? No. Nobody's going to win a conflict with the United States in cyberspace. But would it be disruptive and irritating? Yes."
Federal researchers who launched an experimental cyberattack last year in Idaho caused a generator to self-destruct, prompting fears about the effect of a real attack on the nation's electrical supply.
And a May report by the Government Accountability Office found that the Tennessee Valley Authority, which supplies power to almost 9 million people in the southeastern U.S., had not installed sufficient cybersecurity measures. Spokesman Jim Allen said the TVA, the nation's largest publicly owned utility company, is "on track" to correct the problems.
What frustrates computer-security experts is that the features that make the Internet such an invaluable resource -- its openness and interconnectedness -- also make it easier for hackers to do harm. As a staple of 21st-century warfare, cyberattacks will become increasingly sophisticated, forcing governments and private industry to build ever-stronger firewalls and other defenses, experts said.
Also, vague international laws and a lack of accountability will continue to make tracking down and prosecuting cyberattackers difficult.
Websites in Israel were recently the targets of many Islamic hackers.
The Likud party's website was hacked on Wednesday by a hacker known as Cold Zero, who is a part of a group of hackers known as Team Hell. The group is known to be as a collection of Muslim hackers, believed to comprise of mostly Palestinian hackers.
The site's main page was replaced with a message, written in Hebrew, with both grammatical and spelling errors, saying "you kill Palestine children in Gaza; we will hack into your websites". Another message on the site said, 'You think Gilad Shalit will be returned? As soon as he is returned, we will kidnap four more like him". They were referring to the Israeli soldier who was kidnapped by Hamas in 2006.
This is not the first time that Cold Zero has hacked the Likud party's website. This would the second time that he has managed to do so. These would not be the only known cases: Between 2003 and 2004 the website has been hacked several times by several different elements.
Despite the media attention given to these hacks, in most cases the damage done is only superficial. The hackers would usually plant their own pages or in some cases change the main page of the site, a practice that is known as defacement.
A spokesperson for the Likud party has said that the problem has been dealt with and that people are welcomed to enter the site again.
Both IsraelInsider and the Israel News Agency were also attacked by Islamic hackers recently.
Databases were corrupted. But both the Israel Insider and the Israel News Agency were well prepared for such attacks and recovered within hours.
The US and Israel are at high risk of Cyber attack. These attacks, though they will not decide victory or defeat, will be annoying and can and will be used in an attempt to sway public opinion.
How does it work?
Enemy states infect millions of computers with Trojans, waiting to attack Israeli websites at the click of one command. Overload takes place. Internet comes to a halt while the enemy commander can free broadband space at will and deliver instructions to infrastructure
related computers.
How do we defend ourselves from such an attack?
Government software should be distributed to governmental, commercial and the public in the same manner that gas masks are handed out.
No different than a condom.
We practice safe safe.
We need to practice safe computing!
Joel Leyden
President
Leyden Communications Group™
International Public Relations / Web 2.0 Marketing / Branding / Crisis Communications / Editorial / SEO Internet Marketing Consultancy
New York, N.Y.
Ra'anana, Israel
www.IsraelPr.com™
www.IsraelMarketing.com™
www.EbizMarketSolutions.com™
Publisher
Israel News Agency™
United States News Agency™
"Creating Web Traffic $ince 1995"™
Ranked NUMBER ONE on Google, Yahoo for Israel International PR and Internet SEO!
=== SUPPORT ISRAEL - BUY BLUE AND WHITE ===
---------------------------------------------------
The information contained in this electronic mail message is intended only for the use of the addressee(s) listed above and may contain confidential and privileged information.
If you have received this communication in error, please immediately notify us and delete it from your computer. Thank you.
No comments:
Post a Comment