Slashdot Mirror

← Back to Stories (view on slashdot.org)

State-Sponsored CyberAttacks Expected To Rise

Posted by Soulskill on from the nowhere-to-go-but-up dept.

wiredmikey writes "According to a report released today, IT security professionals will see a rise in State-sponsored attacks, like the Stuxnet worm, that will build on concepts and techniques from the commercial hacker industry to create more powerful 'Advanced Persistent Threats.' The researchers also expect an increase in compromised mobile devices leading to data theft or loss as a result of lagging security measures, and that next year will bring the first major data breaches as a result of compromised devices. The biggest potential impact will be caused by the proliferation of sophisticated mobile devices interacting with corporate networks."

33 comments

  1. A rise? by dropadrop · · Score: 4, Insightful

    To know there is a rise you would need to have some kind of baseline on the current situation. I don't think anyone knows how much state sponsored cyber attacks are currently going around, but I would imagine quite a bit. Most states will have quite a high level of technology and far more motivation to keep things secret then your average cyber criminal. Maybe one (kind of) exception is Russia where the cyber criminals are state friendly to a level where they will (with or without actual concent) do cyber attacks for the states benefit (look at ddos attacks at estonia as an example).

    1. Re:A rise? by ColdWetDog · · Score: 3, Insightful
      "Boy, that's one mean piece of software. Hottest thing since sliced bread. That goddamn thing is invisible. I just rented twenty seconds on that little pink box, just left of the T-A ice; had a look at what we look like. We don't. We're not there."

      Neuromancer, William Gibson. 1984.

      Truth - stranger than fiction, if lagging a bit in time.

      --
      Faster! Faster! Faster would be better!
    2. Re:A rise? by MozeeToby · · Score: 2, Insightful

      To know there is a rise you would need to have some kind of baseline on the current situation.

      You do? If it rains for a week straight I can make a prediction that the river level will rise over the course of that week without knowing what the level of the river was before it started raining. It could be a dry creek bed or it could be an inch from bursting it's banks, that information doesn't necessarily factor into my prediction of a rise.

    3. Re:A rise? by Monkeedude1212 · · Score: 3, Insightful

      You do? If it rains for a week straight I can make a prediction that the river level will rise over the course of that week without knowing what the level of the river was before it started raining. It could be a dry creek bed or it could be an inch from bursting it's banks, that information doesn't necessarily factor into my prediction of a rise.

      Is that an accurate prediction?

      What if the week before it was raining more, like a monsoon, and the week after it was hit with tidal wave?

      Point is, the fact that you know its happening doesn't actually mean it's going up. You need to know what it was like before for it to have any meaning.

      Your whole point was based on the assumption that it wasn't raining before your week started, thus, you knew the existing preconditions.

    4. Re:A rise? by Bryan3000000 · · Score: 2, Insightful

      Yes, you need a baseline on the current/usual rainfall. For example, assume it customarily rains 24 hours a day, one inch per hour. You do not know this information. You are told that it is going to rain for a straight week. You predict a rise in the river. Your prediction is wrong, because it is always raining and the river level has assumed equilibrium.

      You don't need a baseline on the water level - you need a baseline on the rate of rainfall. To predict a rise in attacks, you would need to know the current frequency of attacks, or at least something about how often they have occurred. Pretty basic stuff here - think before you post.

    5. Re:A rise? by Anonymous Coward · · Score: 1, Funny

      yes, it's still a prediction.

      Yes it's probibly accurate (note: the amount of rain receved is enough information to make accurate assesments, while still not knowing the original river-depth)

      what it is NOT is testable.

      just because a prediction is untestable has no bearing on it's accuracy.

    6. Re:A rise? by PolygamousRanchKid+ · · Score: 0, Flamebait

      I don't think anyone knows how much state sponsored cyber attacks are currently going around, but I would imagine quite a bit.

      Well, maybe we should try the polite approach and just ask every country, about their state-sponsored CyberAttacks? I'm sure almost every country would be willing to oblige. If not, the U.N. Security Council could pass a resolution requiring states to divulge their CyberHankyPanky. That would have them all quaking in their boots!

      Until then, buy more CyberSecurity products! It's good, clean, wholesome fun!

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    7. Re:A rise? by Monkeedude1212 · · Score: 2, Funny

      just because a prediction is untestable has no bearing on it's accuracy.

      It has a huge bearing on its accuracy, you can't BE accurate without testing it!

      "Aliens live on mars" - I can claim that is an accurate prediction so long as we do not test that claim.

    8. Re:A rise? by Anarchduke · · Score: 2, Informative

      Very analytical. However, the post you replied to never mentioned that he needed to know the previous condition of rainfall, only that he didn't need to know the previous condition of the river. Perhaps he thought that the previous baseline of rainfall you were referring to was, as you put it, "pretty basic stuff", and didn't need to be mentioned.

      In terms of the actual article, I interpreted that MozeeToby was saying that just because one don't know current amount of government sponsored IT attacks doesn't mean you can't guess it will go up. Just like MozeeToby, I can safely assume it will only increase, once more and more countries create dedicated cyber-warfare groups.

      As far as the history of rainfall (or cyber attacks) goes, it had never even sprinkled before 29 October 1969.

      --
      who prays for Satan? Who in 18 centuries has had the humanity to pray for the 1 sinner that needed it most? ~Mark Twain
    9. Re:A rise? by WrongSizeGlass · · Score: 1

      To know there is a rise you would need to have some kind of baseline on the current situation..

      Even if there are zero now it is reasonable to predict there will be a rise in the number.

    10. Re:A rise? by Bryan3000000 · · Score: 1

      I'm certain it takes a great deal of data analysis and expertise to predict that information attacks will increase. Anything that can be properly classified as a safe assumption makes for silly predictions.

      More to the point, while the current level of the river may not affect a safe assumption about the rise, the prediction is pretty worthless without such supporting information. Also pretty basic stuff that you almost certainly know and recognize. Yet you try to gloss it over. Not only is this information important, but the entire conversation is pointless without such information. You can't have a clue as to where or how strong to build the levees if you don't even know the water level. Thus, as was originally suggested, there is a very real need for a baseline. This holds true on every data point.

    11. Re:A rise? by dropadrop · · Score: 1

      In this case you have no idea how much it has previously rained, somebody (selling umbrellas) has just predicted it will probably rain even more next year.

      I'm not saying you are wrong, just saying it's probably already far more common then one would assume (given how little it's talked about).

    12. Re:A rise? by Anonymous Coward · · Score: 0

      Please learn the difference between a prediction and an assertion.

      Then maybe I'll laugh at your jokes, instead of laughing at you.

    13. Re:A rise? by Anonymous Coward · · Score: 0

      sure you can be accurate, you just can't KNOW that your accurate.

      what you know has no bearing on what is.

  2. weeeeeeee by kaoshin · · Score: 4, Insightful

    Company that sells security solutions predicts need for more security. The surprises just keep coming.

    1. Re:weeeeeeee by countSudoku() · · Score: 1, Flamebait

      Not only that, but the threat will be "right in the palm of your hand" and that should be scary enough for the average IT joe to spend some not so average cash on a problem that can't be quantified. How many apps does the average idiot download anyway? I stopped after 50 first month with my iPod and have not upgraded or bothered to find any since. Like the apps on facebook, the apps on the app store are mostly useless crap for shitheads. Period.

      --
      This is the NSA, we're gonna geet U h@x0r5! Also, what is a h@x0r5?
    2. Re:weeeeeeee by hellkyng · · Score: 2, Insightful

      Indeed, especially considering the security companies selling their junk are terrible failures at preventing malware just like stuxnet. I really don't seem them stepping up to brawl with state funded players any time soon.

    3. Re:weeeeeeee by phek · · Score: 1

      you're confusing the AV market with the security market. the AV market is always behind the new virus'/worms because that's what they do, wait for some virus to come out and once it gets popular create a definition for it. The security industry on the other hand is constantly finding and reporting new vulnerabilities in software. Sure there's still something to be desired with the security vendors but they are definitely stepping up to brawl with state funded players. Well maybe not qualys or rapid 7, they're too busy boasting and lying (respectively) to their customers to bother producing anything useful.

    4. Re:weeeeeeee by rtb61 · · Score: 1

      Companies that sell networking solutions will start promoting parallel networks. An inside secure network and an outside less secure network, with separate devices on both networks and no connection between the two networks. Hardware is cheap enough and you can wire the secure network and wireless the insecure network.

      So insecure personal, email and internet access, secure everything else and when it leave s the office it only does so on dedicated lines, hard copy or controlled and specifically checked data only devices.

      Saving a few pennies only to have it cost you tens of thousands even hundreds of thousands of dollars makes no 'cents'. If it absolutely, positively, most certainly, doesn't have to be connected to the internet that don't connect it to the internet.

      Smart terminals without storage media devices for internal and smartbooks with ready to rebuild backups for external ie if the external goes down, meh, fix it in ten to twenty minutes inform the user of the error and away they go, meanwhile internal productivity continues uninterrupted. PS only authorised network security officers port data from the external to the internal network after it is scanned. It costs a little more in the short term but it is guaranteed to save millions even billions in the long term.

      --
      Chaos - everything, everywhere, everywhen
    5. Re:weeeeeeee by Anonymous Coward · · Score: 0

      But the average IT joe doesn't have a nuclear plant

  3. Woah by Lanteran · · Score: 1

    I'm shocked.

    --
    "People don't want to learn linux" hasn't been a valid excuse since '03.
  4. Update or die. by Anonymous Coward · · Score: 1, Funny

    I want to see this force carriers to make available up-to-date software on phones, even if they're a year or two old.

  5. I add between 50-2000 new bad sites a day... apk by Anonymous Coward · · Score: 1, Insightful

    To a custom hosts file: That tell you anything? It used to only be that many a month years ago prior to I'd say, 2004 or thereabouts...

    Additionally, to so do, I'm still using the same decent sources as well as my own I built up from the same sources since 1997:

    Spybot Search & Destroy's "IMMUNIZE" feature
    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
    http://www.malware.com.br/lists.shtml
    http://securitylabs.websense.com/content/alerts.aspx
    http://www.stopbadware.org/
    http://blog.fireeye.com/
    http://mtc.sri.com/
    http://www.scansafe.com/threat_center/threat_alerts
    http://news.netcraft.com/
    http://www.shadowserver.org/
    https://zeustracker.abuse.ch/monitor.php?filter=online

    Today/Nowadays? It's worse than it was as far as PC's being @ risk online just on sheer numbers of bogus sites or even banner ads that are maliciously scripted in intent. Just on sheer numbers alone.

    APK

    P.S.=> In summation, all I can tell you, from my "POV" of making a hosts file full of known malware or maliciously scripted sites for a LONG time now is, it's gotten worse, & is happening FAR faster than it used to be (more folks understand coding now is why most likely & the tools are simpler/better too), & I've been building up a closing in on 1 million bogus sites based HOSTS file for over 14 or so years now as my basis in fact here is all...

  6. Heidi Klum by Anonymous Coward · · Score: 0

    > State-sponsored cyberattacks expected to rise.

    Well, that's only because there's a rumor Heidi Klum is the next terminatrix. But don't state-sponsored cyberattacks deserve their privacy?

    Oh wait, the TSA.

    Obligatory xkcd.

  7. seriously though? by nimbius · · Score: 2, Insightful

    this is a security company telling you information that drives their sales. its like an ice cream manufacturer saying "i see a need for more ice cream in the future."

    im surprised slashdot hasnt become more abrasive toward this type of annoying product placement and corporate fear mongering.

    --
    Good people go to bed earlier.
    1. Re:seriously though? by wiredmikey · · Score: 1

      Ninmius, I agree with what you are saying as far as the info coming from a security company. That being said, those are the types of companies actively doing this type of research. In other words, why would another company not in the industry do this type of research. Despite coming from a vendor, many of these reports are helpful and almost essential in helping organizations stay more secure. Knowing of a threat after it happened isn't very good, but understanding trends and what may come next is even more important. So it's just a realization that these reports do come from security vendors or market research firms, sponsored by a security firm which is just as much the same. :)

    2. Re:seriously though? by Anonymous Coward · · Score: 0

      serious = most, if not ALL, of the 'warnings' from the past, that people use as examples to indicate that security companies are the ones putting out the warnings "to sell their products" were actually talking about bad things that actually, eventually happened.

    3. Re:seriously though? by VortexCortex · · Score: 1

      this is a security company telling you information that drives their sales. its like an ice cream manufacturer saying "i see a need for more ice cream in the future."

      im surprised slashdot hasnt become more abrasive toward this type of annoying product placement and corporate fear mongering.

      That's because We Like Ice Cream; We love it. We can not resist ice cream. To resist is hopeless...

  8. I have an idea by ILuvRamen · · Score: 0

    You know what would make them stop spreading? I read up on Stuxnet and MAYBE they shouldn't have put their computers containing PLC software on the internet. Maybe all nuclear power plant computers and government computers that do anything important shouldn't be on the internet. Even USB drive infections of offline machines won't do much with no command and control and no ability for the virus to to report back anything.

    --
    Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
  9. Not news worthy... by exentropy · · Score: 0

    Cmon /. people have been predicting a rise in state sponsored cyber attacks and cellular phone attacks for >5 years. Guess what? We haven't seen it! So why, when some random security group affirms their belief in this, does /. think this is news worthy?

    1. Re:Not news worthy... by Anonymous Coward · · Score: 0

      it WILL happen. How \ why do you think it can't \ won't? profit is the biggest motivator. We STILL see in our society that companies that CAN do, do not always do so, when they can make so much profit NOW by waiting . . . . .

  10. APT? Why the need for a new acronym? by John+Saffran · · Score: 1
    All the hype about APTs being some sort of new and fashionable attack method is puzzling. Ultimately the core is simply another form of malware, perhaps used for a slightly different purpose than the old-school script kiddie website defacing, but ultimately the same principles of security apply just as much to APT as they do to any other form of attack.

    Or in other words:

    The fact is this - malware has always had the ability to be updated in the field, it has always been able to be remote controlled, and it has always had the ability to spawn a remote shell to a live attacker. And, it has always had the ability to scan the file-system for files like source-code and CAD drawings, and it has always had the ability to exfiltrate those files. At all times and without exception, these malware programs have been operated by real and persistent humans at the other end. The malware doesn't operate itself, it's not an automaton. For the last 365 days, I just called that malware.

    http://fasthorizon.blogspot.com/2010/02/is-term-malware-eclipsed-by-apt.html