Slashdot Mirror

← Back to Stories (view on slashdot.org)

State-Sponsored CyberAttacks Expected To Rise

Posted by Soulskill on from the nowhere-to-go-but-up dept.

wiredmikey writes "According to a report released today, IT security professionals will see a rise in State-sponsored attacks, like the Stuxnet worm, that will build on concepts and techniques from the commercial hacker industry to create more powerful 'Advanced Persistent Threats.' The researchers also expect an increase in compromised mobile devices leading to data theft or loss as a result of lagging security measures, and that next year will bring the first major data breaches as a result of compromised devices. The biggest potential impact will be caused by the proliferation of sophisticated mobile devices interacting with corporate networks."

9 of 33 comments (clear)

  1. A rise? by dropadrop · · Score: 4, Insightful

    To know there is a rise you would need to have some kind of baseline on the current situation. I don't think anyone knows how much state sponsored cyber attacks are currently going around, but I would imagine quite a bit. Most states will have quite a high level of technology and far more motivation to keep things secret then your average cyber criminal. Maybe one (kind of) exception is Russia where the cyber criminals are state friendly to a level where they will (with or without actual concent) do cyber attacks for the states benefit (look at ddos attacks at estonia as an example).

    1. Re:A rise? by ColdWetDog · · Score: 3, Insightful
      "Boy, that's one mean piece of software. Hottest thing since sliced bread. That goddamn thing is invisible. I just rented twenty seconds on that little pink box, just left of the T-A ice; had a look at what we look like. We don't. We're not there."

      Neuromancer, William Gibson. 1984.

      Truth - stranger than fiction, if lagging a bit in time.

      --
      Faster! Faster! Faster would be better!
    2. Re:A rise? by MozeeToby · · Score: 2, Insightful

      To know there is a rise you would need to have some kind of baseline on the current situation.

      You do? If it rains for a week straight I can make a prediction that the river level will rise over the course of that week without knowing what the level of the river was before it started raining. It could be a dry creek bed or it could be an inch from bursting it's banks, that information doesn't necessarily factor into my prediction of a rise.

    3. Re:A rise? by Monkeedude1212 · · Score: 3, Insightful

      You do? If it rains for a week straight I can make a prediction that the river level will rise over the course of that week without knowing what the level of the river was before it started raining. It could be a dry creek bed or it could be an inch from bursting it's banks, that information doesn't necessarily factor into my prediction of a rise.

      Is that an accurate prediction?

      What if the week before it was raining more, like a monsoon, and the week after it was hit with tidal wave?

      Point is, the fact that you know its happening doesn't actually mean it's going up. You need to know what it was like before for it to have any meaning.

      Your whole point was based on the assumption that it wasn't raining before your week started, thus, you knew the existing preconditions.

    4. Re:A rise? by Bryan3000000 · · Score: 2, Insightful

      Yes, you need a baseline on the current/usual rainfall. For example, assume it customarily rains 24 hours a day, one inch per hour. You do not know this information. You are told that it is going to rain for a straight week. You predict a rise in the river. Your prediction is wrong, because it is always raining and the river level has assumed equilibrium.

      You don't need a baseline on the water level - you need a baseline on the rate of rainfall. To predict a rise in attacks, you would need to know the current frequency of attacks, or at least something about how often they have occurred. Pretty basic stuff here - think before you post.

  2. weeeeeeee by kaoshin · · Score: 4, Insightful

    Company that sells security solutions predicts need for more security. The surprises just keep coming.

    1. Re:weeeeeeee by hellkyng · · Score: 2, Insightful

      Indeed, especially considering the security companies selling their junk are terrible failures at preventing malware just like stuxnet. I really don't seem them stepping up to brawl with state funded players any time soon.

  3. I add between 50-2000 new bad sites a day... apk by Anonymous Coward · · Score: 1, Insightful

    To a custom hosts file: That tell you anything? It used to only be that many a month years ago prior to I'd say, 2004 or thereabouts...

    Additionally, to so do, I'm still using the same decent sources as well as my own I built up from the same sources since 1997:

    Spybot Search & Destroy's "IMMUNIZE" feature
    http://ddanchev.blogspot.com/
    http://www.malwareurl.com/listing-urls.php?page=1&urls=off&rp=
    http://www.malware.com.br/lists.shtml
    http://securitylabs.websense.com/content/alerts.aspx
    http://www.stopbadware.org/
    http://blog.fireeye.com/
    http://mtc.sri.com/
    http://www.scansafe.com/threat_center/threat_alerts
    http://news.netcraft.com/
    http://www.shadowserver.org/
    https://zeustracker.abuse.ch/monitor.php?filter=online

    Today/Nowadays? It's worse than it was as far as PC's being @ risk online just on sheer numbers of bogus sites or even banner ads that are maliciously scripted in intent. Just on sheer numbers alone.

    APK

    P.S.=> In summation, all I can tell you, from my "POV" of making a hosts file full of known malware or maliciously scripted sites for a LONG time now is, it's gotten worse, & is happening FAR faster than it used to be (more folks understand coding now is why most likely & the tools are simpler/better too), & I've been building up a closing in on 1 million bogus sites based HOSTS file for over 14 or so years now as my basis in fact here is all...

  4. seriously though? by nimbius · · Score: 2, Insightful

    this is a security company telling you information that drives their sales. its like an ice cream manufacturer saying "i see a need for more ice cream in the future."

    im surprised slashdot hasnt become more abrasive toward this type of annoying product placement and corporate fear mongering.

    --
    Good people go to bed earlier.