Pages

Friday, February 5, 2010

Cyber warfare begins, Cyber attacks in 2010

I have recently been following the attacks/hacks that have hit several of the internet's biggest "assets".

Is this cyber warfare?  Why is China attacking these companies? Is it really China?  Is china being used as a proxy for these attacks?  Could they be Russian? With the nature of the internet these are questions that cannot be answered until more information is obtained.  The scary fact is that we rely on the internet for just about every part of our daily lives in one way or another.  The internet is not built to handle cyber warfare on a large scale.

The kinds of attacks we are seeing are getting more and more sophisticated where the attacks are no longer a mass scan of computers and hack what is vulnerable.  The attacks we are seeing now are targeting specific computers even specific employees within an organization who have access to privileged data on the networks that other employees may not.  This allows them to create attacks from an inside computer which basically nulls the effectiveness of security lists, firewalls and other security measures put in place.  This also gives them access to sensitive data that an outside attack may not.

While these kinds of attacks are major, I have real concerns about what else these types of attacks are capable of doing.  When you look at possible attack vectors on the internet which are basically paths to hack your way onto a network or computer I come up with a couple more attack vectors that have not been seen yet and that I feel every person, provider, backbone, and entity in the world needs to be prepared to step in and stop.

These attacks include the denial of service attack and distributed denial of service attack.  What happens when the attacks go from country sponsored hack attacks to country sponsored denial of service attacks?  Country sponsored DDOS attacks could potentially shut down an entire countries internet and backbone providers in seconds.

I looked around spots on the internet for prices on hacked computers and I came up with around $100-$150 us dollars for 10000 hacked computers.  Finding out where to buy them was as simple as using Google.

I am taking a wild stab at figures here but let’s say each computer has about a 256kbps upstream.  That is 2500mbps of bandwidth that can be sucked up for around $100.  That is enough traffic to take down hundreds of computers at a data-center, key routers at internet service providers or many other dangerous scenarios.   With the sophistication of the hacking attempts going on, we need to get our networks secure and a plan in place to stop this if it ever happens.


Stay tuned for more, I will continue to follow this story and update on anything interesting as it happens.  For a very in depth audio about some of the recent attacks check out this podcast.



Ill be fighting to legalize freedom tell the day I die.

No comments: