Published on August 2nd, 2011 | by Alexis Argent0
Network security becoming a tougher battleground
The need for network security protection at many types of organization has increased dramatically with the proliferation of cyber attacks affecting governments and major businesses, according to a report from Bloomberg.
Particularly for companies that have made significant investments in computer-centric intellectual property, security breaches and data theft can be existential threats to business continuity, the news source said.
“Last year, for example, Google accused China of spying on the company’s workers and customers. It said at the time that at least 20 other companies were victims of the same attack, nicknamed Operation Aurora by the security firm McAfee. The hack included Adobe Systems, Juniper Networks and Morgan Stanley,” according to the report.
Dozens of others, ranging from Lockheed Martin and Intel to the Indian Defense Ministry, the International Monetary Fund, and the Pacific Northwest National Laboratory, have suffered similar assaults. Earlier this year hackers raided the computer networks of RSA, a marquee security firm that protects other companies’ computers. They stole some of the most valuable computer code in the world, the algorithms behind RSA’s SecureID tokens, a product used by U.S. government agencies, defense contractors, and major banks to prevent hacking. It was like breaking into a heavily guarded locksmith and stealing the master combination that opened every vault in every casino on the Las Vegas Strip.
Last year, Stuxnet—whose existence was first reported by security blogger Brian Krebs—appeared in dozens of countries, targeting what are known as programmable logic controllers, ubiquitous industrial computers the size of cigarette cartons. Stuxnet was designed to harm only one kind: controllers processing uranium fuel at a nuclear facility in Iran. People who have analyzed the attack think someone slid a thumb drive with Stuxnet code into a Windows PC that was linked to the centrifuges, which were buried in a bunker. The worm then ordered the machinery to spin too fast, eventually destroying it. While all this happened, Stuxnet remained hidden from the Iranian technicians at the facility. The worm disabled alarms and fed the workers fake log reports that assured them the centrifuges were operating just fine.
Stuxnet set Iran’s nuclear program back months. It didn’t merely compromise some database, like most computer worms; it obliterated something physical. “Stuxnet was the equivalent of a very high-powered ballistic weapon,” says Ed Jaehne, the chief strategy officer at KEYW , a fast-growing computer security firm in Maryland. As researchers dissected the technology and hunted for motives, some of them pointed to the U.S. or Israel as the worm’s likeliest place of origin.
The success of the Stuxnet worm – which infected computers governing centrifuges at an Iranian nuclear research facility and destroyed valuable equipment – demonstrates that physical security can be endangered by network security breaches as well, Bloomberg added.
Cyber weapons have existed for years, mostly in military and national intelligence agencies. Security experts have confirmed that work by Northrop Grumman , Raytheon , and General Dynamics , the stalwarts of the traditional defense industry, is helping the U.S. government develop a capacity to snoop on or disable other countries’ computer networks. The industry started to change around 2005, however, when the Pentagon began placing more emphasis on developing hacker tools specifically as a means of conducting warfare. The shift in defense policy gave rise to a flood of boutique arms dealers that trade in offensive cyber weapons. Most of these are “black” companies that camouflage their government funding and work on classified projects. “Five years ago, there was an explosion that occurred,” says Kevin G. Coleman, the former chief strategist of Netscape and author of ‘The Cyber Commander’s eHandbook’ , a downloadable guide. “People with offensive capabilities just burst onto the scene.”
Gunter Ollmann, a computer security expert and former X-Force director, says the seductive power of cyber weapons may override governments’ fear of the instability their use may cause. But he also believes the weapons may reduce the risk of conflicts fought with tanks and missiles. Stuxnet prevented the open conflict that would have ensued from bombing the Iranian nuclear facility. Nations with advanced digital arsenals could use the technology to bend rogue states to their will, shutting off the lights in Caracas, for example, or disabling the harbor in the Libyan capital. “It shifts from being a kinetic battle to siege warfare,” Ollmann says. “I can control your water or your power remotely. And when the whole mess gets sorted out, I can switch them back on again.”
To deal with the Code War, which amounts to a constant state of threat, governments and companies can always try to develop their own technology. As with smart bombs, fighter jets, and other real-world countermeasures, though, it’s often easier to buy than build. “The hacking industry is way ahead in terms of being able to deploy something like a massive botnet,” says Amichai Shulman, chief technology officer at Imperva, a security specialist. “If a nation wants to launch an attack that distributes some kind of malware, it makes more sense for them to just rent an existing botnet.”
And so the unregulated cyber-weapons makers flourish, selling to the highest bidder. Business is great. In a June article in the Atlanta Business Chronicle, Rouland said revenue is “more than doubling yearly.” He recently opened an office in Washington and is increasing head count from 40 to 100 this year. On June 15, just before his firm disappeared from the Internet, the Metro Atlanta Chamber named Rouland the 2011 Business Person of the Year, Early-Stage Entrepreneur category.
Although most businesses aren’t yet likely targets for highly destructive malware, experts say they should err on the side of caution when building up protection for their wireless and wired network infrastructure alike.
For more information regarding AirTight products, please visit our AirTight Product Page