It seems every day that world news is full of more examples of growing tensions on the international stage. After the news last fall of Russian bomber jets flying over the Baltic and North Seas and on down to the Coast of Portugal, plus suspected Russian sub sightings near the Swedish capital of Stockholm—all on top of the tensions around Ukraine, the world is feeling more and more like the bad old days of the Cold War. But as the recent hacking incident with Sony Entertainment and the potential involvement of North Korea in the affair highlights, the way in which these tensions play out have changed greatly since Regan and Gorbachev. Today we have an open, borderless information highway called the Internet, and it represents an all-new battlefield for the great powers.
The stories of ‘state’ hackers are as old as the Internet, but it has reached new heights in the last decade. In 2010 the Iranians were attacked with the Suxnet virus, which targeted the destruction of equipment used in their nuclear program. This really brought out the possibilities of what a targeted state attack could do. This past October it was revealed that Russian hackers had hacked NATO and Ukrainian computers using vulnerability in Windows (which has since been patched). The reports indicate that this attack may have gone on for five years, slowly stealing data.
The Sony case represents a new stage of its own, with the most publicized hack from a state actor on a corporation, if not the first. While the details of the attack are still being debated amongst experts, the FBI’s position is that the attacks contain hallmarks that have been documented in previous state attacks from North Korea. This attack clearly shows the problem of cyber security. Even a multi-billion dollar company was devastated by the focused effort of a state actor, and a proportionally small one at that. The only real defense appears to be the dedicated efforts of state grade agencies like the FBI, National Security Agency (NSA), and U.S. Cyber Command (USCYBERCOM).
The situation has become so serious that at the last NATO conference in September, dealing with the situation in Ukraine and Isis, a new policy was endorsed that placed cyber-attacks under Article 5 of the NATO treaty. That is the article which considers an attack against any individual member as an attack against all members. This is a serious statement that puts cyber-attacks on the same level as bombs and invasions.
What does this mean for you? Realistically, state hackers are not looking at hacking small businesses for their data. But state hackers will infect any machine and use it for Distributed Denial of Service (DDoS) attacks in combination with Botnets. Also, the techniques that state hackers develop eventually end up in criminal hacker hands, just like GPS is now available at a corner drug store. So as the cyber cold war heats up between East and West, the world will become more scary, online as well as off.