In the post-9/11 world, 21st century cyber-threats thwart 20th century defenses.
In the 10 years since
hijackers flew two passenger jets into the World Trade Center in New York City
and a third one into the Pentagon, federal, state and local governments have
struggled to secure transportation systems
and physical infrastructure from terrorist attacks.
However, the damage was
done. The attacks ended-probably forever-Americans' belief that we were immune
from the terrorist attacks that had plagued the Middle East, Europe and the
Asia-Pacific regions for years.
Since then, Americans and
technology-savvy people around the world have had to deal with another source
of unease: insecurity about whether the computer systems people and
institutions rely on are safe from theft, corruption and destruction by
In 2001, the closest thing we had to social media was
SixDegrees.com, and cyber-threats mostly involved stalling Website operations,
compromising PC performance and occasionally destroying database files.
However, in the past 10
years, cyber-threats have evolved into sophisticated attacks that can cripple
large enterprises, steal credit card numbers and personal identities, empty
bank accounts, and probe the depths of enterprise and government networks
before draining databases full of sensitive documents or trade secrets.
Ten years ago, viruses were still primarily the work of
amateurs, said Mikko Hypponen, chief research officer at F-Secure. "People
weren't writing keyloggers and viruses to make money," he added. The most common way of getting infected was via a
malicious executable file attached to an email message. That kind of attack
would no longer work, as those emails would now be blocked.
It was easy to tell when a
user was infected back then, as malware would produce an effect, such as
crashing the computer. Now, sophisticated malware lurks silently on infected
systems and harvests data. It's nearly impossible to tell if a user has been
infected, Hypponen said. Cyber-threats now come from criminals intent on
stealing money, extremists out to make a point and nation-states engaged in
Shortly after the United
States Navy SEAL operation killed Osama bin Laden in his compound in Pakistan,
there was an increase in probing attacks on defense systems in an attempt to
access information about the operation, Charles Dodd, a government consultant
for cyber-defense, told eWEEK. Intruders were after classified information on
whom the United States talked to and worked with, as well as the information
collected, he said.
Criminals are increasingly
relying on the latest technologies to
plan and execute attacks on the Internet-including the use of social networking
to push out scams-and they are focusing on developing mobile malware. In fact,
Canadian and United States law enforcement organizations have complained about
criminals relying on BlackBerry's encrypted communications to hide their