Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity
    • IT Management
    • Networking

    Fighting 21st Century Cyber-Threats

    Written by

    Fahmida Y. Rashid
    Published September 6, 2011
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      In the 10 years since hijackers flew two passenger jets into the World Trade Center in New York City and a third one into the Pentagon, federal, state and local governments have struggled to secure transportation systems and physical infrastructure from terrorist attacks.

      However, the damage was done. The attacks ended-probably forever-Americans’ belief that we were immune from the terrorist attacks that had plagued the Middle East, Europe and the Asia-Pacific regions for years.

      Since then, Americans and technology-savvy people around the world have had to deal with another source of unease: insecurity about whether the computer systems people and institutions rely on are safe from theft, corruption and destruction by advanced cyber-threats.

      In 2001, the closest thing we had to social media was SixDegrees.com, and cyber-threats mostly involved stalling Website operations, compromising PC performance and occasionally destroying database files.

      However, in the past 10 years, cyber-threats have evolved into sophisticated attacks that can cripple large enterprises, steal credit card numbers and personal identities, empty bank accounts, and probe the depths of enterprise and government networks before draining databases full of sensitive documents or trade secrets.

      Ten years ago, viruses were still primarily the work of amateurs, said Mikko Hypponen, chief research officer at F-Secure. “People weren’t writing keyloggers and viruses to make money,” he added. The most common way of getting infected was via a malicious executable file attached to an email message. That kind of attack would no longer work, as those emails would now be blocked.

      It was easy to tell when a user was infected back then, as malware would produce an effect, such as crashing the computer. Now, sophisticated malware lurks silently on infected systems and harvests data. It’s nearly impossible to tell if a user has been infected, Hypponen said. Cyber-threats now come from criminals intent on stealing money, extremists out to make a point and nation-states engaged in espionage.

      Shortly after the United States Navy SEAL operation killed Osama bin Laden in his compound in Pakistan, there was an increase in probing attacks on defense systems in an attempt to access information about the operation, Charles Dodd, a government consultant for cyber-defense, told eWEEK. Intruders were after classified information on whom the United States talked to and worked with, as well as the information collected, he said.

      Criminals are increasingly relying on the latest technologies to plan and execute attacks on the Internet-including the use of social networking to push out scams-and they are focusing on developing mobile malware. In fact, Canadian and United States law enforcement organizations have complained about criminals relying on BlackBerry’s encrypted communications to hide their activities.

      Defenses Havent Changed

      While many things have changed in the post-9/11 world, defenses against cyber-terrorism haven’t. Many organizations are still relying on the same defenses developed in the mid-to-late 1990s, said Anup Ghosh, founder and chief scientist of Invincea. “We are defending against 21st century attacks with 20th century technology,” he said.

      The Defense Department and the Defense Advanced Research Projects Agency’s (DARPA) focus on fighting terrorism inhibited innovation in information security, according to Ghosh. Foreign cyber-attackers began penetrating U.S. networks, but instead of publicizing evolving threats and tactics, the government classified the details.

      “The market hasn’t innovated with the adversary because it hasn’t been privy to the exploits or advances in technology,” he said. The security industry is still largely reactive as it focuses on defenses that look for known signatures and patterns of attack when it needs new techniques to defend against cutting-edge cyber-attacks, he added.

      A few years ago, attacking critical infrastructure was just another “movie idea”-something no one thought would really happen-but last year’s Stuxnet Trojan attack was a “wake-up call,” F-Secure’s Hypponen said. Until Stuxnet was discovered, no one realized these kinds of infrastructure attacks were already happening.

      “Look at Die Hard,” said Hypponen. As everything has become connected to the Internet and computers have become more ubiquitous, the film’s plot has become reality, he said.

      But the security situation isn’t completely bleak. We have made some progress, especially in the areas of information sharing and interagency cooperation.

      The private sector has done a good job communicating with the government about protecting the critical infrastructure, Todd Davis, CEO of LifeLock, told eWEEK at a training summit for law enforcement officials at the New York Stock Exchange. The goal was to bring together “front-line” law enforcement and specialized agencies to share information on what techniques criminals are using and what tools are available for the good guys.

      The Defense Industrial Base Cyber Pilot is an example of how industry is working with the Department of Defense to share classified and sensitive data about cyber-attacks. The data collected in a three-month pilot program with 20 companies helped stop “hundreds of attempted intrusions” by identifying malware signatures, said Deputy Defense Secretary William Lynn. The pilot will be expanded to the rest of the industry and key areas of critical infrastructure.

      “We are in a so much better space than we used to be,” LifeLock’s Davis said, adding that now is “one of the best times for collaboration.”

      In addition, advances in technology have made it much easier and faster for law enforcement and business to identify potential problems. Organizations can deploy forensics and monitoring tools to detect anomalous activity in near-real-time, while police officers have access to more information about drivers during routine traffic stops, Davis said.

      The goal of these efforts? To use technology to help stop cyber-attacks.

      Fahmida Y. Rashid
      Fahmida Y. Rashid

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.