Wednesday, March 13, 2013

Cyber war trends: good, bad and scary

The attention paid to Chinese cyberwarfare may be increasing, and warnings of doomsday from the government correspond to the new attention, but a new report from Mandiant, the company hired by the New York Times to cleanse their servers after a Chinese attack, suggests that, at long last, private companies are beginning to devote the resources required to fend off these deaths by a thousand cuts.

In the past, embarrassment, risk aversion and a sense that if a state does it, our state has to respond to it, has prevented the development of cyber-defense best practices, even for companies that control big systems that touch our lives daily. In 2011, only six percent of Mandiant clients discovered a cyber intrusion on their own. In 2012, 37% discovered the intrusion before Mandiant?set up a wall around their systems. Mandiant also says that the average time of the attack is down by about 40 percent, suggesting that counter-measures work as a deterrent. ?Still, fully two-thirds of attacked companies were not aware of it until an external source like Mandiant informed them about it.

SEE MORE: What's behind the decline in gun ownership?

At the same time, attacking techniques are getting more efficient. It's easier for attackers to map networks now -- reconnaissance, and it's easier to identify meaty morsels to steal or compromise.

Mandiant says that, according to its research, defense companies are the most frequent targets of APT1 -- "Advanced Persistent Threat 1," which refers to a specific and controlled campaign of cyber espionage by a single military entity in China. Oil and gas and other energy companies are next, followed by financial institutions. The targeting of media has increased threefold, from two percent to seven percent.?

SEE MORE: Will Obama drag down Democrats in 2014?

China has figured out that small companies with expensive secrets often outsource their information technology services to larger defense companies, and often will use the outsourced firm as a mechanism to get to their real target. ?General IT service providers are also used as a mechanism to infiltrate real targets. Indeed, Chinese hackers will often implant malware on the network and wait until a chance comes to compromise the intended target. This suggests a very high degree of coordination and planning.

Intelligence gathering is a hallmark of sophisticated Chinese hacking; the idea of network reconnaissance?in the cyber world is analogous to what the CIA does in mapping out a terrorist network. Before acting, they spend months, if not years, figuring out the organizational chart, figuring out the vulnerabilities, looking for couriers and points of connection, and then attacking when their picture is of a high enough fidelity. Additionally, the correspondence between the technology stolen and the needs of Chinese industry is very close. Even when companies detect and rid themselves of the threat, Chinese hackers are likely to re-attack the same enterprise 40 percent of the time.

SEE MORE: 7 scams targeting Florida seniors ? and how to avoid them

The most interesting part of Mandiant's report is what they have to say about the P.L.A. unit that is likely responsible for the largest and most damaging cyber-intrusions, which is Unit 61398, which is organized as a discrete intelligence unit under the PLA's General Staff Department's 3rd Department, which is responsible for military intelligence. The New York Times has reported some of it, but Mandiant goes into more detail in their new report.

Mandiant has also decided to be helpful to companies it does not do business with. It's releasing what it knows about the Unit's techniques, which will give U.S. companies a better sense of how to defend against them. China will come up with new techniques, and the old ones will still work for a while, but the open-sourcing of this information will benefit everyone. It hardens the target, assuming that Amercians take it seriously.?

SEE MORE: How to make flying a joy

View this article on TheWeek.com Get 4 Free Issues of The Week

Other stories from this section:

Like on Facebook?-?Follow on Twitter?-?Sign-up for Daily Newsletter

Source: http://news.yahoo.com/cyber-war-trends-good-bad-scary-235300612.html

north korea news north korea news giuliana and bill giuliana and bill bill rancic nflx chicago blackhawks

No comments:

Post a Comment