Collateral damage

As global political tensions continue to escalate, are acts of cyber-warfare set to cause headaches for regional enterprises?

Tags: FireEye ( IncorporationUniversity of Wollongong in Dubai (UOWD)
  • E-Mail
Collateral damage NATO websites were recently disabled by suspected pro-Russian hackers.
By  Tom Paye Published  April 15, 2014

As global political tensions continue to escalate, are acts of cyber-warfare set to cause headaches for regional enterprises?

In March, a pro-Russian cyber-group called Cyber Burkut disabled a number of NATO websites using a DDoS attack, citing anger over Western influence in the Crimea region of Ukraine. The attack was carried out a day before a Crimean referendum on secession from Ukraine, amid frosty relations between neighbouring Russia and Western powers, and it was the first high-profile act of ‘cyber-warfare’ to be seen throughout the Ukraine crisis.

According to a number of industry experts, where political tensions grow, acts of cyber-warfare usually follow. The latest attack on NATO provides evidence for this, as does the growing number of attacks seen throughout the Syria crisis, which is now entering its fourth year. In January this year, it was announced that the Syrian Electronic Army — a pro-Assad government hacking group — had hacked several Microsoft Twitter accounts, as well as Skype’s official blog. There have also been mounting reports of more serious attacks targeting oil and gas companies, financial institutions and critical infrastructure.

According to security vendor FireEye’s founder and CTO, Ashar Aziz, every modern-day conflict now has a cyber-element to it, and this is down to it being easier than ever to secure sophisticated tools to wage cyber-warfare. But where Aziz differs from other industry voices is in his opinion that cyber-warfare will eventually spill over from the arena of war, and begin to affect businesses and individuals.

“I’ve gone on record multiple times to say that I view this as one of the most profound risks of the 21st century,” he says.

“The 21st century is uniquely dependent upon a digital infrastructure and cyber-risk is such an important element of that, even for non-cyber-uses such as power, water and communication — you can be affected by any disruption of the digital infrastructure.”

It would seem that unfolding events support Aziz’s theory. In March, General Dynamics Fidelis Cybersecurity Solutions reported that a hacking group, identified as STTEAM, had hit an unspecified number of oil and gas organisations, and threatened to move onto government ministries. The group compromised webpages from various organisations, leaving behind a bragging board that incorporated the Anonymous logo, Fidelis said.

Little was said about the extent of the damage caused by the attack — as is always the case — but Fidelis said that the STTEAM group operates by uploading ASP shell backdoors, which give access to other systems.

Earl Perkins, research vice president at Gartner, describes the cyber-warfare threat as “real”, but he believes the major problem facing the Middle East is one of unpreparedness for such attacks. The nature and scope of security threats have changed, and many executives fail to understand how the situation can affect their bottom lines, he says.

“A revolution is coming in the way enterprises organise for security — it will no longer be just about ‘information’ or ‘IT’ security, but will have a broader remit that includes operational technology (OT, which means industrial control and automation systems), physical security and mobile security,” he says.

“In other words, the new security responsibility is IT, plus OT, plus physical and mobile.”

Whether Middle Eastern end-users see things the same way is up for debate. Outside of the oil and gas sector, most politically motivated attacks have amounted to nothing more than nuisance attacks — website defacements and such. For another, many IT teams are still concentrating on more traditional attacks that come about through spam and viruses.

Joseph Aninias, manager of IT and telecommunication services at the University of Wollongong in Dubai, explains that, while his team keeps abreast of politically motivated cyber-attacks, they look at security more holistically.

“The truth is we’re looking at patterns, or unusual internet activity. You’ll sometimes wonder why the network is so slow, so then you’ll look at your logs and then look at the peak,” he says.

However there seems to be a consensus on how best to tackle the issue. Aninias and Perkins both maintain that user education is the best way to defend against the latest breed of threats.

“If you throw technology at this problem or view it only in the context of technology, you will fail in your efforts to adequately protect your enterprise,” says Perkins.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code