As part of its wide-ranging study ‘Future Global Shocks’, which is looking into possible disasters ranging from global pandemics to volcanic eruptions, the Organisation for Economic Co-operation and Development today issued a report warning world leaders to prepare for more disruption from cyber attacks.
In the wake of the recent Wikileaks Hacktivist cyber attacks this is already a hot issue for banks, card issuers and internet payment payments, so the advice could hardly be more relevant or timely. The report, ’Reducing Systemic Cybersecurity Risk’, was jointly penned by Peter Sommer of the Information Systems and Innovation Group and Dr Ian Brown of the Oxford Internet Institute. It warns governments that they must make plans to deal with and recover from a wide range of unwanted cyber events, both accidental and deliberate.
It warns of a growing risk of localised misery as a result of compromised computer and telecommunications services, and also points out that these services are essential tools in recovering from all manner of large-scale global disasters. It identifies possible catastrophic cyber-related events including
- An attack on one of the underlying protocols, such as the Border Gateway Protocol, on which the Internet depends
- Large-scale solar flare which could destroy physical Internet components such as satellites, cellular base-stations and switches
The type of Hacktivist attack recently experienced by PayPal, MasterCard and Visa are judged to be relatively localised and short-term in effect. The real danger lies in the possibility of cyber-attackers managing to identify targets so far unconsidered by the security community, and to go on identifying and attacking them faster than new security technologies can keep up with them. The recent Stuxnet attack against Iranian nuclear facilities is quoted as an example of this type of threat.
Cyber attackers can be driven by a variety of different motivations ranging from financial gain to political protest, and from idealism to terrorism; some hackers will try and cause mischief just for fun, to show off their own skill or to highlight weaknesses in security systems. The report authors doubt that all-out cyber warfare is likely to happen, but warn that the use of cyber-weaponry such as hacking, viruses, worms, Trojans, denial of service and distributed denial of service, root-kits and social engineering, is already wide-spread and looks set to become ubiquitous.
No comments:
Post a Comment