North Korea

Cyber War

July 9th, 2015

Cyber war is soon becoming a reality. Recent attack on Sony is just the beginning. Security expert Bruce Schneier mentioned the possible destruction caused by cyber war in his address at the recent InfoSec Europe security conference in London.

“We are in the early years of a cyber war arms race,” he said. “We have seen China attack Github, we have seen countries attacking companies, and I think we are going to see much more of that in the future.”

He also mentioned that countries like North Korea have a natural advantage in this type of cyber warfare because of the basic level of technical infrastructure that they possess.

“North Korea has natural cyber-defenses in that it only has about 1,000 IP addresses, and it has only very few computers so its ‘terrain’ is very defensible. By contrast the U.S. is extremely vulnerable because it has lots of computers and Internet infrastructure.”

Also, some cyber warfare attacks may be carried out by groups (such as terrorist organizations) rather than countries.

“We are living in a world now where we can be attacked and not know if the attacker is a foreign government or just a couple of guys, and that is freaky,” Schneier said. “Technology is spreading capabilities, and the same weapons and tactics are available to everyone.”

In the real world scenario it is difficult to understand who is behind the attacks. Schneier mentioned one incident where Israeli war planes attacked and destroyed a nuclear facility in the Middle East 10 years ago.

“Four years later the Israelis and the U.S. attacked an Iranian uranium enrichment facility plant (at Natanz) using a cyber-weapon (Stuxnet). But the Iranians didn’t know that they had been attacked, let alone who did it,” he said. “Attribution can take weeks or months.”

Types of Cyber Attacks

  • Low focus, low skill attacks – Carried out by newbie
  • Low focus, high skill attacks – Involves identity theft and credit card breaches
  • Low skill, high focus attacks – It generally includes bypassing security measures
  • High focus, high skilled attacks- Most advanced

“To defend against low focus attacks you just need to be more secure than the guy next to you,” said Schneier. “With highly focused attacks this relative security is irrelevant; your security has to beat the attacker’s skill. With a high focus, high skill attack, a sufficiently skilled attacker will always get in. We are all vulnerable.”

Without the ability to attribute attacks, Schneier pointed out that it is also impossible to distinguish between computer network exploitation, a classic data breach where an attacker exploits vulnerabilities to steal things, and computer network attacks, where the attacker’s motivation is to cause damage. It’s the difference between copy *.* and delete *.*, in other words, he said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.