Friday, March 29, 2013

And still more cyberwarfare attacks on the US banking system

The online attacks on US banks that I've discussed previously here appear to be escalating, which is worrisome. Recent innovations include infecting and hijacking data centers to launch denial of service attacks on commercial banking sites that are orders of magnitude larger than previous assaults. The New York Times piece cited above argues that opposition to regulations designed to help limit the effect of such attacks has begun to diminish in the private sector as the attacks have accelerated. I'm kind of iffy about that, or at least I haven't seen much evidence of that shift to date.

The real question for me is what is the threshold that would trigger retaliation by the US government against attackers. It doesn't sound like one exists in Washington yet, making that particular border between peace and war all the blurrier and more dangerous. It also begs the question of would a response be kinetic or network based?

The attacks on US banks are widely believed to be Iranian and carried by the same intelligence group that destroyed 30,000 computers belonging to the Saudi Arabian oil firm Aramco last year. Recent weeks have also seen a wave of effective attacks on South Korean banks and television stations, though these are believed to be the work of North Korea.

At this point I'm starting to wish that we would retaliate in some fashion. I'm not a big fan of outside interventions, and at this point the last thing we need here in the US is another war or major conflict. On the other hand, from what I've seen while traveling around this planet of ours, there are still many regions that operate on old-style schoolyard rules where bullies keep escalating as long as they meet with no effective responses from either the victims or authorities. It's sad, it's crappy, but also unfortunately true. That said, any response, physical or bit-based, should be proportional in the damage that it inflicts, and we should be prepared to wind things down quickly if the other side backs off.

My biggest fear is that the attacks will continue until someone inflicts major damage that either demands a massive physical response, and drags several states into a war that escalates out of control, along the lines of the tragic first few months of World War I.

Also in the news this week is an ongoing denial of service attack against the Dutch anti-spam group Spamhaus. The media coverage of this event has gotten seriously carried away, with news organizations like the BBC and New York Times claiming that the attacks are on a scale that threatens the operation of the Internet itself. As far as I can tell from looking at more technically oriented news sources that are knowledgeabl on Internet issues, this is largely bunk. While there have been some regional slowdowns linked to attack, there has been nothing global in scope, nor have any core functions been threatened.

Still it's a reminder that both state and private party cyberwarfare is an important issue that will only grow more important with time, and already posses the potential to have a noticeable economic impact on both banking and infrastructure. It's also becoming more widespread. This week, one of my favorite webcomics was subject to repeated DOS attacks, for reasons that are unclear at the moment.

No comments: