DAWN.COM

Today's Paper | December 19, 2024

Published 10 Apr, 2009 12:00am

Cyber spying a threat, and everyone is in on it

MADRID Ghost hackers infiltrating the computers of Tibetan exiles and the US electric grid have pulled the curtain back on 21st-century espionage as nefarious as anything from the Cold War _ and far more difficult to stop.

Nowadays, a hacker with a high-speed Internet connection, knowledge of computer security and some luck can pilfer information thought to be safely ensconced in a digital locker. And the threat is growing, with countries _ including the US _ pointing fingers at each other even as they ramp up their own cyber espionage.

The Pentagon this week said it spent more than $100 million in the last six months responding to damage from cyber attacks and other computer network problems. And the White House is wrapping up a 60-day review of how the government can better use technology to protect everything from the nations electrical grid and stock markets to tax data, airline flight systems and nuclear launch codes.

In 2008, there were 5,499 known breaches of US government computers with malicious software, according to the Department of Homeland Security. That's up from 3,928 the previous year, and just 2,172 in 2006.

Serious breaches by what are described as 'unknown foreign entities' have occurred in recent years in computers at the Departments of Defense, Homeland Security and Commerce, as well as NASA, according to a report by the Center for Strategic and International Studies, a nonpartisan organization in Washington.

The electrical grid might already have been compromised by spies who left behind computer programs that would let them disrupt service, a former US government official told The Associated Press. The official said the sophistication of the attack meant it was almost certainly state-sponsored, but the government does not know its extent because federal officials lack the authority to monitor the entire grid.

'The vulnerability may be bigger than we think,' said the official, who asked not to be identified because he was not authorized to discuss details.

It's not just the United States. In 2007, Russian hackers crippled computer networks in Estonia for nearly three weeks. In response, NATO set up an Estonia-based cyber defense center, and announced in April that cyber defense is being incorporated into NATO exercises.

'NATO takes this threat very seriously,' Carmen Romero, a NATO representative in Brussels, told the AP. 'NATO has to be ready for the new security challenges, and cyber attacks are one of them.'

In Germany, experts have been monitoring Chinese cyber espionage since the 1990s. A counterespionage official with Germany's domestic intelligence agency said the country has verified 'many hundreds of attacks per year,' and that others had likely gone undetected.

'We expect that the attacks we've seen are only the tip of the iceberg,' said the official, who spoke on condition of anonymity because of the sensitive nature of the subject. 'We follow the attacks to their source, and many come from China.'
Governments are not the only targets.

David Livingstone, author of a report on cyber threats by the London-based Chatham House think tank, said cyber espionage is a problem in all sectors _ businesses, government and individuals.

'Anywhere there is attractive intellectual property and anything that is valuable and useful to someone else will be a target,' he said.

In fact, the ubiquity of computers and the need to spread information electronically leaves us all vulnerable. Joel Brenner, head of the US Office of the National Counterintelligence Executive, has warned that skilled cyber attackers can remotely turn on the camera on your home computer, convert your cell phone into a listening device, and even convert the earphones of your iPod into microphones.

Gone are the days when spies like American Whittaker Chambers hid microfilm in a hollowed-out pumpkin or Christopher Boyce spirited classified documents away inside a potted plant. Even Aldrich Ames, perhaps the CIA's most notorious double agent, used both hard documents and disks to betray US secrets to Russia.

'Now, you can walk into many corporate and government offices, slip a thumb drive into an open USB port and download in seconds more information than all these traitors stole together,' Brenner said in a recent speech on cyber espionage.

You don't even need a thumb drive. By infiltrating the Dalai Lama group's e-mail system with malware, cyber invaders saw nearly everything his monks did, from discussions of protest plans to documents that could have put activists at risk. And the Chinese hackers went even further, infiltrating 1,295 computers in 103 countries.

The information was used to warn foreign officials against meeting with the Dalai Lama, and to stop at least one Tibetan activist at the airport, according to researchers from the Ottawa-based think tank SecDev Group and the University of Toronto's Munk Centre for International Studies.

Read Comments

Schools to remain closed across Punjab on Monday due to 'security situation' Next Story