The Threat:
Israelis are — with good reason — concerned about the possibility that Iran will attain nuclear weapons. But perhaps they should be more worried that Iran will be able to take over the country’s basic infrastructure, wreaking havoc with the gas, water, and electricity systems, as well as the banking system.
“If nuclear weapons were the ‘judgment day’ weapon of the 20thcentury, computer infrastructure hacking is the 21st century equivalent,” said Tal Pavel, an expert on Internet usage and crimes in the Middle East.
“In some ways, the threat of hacking major infrastructure systems is even worse than the nuclear threat,” he told The Times of Israel. “Only governments can afford to purchase and deploy nuclear weapons, so you know who is attacking you and how to deal with them. But anyone can develop or buy their own super-virus, potentially capable of a cyber-attack that could shut down a country for days, create panics or riots, or release dangerous substances, such as gas and sewage, that can kill people in the victim country.”
This is a problem for Israel, too, he said, as the country’s enemies become more cyber-capable. In fact, Arab or Iranian hackers may have already gone after Israeli infrastructure systems.
Pavel was speaking in the wake of a major exposé Monday that showed how groups of Chinese hackers — almost certainly working on behalf of China’s military forces — have been systematically invading major corporations and infrastructure systems in the United States. Among the companies attacked by the Chinese hackers, according to US security firm Mandiant, were several with access to information about gas, oil, and electrical infrastructure throughout the US, Canada, Mexico, and elsewhere.
And even without the money, computer resources, and talent of Chinese hackers, Arab and Iranian hackers can inflict plenty of damage on Israel, said Pavel. “Just a few weeks ago, we saw how Syrian hackers were able to compromise the email system of Haaretz.” The attack, by a group called the Syrian Electronic Army, was very simple (using a password to get into Haaretz employee mailboxes), but caused plenty of inconvenience for the paper and its employees.
“With all the fighting in Syria they barely have an Internet infrastructure in place these days, but despite the unrest there these hackers were able to pull off an attack,” said Pavel. It’s just a matter of time before Iranian or Arab hackers will be able to reach secure Israeli infrastructure systems, as they grow in sophistication and capabilities, Pavel said.
Computer-hackers tied to the Chinese military have stolen massive quantities of data from at least 140 organizations in 20 major industries since 2006, a U.S. computer security firm said in an extensive report released Tuesday.
The 74-page report, prepared by Mandiant, comes as the United States has toughened its stand against computer hacking by China and is expected to seek to do more to protect both commercial and national security information. Just last week, President Obama signed an executive order to improve protection of the American computer assets.
The Mandiant report also comes after a growing concern in many U.S. businesses, including media companies, that China has stepped up its computer invasion. The Chinese government has repeatedly denied such charges and has insisted it has been the target of computer hacking. China repeated those charges on Tuesday.
But the Mandiant report lays the blame for the increase computer hacking squarely at the official door of China, and says that a secretive military group, based in the outskirts of Shanghai, is the likely culprit for official computer activities.
“Now, three years later, we have the evidence required to change our assessment,” the security group concluded. “The details we have analyzed during hundreds of investigations convince us that the groups conducting these activities are based primarily in China and that the Chinese government is aware of them.”
The hacking activity was likely part of the mandate of the Unit 61398 of China's People's Liberation Army, identified in the report as “one of the most persistent of China's cyber threat actors.” The unit is based in the Pudong New Area, outside of Shanghai from where the computer attacks originate.
Unit 61398 “has systematically stolen hundreds of terabytes of data from at least 141 organizations,” in diverse industries and mostly in the United States, said the report. “It is time to acknowledge the threat is originating in China, and we wanted to do our part to arm and prepare security professionals to combat that threat effectively.”
A report tying the Chinese military to computer attacks against American interests has sent a chill through cyber-security experts, who worry that the very lifelines of the United States — its energy pipelines, its water supply, its banks — are increasingly at risk.
The experts say that a successful hacker attack taking out just a part of the nation’s electrical grid, or crippling financial institutions for several days, could sow panic or even lead to loss of life.
“I call it cyberterrorism that makes 9/11 pale in comparison,” Rep. Mike Rogers, a Michigan Republican and chair of the House Intelligence Committee, told NBC News on Tuesday.
An American computer security company, Mandiant,reported with near certaintythat members of a sophisticated Chinese hacking group work out of the headquarters of a unit of the Chinese army outside Shanghai.
The report comes as government officials and outside security experts alike are sounding ever-louder alarms about the vulnerability of the systems that make everyday life in the United States possible.
Outgoing Defense Secretary Leon Panetta warned in October that the United States was facing a threat that amounted to “cyber Pearl Harbor” and raised the specter of intentionally derailed trains, contaminated water and widespread blackouts.
“This is a pre-9/11 moment,” Panetta told business executives in New York. “The attackers are plotting.”
The Solution:
The future of online security may be found inside our own bodies.
As hackers develop more sophisticated ways to bypass character-based password systems, some tech companies are turning to biometrics — the use of biological traits to identify a person — as a possible solution.
“Everyone is putting so much data online. And if you get hit because either your email account or Facebook is compromised, it really affects you,” says Karl Martin, the president and CEO of Bionym, a Toronto-based startup that created a biometric technology based on a person’s heartbeat.
A recent report by consulting firm Deloitte predicts that more than 90 per cent of user-created passwords will be vulnerable to fraud. Even complex passwords aren’t foolproof — hackers just need basic personal information, which they can glean online, to reset your login.
“By switching to biometrics, passwords would have to be tied directly to a living person,” says Martin, who is also an expert in privacy and data security.
But unlike traditional biometric technology, such as fingerprint scanning or facial recognition, the next generation of devices use biological traits that are almost impossible to replicate. The added bonus is that you don’t need to remember a complicated string of numbers and letters: you are essentially your own password.
Broad-based use of biometric screening standards worldwide and interoperability between the Homeland Security Department and other agency systems are among the most significant technology improvements since Sept. 11, 2001, says Robert Mocny, DHS director of US-VISIT. Mocny spoke at a Feb. 7 Center for Strategic and International Studies event in Washington, D.C.
The U.S. Visitor and Immigrant Status Indicator Technology program, first deployed in 2004, records the entry of travelers to the United States by collecting biometric information, such as digital fingerprints and photographs. Initially, US-VISIT only collected two fingerprints as a basis of comparison against criminal and terrorist watch lists. DHS upgraded the system to 10 prints in 2008.
In terms of other technologies, Mocny says US-VISIT is experimenting with iris and facial recognition in a pilot program with Border Patrol in McAllen, Texas. The purpose of the pilot is to test the feasibility and accuracy of iris capture and matching in an operational environment, including storing a facial recognition-quality photograph.
Internationally, under the Visa Waiver Program, the U.S. has partnered with 37 countries to provide fingerprints for law enforcement purposes, Mocny said. VWP allows citizens of participating countries to travel to the United States for tourism or business for up to 90 days without having to obtain a visa. Currently, US-VISIT is helping to set up the first international biometric-sharing system called the Secure Real Time Platform with Australia Australia, Canada, New Zealand and the U.K., he added.
Also see
Russian warships are returning to the waters near Syria in a new demonstration of the Kremlin's interest in the outcome of the crisis there.
The Russian Defense Ministry told the RIA-Novosti news agency on Tuesday that four large landing vessels were on their way to the Mediterranean near Syria, three weeks after the Russian navy conducted its biggest maneuvers in the region since the breakup of the Soviet Union.
"Based on the results of the Navy exercises in the Black and Mediterranean seas from Jan. 19 through Jan. 29 ... the Ministry leadership has taken a decision to continue combat duty by Russian warships in the Mediterranean," the ministry said in its statement. “In the future the number of warships in the group and types of vessels acting in the said region will be defined in accordance with the given situation."
The Defense Ministry said the landing ships Kaliningrad and Alexander Shabalin are en route to the region from the Black Sea port of Novorossiysk. Two other big landing ships, the Saratov and the Azov, are scheduled to join them by the end of February.
"The continued presence of Russian warships close to Syria demonstrates the Kremlin's desire to keep up the Russian navy colors in the area to indicate that Russia stands by its attitude that the Syrian crisis should be resolved within the country by the country's existing political forces," Igor Korotchenko, editor in chief of the National Defense monthly journal said in an interview.
Hitler Survivor Warns America
Tidak ada komentar:
Posting Komentar