April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

January 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Well-aimed cyber attacks could cause global shock, study says

Well-coordinated cyber attacks around the world could cause a “full-scale global shock” on a huge scale similar to collapsing financial structures, pandemics, long-term pollution and other mega disasters, but the threat of such attacks is currently not very high, according to a study released by the Organisation for Economic Co-operation and Development (OECD).

The OECD’s study, released Jan. 17, said countries should make contingency plans for simultaneous cyber attacks and recovery from such attacks.

"What should concern policy-makers are combinations of events – two different cyber-events occurring at the same time, or a cyber-event taking place during some other form of disaster or attack," the report said. "In that eventuality, 'perfect storm' conditions could exist."

The report--part of Paris-based OECD’s wider study of Future Global Shocks--didn’t find much evidence for imminent coordinated cyber attacks, however. It said "few single foreseeable cyber-related events have the capacity to become a full-scale global shock".

Nevertheless, computers, computer networks and telecommunications services remain particularly at risk, it said. The Internet’s “underlying technical protocols” like Border Gateway Protocol which determines routing between Internet Service Providers is vulnerable to attack. The attacks on telecommunications networks, said the study, can come from outer space and nature herself in the form of “very large-scale solar flare which physically destroys key communications components such as satellites, cellular base stations and switches,” it said.

The study said everyday cyber security threats, like “malware, distributed denial of service, espionage, and the actions of criminals, recreational hackers and hacktivists,” the impact “will be both relatively localized and short-term in impact.”

A successful cyber attack needs exploit unknown entryways and vulnerabilities. It has to use “attack vectors which are not already known to the information security community and thus not reflected in available preventative and detective technologies, so-called zero-day exploits; careful research of the intended targets; methods of concealment both of the attack method and the perpetrators; the ability to produce new attack vectors over a period as current ones are reverse-engineered and thwarted.”

The report said the recent Stuxnet attack apparently used against Iranian nuclear facilities “points to the future but also the difficulties.” Attacks could also be likely for financial gain. “In the case of criminally motivated attacks: a method of collecting cash without being detected,” it said

Cyber war is unlikely, said the report, because critical computer infrastructures are protected against know exploits and malware, so cyber weapons designers have to work to find new ones. The results of a cyber war are also unpredictable, it said. “On the one hand they may be less powerful than hoped but may also have more extensive outcomes arising from the interconnectedness of systems, resulting in unwanted damage to perpetrators and their allies. More importantly, there is no strategic reason why any aggressor would limit themselves to only one class of weaponry,” it said.

Despite the uncertainty, cyber weapons are already in “widespread use,” it said, through unauthorized access to systems viruses, worms, trojans, denial-of-service, distributed denial of service using botnets, root-kits and the use of social engineering. The use of those techniques has lead to compromise of confidentiality / theft of secrets, identity theft, web-defacements, extortion, system hijacking and service blockading. “It is a safe prediction that the use of cyber weaponry will shortly become ubiquitous.”

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...