There's a war going on, and it's raging here at home -- not in the streets or the fields, but on the Internet. You can think of it as a war on the digital homeland. If you work for a power company, bank, defense contractor, transportation provider, or other critical infrastructure type of operation, your organization might be in the direct line of fire. And everyone can become collateral damage.
A cyber war has been brewing for at least the past year, and although you might view this battle as governments going head to head in a shadow fight, security experts say the battleground is shifting from government entities to the private sector, to civilian targets that provide many essential services to U.S. citizens.
[ When in China, it's not safe to leave your laptop alone. Bob Violino explains why. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld's expert contributors in InfoWorld's "Malware Deep Dive" PDF guide. ]
The cyber war has seen various attacks around the world, with incidents such as Stuxnet, Flame, and Red October garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit.
"The cyber war has been under way in the private sector for the past year," says Israel Martinez, a board member of the U.S. National Cyber Security Council, a nonprofit group composed of federal government and private sector executives.
"We're finding espionage, advanced persistent threats (APTs), and other malware sitting in networks, often for more than a year before it's ever detected," Martinez says. He says U.S. entities are being targeted on multiple fronts by China and Iran for espionage and intellectual property theft, by interests in Russia and Eastern Europe for syndicated crime such stealing cash and identities, by social-agenda "hacktivist" groups such as Anonymous, and by increasingly skilled individual criminal hackers.
The cyber war now raging in the digital homeland
Such attacks have been going on for years, but what's new is the cyber war brewing between the United States and Israel on one side and Iran in the other, says Emilian Papadopoulos, chief of staff at Good Harbor Security Risk Management, a consulting firm focused on cyber threats.
Stuxnet, for example, was developed by Israel with U.S. support to hobble Iranian nuclear facilities, according to the New York Times and several security experts who spoke to InfoWorld off the record. Iran also accuses the United States and Israel of the cyber attacks that took Iran's Oil Ministry and a major oil terminal offline, Papadopolous says.
Iran or its proxies has apparently hit back with cyber attacks on U.S. banks, government officials say. Iran may have also been behind the Shamoon virus that wiped 30,000 hard drives and took computer networks offline for weeks at the oil producer Saudi Aramco, Papadopoulos says.
A 2011 attack on European certificate authority DigiNotar compromised the certificate system that underlies the Internet and enables users to trust in the identity of websites they visit and the source of communications they receive, Papadopoulos says.
"We have seen cyber attacks evolve from espionage attacks that steal intellectual property or monitor communications to disruptive or destructive attacks. ... Destructive and disruptive cyber attacks are relatively uncharted -- and troubling -- territory," he says.