From: InfoSec News (alertsinfosecnews.org)
Date: Mon Apr 20 2009 - 01:34:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.newsweek.com/id/194605

By Evgeny Morozov
NEWSWEEK
April 18, 2009
 From the magazine issue
dated Apr 27, 2009

Ghostnet sounds like something John le Carré would invent. This vast
cyber-espionage operation spanned 1,295 computers worldwide, a third of
them located in ministries of foreign affairs, embassies, international
organizations and news media, some holding classified data. According to
a report by three Canadian security think tanks in March, it included at
least one unclassified computer at NATO headquarters in Mons, Belgium.
Although the culprit is unidentified, some experts suspect China.
Whether it exploited any of the data is hard to say. That it could
obtain it so easily has raised eyebrows in the world's mightiest
military alliance.

NATO is only just beginning to recognize that the Internet has become a
new battleground, and that it requires a military strategy. As economic
life relies more and more on the Internet, the potential for small bands
of hackers to launch devastating attacks on the world economy is
growing. To counter such threats, a group of NATO members, including the
U.S. and Germany, last year established a kind of internal cybersecurity
think tank, based in a former government building in Tallinn, Estonia.
The 30 staffers at the Cooperative Cyber Defense Centre of Excellence
analyze emerging viruses and other threats, and pass on alerts to
sponsoring NATO governments. They are also working to bring the allies
together on the elusive issues that deepen the fog of cyberwar.

Experts with backgrounds in the military, technology, law and science
are wrestling with such questions as: What qualifies as a cyber "attack"
on a NATO member, and so triggers the obligation of alliance members to
rush to its defense? And how can the alliance defend itself in
cyberspace? Already, the debate is producing strikingly different
answers: as Washington moves to create a new "cybersecurity czar" and
new funds for cyberdefenses, Estonia is moving much of the job into
civilian hands, aiming to create a nation of citizens alert and wise to
online threats.

The choice of Estonia as the home to NATO's new cyberwar brain trust is
not accidental. In 2007 Estonia was in a public squabble with Russia
over the fate of a Soviet-era monument when it suddenly found itself
under a wave of cyberattacks. Among the targets were two of Estonia's
biggest banks, whose online systems were severely degraded for several
hours. The scale of the economic damage is still classified as a state
secret, but the fact that this happened in "E-stonia," a proud digital
society where even parking meters take payment via text messages, was
eye-opening. Although the decentralized nature of cyberattacks made it
hard to know whether the Kremlin ordered the attacks, clues led Estonia
to a Russian suspect, whom the Kremlin refused to extradite.

[...]

_______________________________________________
Best Selling Security Books and More!
http://www.shopinfosecnews.org/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]