Cyber criminals: Digital mercenaries and arms dealers

Cyber warfare is the epitome of asymmetric warfare. A single individual with access to the Internet can be a threat.

Cyber warfare is the epitome of asymmetric warfare. A single individual with access to the Internet can be a threat. Cyber criminals can steal sensitive data for their own purposes or to sell to other criminals by exploiting software vulnerabilities or using social-engineering tricks to dupe people into visiting a compromised Web site.

Also in this report

Rules of Engagement

The best-known source of cyber crime — in addition to being a major cyber warfare threat — might be the Russian Business Network (RBN). Its servers hosted a significant portion of the initial botnet distributed denial of service (DDOS) attacks on Georgian government Web sites during the South Ossetia conflict.

According to the Spamhaus Project, an international nonprofit organization whose mission is to track unsolicited e-mail and cyber crime, RBN is “noted for continuously hosting child pornography, malware, phishing and cyber crime.” The organization also operates bulletproof hosting services for criminal Internet activity, operating under a variety of names, such as SBT Telecom Network, Aki Mon Telecom, Rusouvenirs Ltd., Too coin Software Limited and TcS Network.

RBN is hardly alone. The propagation of hacking tools, inexpensive Internet hosting services and information sharing among hackers has enabled individual cyber criminals and politically motivated hackers — known as hacktivists — to coordinate efforts and, with a click or two, wage cyber war.

Dancho Danchev, an independent security consultant and cyber threats analyst who writes for ZDNet.com’s “Zero Day” security blog, said Russian hackers openly shared information about Georgian Web sites that were vulnerable to defacing and DDOS attacks through SQL injection.

 

“We also have an indication of such lists actively distributed across Russian Web forums,” Danchev wrote. “As always, next to the hardcore hacktivists participating in the attack, there are the copycat script kiddies who seem to have found a way to enjoy the media interest into the individuals behind it. Sadly, they have no idea what they’re doing, nor how to do it.” Another type of cyber warfare is becoming more common, too. The growth in the types of malicious software attacks on networks has exploded.

In 2007, “we saw 130,000 unique malware programs,” said Pamela Warren, cyber crime strategist at security software vendor McAfee. In 2008, McAfee counted more than 1 million, “and, of those, well over 95 percent are specifically targeted at stealing personal information.” There has also been growth in more directed attacks, such as spear phishing.

 

The Defense Department has been a major target of malware attacks. In November 2008, the Joint Task Force- Global Network Operations issued a ban on the use of removable media on systems connected to the Global Information Grid.

The move was intended to combat the spread of malicious software across DOD’s classified and unclassified but sensitive networks, according to reports from the Los Angeles Times and other sources.