dcsimg
 
 
 

After Estonia: Cyberwar Is Not The Biggest Threat

By Deborah Gage  |  Posted Wednesday, May 30, 2007 19:05 PM
 
 

China is planning for cyberwar, according to the DOD. But a bigger threat seems to be low-level, daily attacks on companies and government agencies by anonymous hackers wielding botnets.

In his annual report to Congress, the Secretary of Defense said last week that China is developing viruses to attack enemy computer systems, along with defenses that would give it "electromagnetic dominance early in a conflict."

The U.S.-China Economic and Security Review Commission said something similar to Congress last year. And a defense analyst--Andrew Macpherson, an assistant professor of Justice Studies at the University of New Hampshire--told Computerworld this week that China is focusing more on developing "first-strike capabilities" for cyberwar.

People who have watched the prolonged attacks on Estonia's Web sites after Estonia moved a statue of Russia's Bronze Soldier, which commemorated Russia's fight against Nazi Germany in World War II, might wonder if it could happen to the U.S. Anything's possible.

But companies and government agencies have more immediate problems--the low-level, distributed denial-of-service (DDOS) attacks that occur against somebody, somewhere on the Internet, every day, says Alan Paller, director of research at the SANS Institute.

"Environmental groups attack companies they think are being careless with the environment, extortionists attack gambling sites (and many, many other types of sites)," he says. "Israelis and Palestinians launch DDOS, China and Taiwan launch DDOS. It's huge."

If you want to see what types of attacks are being conducted, check out this dashboard developed by Arbor Networks, called Atlas, for a daily summary. And here's a blog post by Arbor's Jose Nazario, a security researcher, describing some details of the attacks on Estonia.

Paller suggests signing up for a denial-of-service protection plan from an Internet service provider that will detect and block rogue Internet traffic, should it be directed at you.