Thursday, June 25, 2009

Cyber War

I recently passed a fairly arbitrary milestone with my hosting business: thanks to a DDOS attack from a botnet against one particular system, the number of malicious contacts with my servers passed the million per day mark. This did have a slight effect on performance until I introduced a new security layer.

This sort of thing is routine when it comes to online systems. Most of the time, it's just script kiddies. Use of a botnet suggests a bit more organisation, but needn't be more of a problem than the kiddies. Then, sometimes, someone who actually knows what they're doing comes along and has a serious pop at something.

It's debatable what the best response is. Generally, it's better not to get into a war with people. Years ago, I used to redirect attackers to the Disney website, especially the section that was dedicated to Mickey Mouse. That was immature. Now, I prefer to make systems handle the attacks silently, collecting data about the attacker. On occasion, I've tracked the attacks back to the individual concerned. What to do then depends on things like jurisdiction and the nature of the attack, but on the whole, even if it is possible to take action, I often think it's better to be dealing with an attack you thoroughly understand than to be waiting for the next tactic to emerge.

The Telegraph today reports:

Al-Qaeda is intent on using the internet to launch a cyber-warfare campaign against Britain, Lord West, the Security Minister, has warned.
It would be bizarre if they weren't. The report goes on:
As well as potential cyber-attacks from terrorists, Britain faces a real and growing threat from foreign governments such as China and Russia, and from organised criminal gangs, he said.
Well yes, that isn't news. It was quite widely reported, a year ago, that cyber attacks against Georgia coincided with Russian troop movements into South Ossetia. More recently, Iranian opposition geeks took down some pro-Ahmadenijad websites. This is just routine, nowadays.

Targets include key businesses, the national power grid, financial markets and Whitehall departments.

As part of attempts to beef up defences, a new Office for Cyber Security will be set up to co-ordinate Government policy.

Another new development will see the creation of a "cyber-forensics" team based at GCHQ, the Government's eavesdropping centre in Cheltenham, Gloucestershire.

The Cyber Security Operations Centre will constantly monitor, analyse and counter cyber attacks as they happen.
You mean... they haven't been doing this already?

Now I am scared.

No comments: