Report: State-led cyberterror set to rise

SpaceDaily.com reports: “State-led cyberterrorism is expected to rise in 2011, a white paper issued by Imperva data security company said.

Imperva said its predictions for the Top 10 security trends for 2011, compiled by the company’s Application Defense Center, were aimed at helping information technology security professionals defend their organizations against the next onslaught of cybersecurity threats.

The white paper study, led by Imperva’s Chief Technology Officer Amichai Shulman, said state-sponsored hacking will build on concepts and techniques from the commercial hacker industry to create more powerful ‘advanced persistent threats.’ APT preoccupied governments and corporate organizations worldwide in 2010 and required extra expenditure on improving online Internet-based security.

‘In this upcoming year, we expect to see growing awareness of security incidents due to insiders,’ said the paper. ‘Attention will grow as a consequence of an increased flow of incident reports where data theft and security breaches are tied to employees and other insiders. The cause of this trend will be the emphasis put on new regulations covering the act of notification and disclosure (rather on the actual protection of data).’

‘Man-in-the-browser’ attacks will increase and there will be a noticeable growth in the role played by MitB attacks in cyber-criminal activity, said the report. MitB is a form of Internet threat related to ‘Man-in-the-Middle,’ a Trojan that infects a Web browser and has the ability to modify pages, modify transaction content or insert additional transactions, all in a covert fashion that is invisible to both the user and host application…” (“This know also, that in the last days perilous [dangerous] times shall come” – II Timothy 3:1. See also the next three reports.)

Gates: U.S. faces ‘huge’ cyber threat in the future

SpaceDaily.com reports: “Defense Secretary Robert Gates warned that potential cyber attacks posed a ‘huge’ future threat that had to be tackled through joint efforts by US military and civilian agencies.

Asked to assess the danger posed to digital networks, Gates said: ‘There is a huge future threat and there is a considerable current threat.

‘And that’s just the reality that we all face.’

He said the Pentagon had bolstered security for the military’s networks and hoped to do the same for defense industry contractors.

‘We are working with our partners in the defense industrial base to bring them under that umbrella, to provide them with protection,’ he said at a Wall Street Journal conference of chief executives…”

NATO targets terrorism, cybersecurity as central to 21st century mission

The Christian Science Monitor reports: “NATO adopted a ‘plan of action’ for 21st-century security threats that draws on both the recent lessons of Afghanistan and the alliance’s longer experience with defense by deterrence.

The new ‘strategic concept,’ which is NATO’s first mission statement in more than a decade, elevates the role of political and civilian answers to security challenges. For the first time, for example, the military alliance will create a small civilian component to assist the military side in future interventions such as the one in Afghanistan.

But the 11-page statement, which is concise by NATO standards, also makes clear that the Atlantic alliance will maintain its nuclear deterrent to ward off conventional threats even as it adapts to face newer challenges like cybersecurity, terrorism, and failed states.

‘This is NATO’s road map for the next 10 years,’ said NATO Secretary General Anders Fogh Rasmussen. As if to answer skeptics who have predicted for months that this year’s summit would actually mark NATO’s retreat to irrelevance, Mr. Rasmussen added, ‘This strategic concept will ensure that NATO remains as effective as ever.’…”

China ‘hijacks’ 15 per cent of world’s internet traffic

The London Daily Telegraph reports: “A state-owned Chinese telecommunications firm re-routed around 15 per cent of all web traffic through its own servers during a brief period on April 8, the report said.

The incident has raised fears that China may have harvested highly-sensitive information from re-routed emails.

Another theory is that it could be testing a cyberweapon that could disrupt internet traffic from foreign servers.

The traffic included email exchanges from websites of the US Senate and the Department of Defense, along with ‘many others’ including NASA and the Department of Commerce.

Chinese internet officials have claimed that the re-routing was accidental, but the US-China Economic and Security Review Commission’s annual report suggested the hijacking could have been ‘malicious’.

‘Evidence related to this incident does not clearly indicate whether it was perpetrated intentionally and, if so, to what ends,’ the report said.

‘However, computer security researchers have noted that the capability could enable severe malicious activities.’

Larry Wortzel, a member of the commission, said: ‘We don’t know what was done with the data when they got it. When I see things like this happen, I ask, who might be interested with all the communications traffic from the entire Department of Defense and federal government? It’s probably not a graduate student at Shanghai University…”