The Sony breach may be start of new nation-state cyberattack

18.12.2014
It has been an exceptional year for IT security breaches, which have become part of an escalating trend in destructive attacks. And they're going to get worse.

The Sony Pictures cyber attackers are doing everything they can to inflict damage on the company. They have released films, emails, medical records, and all sorts of confidential data, and are making threats of physical attacks in conjunction with the release of The Interview, a comedy about the attempted assassination of the North Korean president. On Wednesday, Sony canceled the Dec. 25 release of the movie after theater chains said they would not show the film because of the threats.

The Sony breach has the earmarks of a nation-state operation because of its sophistication and ruthlessness, and on Wednesday, U.S security officials told the New York Times  they had concluded that North Korea was behind the Sony cyberattacks.

There is also serious speculation that the October attack on JP Morgan Chase, which compromised some 76 million records, was also orchestrated by a nation-state -- possibly a retaliatory move by Russia over Ukraine sanctions. In 2013, the Iranians were blamed for denial-of-service attacks on U.S. banks.

The sources of the JP Morgan and Sony attacks have not been officially confirmed, but Avivah Litan, a security analyst at Gartner, is convinced that what we are seeing is a new type of nation-state attack.

For years, the Eastern Europeans and Russians have been going after point-of-sale systems and credit card processors, and the Chinese have been involved in espionage against private sector firms, Litan said.

"But the big new thing is the nation states," she said. Russia, North Korea and China "are going after private sector companies in a very public way."

Litan said this trend of nation-state attacks will escalate.

"More political differences will be fought in cyberspace, and nation-states will retaliate against U.S. companies to make political points," Litan said.

"Private sector companies are not equipped to deal with the force of the nation states," she said. "They don't have the resources to fight them off. It's a national security issue, and there needs to be a national strategy to try to stop it. "It's really pretty serious," she said.

Litan described what's going on as warfare, and if that's the case, there's evidence that businesses are trying to put their IT security on a war footing.

For example, jobs in cybersecurity are growing. Dice, a technology employment site, said ads for jobs in cybersecurity were the fastest growing in the IT field this month. Compared with December of last year, cybersecurity job ads have increased 77%, from 1,606 to 2,842 as of Dec. 14.

"You can't escape hearing about security breaches in the news today, which is one reason businesses are adding security professionals to their hiring needs for 2015," said Shravan Goli, president of Dice.

In its ongoing surveys, Robert Half Technology, a human resources consulting and staffing firm, asked 2,400 CIOs about the area where they face the most challenge in hiring. In June, security ranked third at 12%, behind applications development and networking, which were both at 17%. But when surveyed again in October, security moved to second place at 15%.

"There is no doubt that IT security has been a rising priority just over the past year and will continue to be a high priority in 2015," said John Longwell, research director of Computer Economics. In 2012, the IT security professional made up about 2% of the typical IT staff. Today, it is about 2.4%, he said.

But Charles Kolodgy, an analyst at IDC, said there is no singular event driving security spending increases.

"The overall threat environment continues to grow, but part of that threat growth is predicated on the growth of IT in general," Kolodgy said. Frances Karamouzis, an analyst at Gartner who covers IT services, said that spending on security-related IT services is jumping dramatically. "I would say it's increased over 100% if not more," she said.

Outside services are also expensive, especially when 24/7 coverage is required, and it won't replace the need for companies to hire their own security personnel, Karamouzis said.

Some see the end of 2014 as a preamble to 2015.

The real damage to companies from these big data breaches may arise from the subsequent legal actions.

Steve Hultquist, chief evangelist for RedSeal, a security analytics company, is predicting that cyberattacks next year will create a "security situation that destroys a midsize or large organization."

By "destroy," RedSeal officials mean it could come in the form of negligence damages, which could be truly huge.

Vijay Basani, CEO of EiQ Networks, which provides security intelligence and compliance services, expects to see next year an increasing number of attacks that go beyond simply stealing information.

"We will see additional Sony-like attacks where perpetrators will cause significant business disruption," Basani said. "This will be the result of intruders erasing highly sensitive data, making networks and systems inaccessible, as well as creating fear in employees by threatening to leak personal data."

(www.computerworld.com)

Patrick Thibodeau

Zur Startseite