Unseen, All-Out Cyber War on the U.S. has Begun

Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet.

By Bob Violino
Mon, January 28, 2013

There's a war going on, and it's raging here at home -- not in the streets or the fields, but on the Internet. You can think of it as a war on the digital homeland. If you work for a power company, bank, defense contractor, transportation provider, or other critical infrastructure type of operation, your organization might be in the direct line of fire. And everyone can become collateral damage.

A cyber war has been brewing for at least the past year, and although you might view this battle as governments going head to head in a shadow fight, security experts say the battleground is shifting from government entities to the private sector, to civilian targets that provide many essential services to U.S. citizens.

[ When in China, it's not safe to leave your laptop alone. Bob Violino explains why. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld's expert contributors in InfoWorld's "Malware Deep Dive" PDF guide. ]

The cyber war has seen various attacks around the world, with incidents such as Stuxnet, Flame, and Red October garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit.

"The cyber war has been under way in the private sector for the past year," says Israel Martinez, a board member of the U.S. National Cyber Security Council, a nonprofit group composed of federal government and private sector executives.

"We're finding espionage, advanced persistent threats (APTs), and other malware sitting in networks, often for more than a year before it's ever detected," Martinez says. He says U.S. entities are being targeted on multiple fronts by China and Iran for espionage and intellectual property theft, by interests in Russia and Eastern Europe for syndicated crime such stealing cash and identities, by social-agenda "hacktivist" groups such as Anonymous, and by increasingly skilled individual criminal hackers.

The cyber war now raging in the digital homeland

Such attacks have been going on for years, but what's new is the cyber war brewing between the United States and Israel on one side and Iran in the other, says Emilian Papadopoulos, chief of staff at Good Harbor Security Risk Management, a consulting firm focused on cyber threats.

Stuxnet, for example, was developed by Israel with U.S. support to hobble Iranian nuclear facilities, according to the New York Times and several security experts who spoke to InfoWorld off the record. Iran also accuses the United States and Israel of the cyber attacks that took Iran's Oil Ministry and a major oil terminal offline, Papadopolous says.

1 2 3 4 next page »

Originally published on www.infoworld.com. Click here to read the original story.

More from CIO

You are here: Technology Topics » Security » Feature

Most Recent Security Stories

White Papers »

Data loss prevention: Refreshing data security to meet an evolving threat environment

CDW's reference guides provide a high-level, informative take on today's most pressing IT solution areas and related issues.

Two-Factor Authentication

This guide provide up-to-date summaries, strategic guidance and best practice tips on the technologies driving IT operations forward.

DLP Is Not Just Good for Business, It's Vital for Business

Data--every company's most vital intellectual asset,--is more vulnerable than ever. And data leaks, whether unintentional or malicious, often have the same results...

Expert Help to Assess Your Data Loss Risks

Learn how risk assessment services can help uncover potential data risks to your organizations assets.

Security Intelligence: A Key Component of Big Data Security Analytics

This ESG brief discusses best practices to proactively address risk while exploring how organizations maximize the benefits of security intelligence.

Symantec DeepSight Security Intelligence Overview

DeepSight Security Intelligence delivers timely and relevant threat, vulnerability, and reputation intelligence enabling businesses to adjust their security posture as required based on emerging threats that might impact their critical systems.

Webcasts »

Customer Success Video (State of Michigan)

Learn how the State of Michigan is utilizing DeepSight security intelligence to protect critical infrastructure.

PGI Customer Success Video

Learn how PGI is using Symantec Managed Security Services to protect their systems, while allowing them to focus on running, and building, their business.

Simplifying the Complexity of Mobility: A Holistic Approach to Develop a Mobile Enterprise Strategy

Simplifying the Complexity of Mobility

Vblock Specialized System for SAP HANA

Overview video from DJ Long about the new Vblock Specialized System for SAP HANA.

ActiveSync on BlackBerry 10: What Does it Enable?

Find out how ActiveSync works with BlackBerry® 10 to enable basic security and device management features. See what's involved in setup. And learn about BlackBerry® Enterprise Service 10, for full Enterprise Mobility Management.

Software Asset Management - Program Considerations to Help Reduce Risk and Lower Costs

SAM: A must have IT tool to help reduce costs and minimize business and legal risks.