Saturday, June 11, 2011

Nobody is immune to cyberattack

Around the world, computer networks are getting more vulnerable even as they grow more sophisticated. They are being penetrated and looted by digital intruders.

The personal records of 100 million people were stolen in an attack on Sony Corp.’s video game networks. Up to 210,000 unemployed Massachusetts residents were put at risk by data theft software that infected computers at the state’s Executive Office of Labor and Workforce Development. And, in March,
as mentioned in an earlier post, criminals stole vital information from data protection company RSA Security, a division of storage giant EMC Corp. The stolen RSA data was later used in a hacker raid on defense contractor Lockheed Martin Corp., an RSA client. The list of data breaches grows almost daily, and while consumers and businesses can take steps to reduce the risk of losing sensitive information, security analysts say that making our computer networks truly secure is virtually impossible.

Antivirus and other commercial security software products may be adequate against the kind of amateur hackers who vandalized websites in the Internet’s early days, but they often fail to detect the custom-made attack programs, or “malware,’’ created by today’s organized crime gangs and foreign intelligence agencies. Cybercrime by governments will probably be even tougher to fend off. In late 2009, computers at the search engine giant Google Inc. came under a severe attack aimed at getting access to the company’s software codes. A host of other companies, including Adobe Systems Inc. and Juniper Networks Inc., were also hit. In January 2010, Google attributed the attack to hackers working from within China, a claim the Chinese government rejected.

The International Monetary Fund was hit recently by what computer experts describe as a large and sophisticated cyberattack whose dimensions are still unknown. The fund said that it did not believe that the intrusion into its systems was related to a sophisticated digital break-in at RSA Security that took place in March, which compromised some information that companies and governments use to control access to their most sensitive computer systems. After that attack, the World Bank briefly shut down external access to its most sensitive systems, for fear that the stolen information could make it a target. But it quickly resumed its normal operations and says it has seen no evidence of any attacks.

Companies and public institutions are often hesitant to describe publicly the nature or success of attacks on their computer systems, partly for fear of providing information that would be useful to the individuals or countries mounting the efforts. Even so, Google has recently been aggressive in announcing attacks and, in one recent case, as mentioned above, of declaring that its origin was China, an accusation the Chinese government quickly denied.

But in the case of the I.M.F., officials declined to say where they believe the attack originated — a delicate subject because most nations are members of the fund. The attacks were likely to have been made possible by a technique known as “spear phishing,” in which an individual is fooled into clicking on a malicious Web link or running a program that allows open access to the recipient’s network. It is also possible that the attack was less specific, a case in which an intruder was testing the system merely to see what was available.

Caveat emptor.