Japan attacked: Can we say 'cyber war' now?

gallery

ANALYSIS Say the words ‘cyber war’ when referring to online attacks and you will find yourself on the wrong end of a tongue lashing when amongst certain security professionals.

Why? Because it’s difficult to ascertain whether any cyber strikes have been an act of war. There is simply no guarantee that anyone is correct when saying a hack was carried out by a nation state, largely because of a lack of corporeal proof.

We are going to see a new revolution, focusing on information operations and cyber warfare.

Yet there is a general acceptance that nation vs. nation hacking is a reality. The problem lies in the lack of 100 per cent certifiable proof.

This week saw another significant moment in the history of cyber warfare. Mitsubishi Heavy Industries (MHI), one of Japan’s major weapons suppliers, admitted 45 of its servers and 38 computer terminals were infected.

Targeted malware was allegedly used as part of a spear phishing attempt – similar to other attacks that have attempted to breach Governments in recent times, including in the UK.

RSA was compromised by such tactics too – another situation in which some suspected a nation state’s involvement, as at least one of the eventual targets turned out to be major US defence contractor Lockheed Martin.

As the evidence amasses, can we now start confidently talking about cyber war? Not quite, even if the age of cyber war is nigh.

Show me the hackers!

In the case of MHI, no one has yet claimed responsibility for the infection. China, the number one suspect according to some sources, has denied any involvement. As with so many recent cases, no nation has been found guilty, nor has any Government admitted to being the perpetrator of an attack.

When the DigiNotar attacks emerged last month, eventually resulting in the certificate authority’s demise, many pointed fingers at Iran. Yet in that case, ComodoHacker claimed responsibility, saying the Iranian regime had no hand in the hacks.

For any onlookers, it’s near to impossible to know whom to trust. There is just too much obfuscation and potential for covert behaviour to lump any event under the ‘cyber war’ umbrella.

As for the MHI attacks, Mikko Hypponen, chief research officer at F-Secure, rightly questioned where the war was. With no two sides fighting one another, how could there possibly be a war?

The revolution is coming

Nevertheless, Hypponen thinks change is afoot. A new age of warfare is upon us.

“Just like modern hi-tech research revolutionised military operations over the last 50 years, we are going to see a new revolution, focusing on information operations and cyber warfare,” Hypponen told IT Pro.

“This revolution is underway and it's happening right now.”

Email to a friend

Print this page