Conficker. A name that has, in the past weeks, initiated a discussion about the new plague of humankind – cyberterrorism. “The virus attacked up to 10 million PCs around the world, according to our estimates. That is a good enough arsenal for damaging the infrastructure of smaller states, banks or companies,” said Radek Smolík from the Symantec security company.
“A cyber war started last year, and hackers showed that they are capable of bringing the state within minutes,” stated a panel discussion at the World Economic Forum in Davos.
Estonia was only the start
The activities of Russian hackers proven this when they paralysed all of Estonia within moments two years ago. And last summer it was Lithuania that underwent a wave of hackers’ attacks. It is mostly countries with an underdeveloped online application of state administration.
Internet crime has turned into good business thanks to a well-functioning underground economy. Conficker, the most spread virus at the moment, is posing questions. According to anti-virus experts it is an exceptionally well-written virus that will go down in history because of its speedy and massive spreading.
The virus is not active yet but the opportunities it offers its authors are basically unlimited. “The infected PCs can be used for internet attacks or sensitive personal data might be stole from them,” said Pavel Krčma, an AVG Technologies analyst. Hacking and writing viruses for money was probably the main business of the potential virus’ authors. Some sources suggest the authors might come from the RBN group of Russian hackers.
“Our analysis shows that they couldn’t have done it on their own. They had to be in cooperation with other groups,” Smolík explains. RBN are professionals who, according to some sources, collaborate with the Russian secret service and who participated in the attacks on Estonia.
Thus, governments around the world have to work more intensely on building up security for their sensitive data, alongside the crisis. In the Czech Republic, Conficker got into the network of the Czech Social Security Administration. IT departments are failing to install new Windows patches quickly enough. However, the blame for the fast-spreading of the virus cannot all be placed on IT departments.
“Users choosing passwords like 12345 or QWERTY definitely do not make it easier for IT departments,” said Graham Cluly from the anti-virus company Sophos. Moreover, anti-virus companies admit that they are always one step behind the virus creators. And so they are considering a different approach. “We are thinking whether it might be more effective to let in secure content rather than fighting the harmful content,” Smolík said.
Pirate hunters come on scene
Specialised teams to tackle the security also in the virtual space have started to appear. The same is being done in the Czech Republic and the Interior Ministry should soon present its new concept for fighting the cyber-threats at the National Security Council.
The special project CSIRT.cz should launch its activity at the beginning of April this year. The project should be aimed at addressing potential security threats and cooperation with partner organisations around the world. CSIRT’s trouble currently lies in its limited authority.