Cyber Crime on a Global Scale

Uploaded on 2015-05-27 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

ScaleOfCyberCrime.jpg

Cyber bad guys operate at all levels, from intercepting your car's bluetooth, to using apps and the Internet to steal private financial details of tens of millions of citizens.
Even a single person can create cybercrime mayhem.
In April 2015, Navinder Singh Sarao, a 36-year-old, appeared in court in the UK wearing baggy sweatpants, running shoes and a hoodie. This small-time investor drove a broken-down car, and lived in his parents' run-down flat near the flight path of Heathrow airport. But back on 6th May 2010, he had used off-the-shelf software to manipulate high-frequency trading algorithms to create the infamous 'flash crash'.
He sent the Dow Jones industrial average on a wild ride up and down some 1000 points. He briefly wiped over $1 trillion from the stock markets. To put that in perspective, that's about 1/60 of the gross domestic product of the entire planet, for a whole year. And along the way, using techniques called 'spoofing' and 'layering', he picked up $40 million, all done using a simple home computer.
Given it's that easy for one person to create havoc, think how much easier it would be for a government with all of its resources. People talk about 'cyber warfare', but it is a fairly vague term, referring to governments attacking other governments. Specifically, what happens when governments use the internet for sabotage, espionage and subversion.
Financial markets, military assets, communication networks, infrastructure of many types, if it's got a computer, it can be hacked.
In September 2010, the nuclear enrichment facilities in Iran were attacked by the Stuxnet-worm.
The Iranians were purifying uranium up to weapons-grade using centrifuges. These centrifuges were taken over by this worm. They spun so quickly they destroyed themselves. But while the attack was actually happening, the control panels of the Iranian operators wrongly indicated that the centrifuges were spinning normally.
This attack delayed the Iranian weapons-grade uranium program by over a year. Who did this? In June 2012, the New York Times claimed that President Obama had authorised this sabotage.
A modern country relies absolutely on infrastructure — sewerage, transport, drinking water, power, and so on. In 2009, President Obama said: "cyber intruders have probed our electrical grids".
Then, in 2012, an American company that monitors over 50 per cent of the gas and oil pipelines in the USA discovered that the Chinese had hacked its computer systems.
Were the Chinese simply looking for industrial secrets? Or were they planting bugs, so that they could shut down the US energy grid if China and the USA were to have a conflict sometime in the future?

In 2012, Iranian hackers took control of 30,000 computers belonging to the world's largest oil producer, Saudi Aramco. We know they changed the Aramco logo to a burning US flag. But what else did they do?

In March 2013, the major banks and broadcasting TV stations in South Korea were hacked. Was North Korea to blame, or was it somebody pretending to be North Korea?
In the Middle East, the Syrian Electronic Army hacked into the Twitter account of Associated Press. They then published a fake news item about a bomb at the US White House. That incident alone sucked $136 billion out of the US Equity Market.
One of the beauties of cyber warfare is its anonymity. While there are suspects, there is often still not enough information to positively identify the culprits.
Cyber warfare can also be done relatively cheaply. But of course, you get better results if you spend more.
In May 2010, the four-star general, Keith Alexander, was put in charge of the newly formed US Cyber Command. By 2014, its budget had jumped from $1 billion to $4.7 billion. They claim they need this money to deal with incessant attacks from other governments.
As part of their recruitment, the US Defense Department has annual competitions with cyber warriors running banks of military computers. Each team typically has to protect five computers (which are running seven different operating systems) against relentless waves of ever-sophisticated cyber attacks. 
China and many other countries are doing the same. After all, since time immemorial, teenagers have been given weapons and told to fight. Apparently this is the 21st-century version.
Ein News:  http://bit.ly/1Llc8Bs

 

« FBI Director says ISIS Could Cyberattack the US
Silicon Valley a Major Player in Cyberwarfare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

ON-DEMAND WEBINAR: Harnessing the power of Security Information and Event Management (SIEM)

Join our experts as they give the insights you need to power your Security Information and Event Management (SIEM).

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackBox Software

BackBox Software

BackBox is a leading provider of solutions for automated backup and recovery software for security and network devices.

SEWORKS

SEWORKS

SEWORKS provides offensive and defensive app security that ensures mobile and web apps are safe from dangerous hacking threats.

CIO Dive

CIO Dive

CIO Dive provides news and analysis for IT executives in areas including IT strategy, cloud computing, cyber security, big data, AI, software, infrastructure, dev ops and more.

H3C Group

H3C Group

H3C provides a full range of Computer, Storage, Networking and Security solutions.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

Securden

Securden

Securden provide an all-in-one Platform for Next-Gen Privileged Access Governance, helping you to prevent identity thefts, malware propagation, cyber attacks, and insider exploitation.

SAIFE

SAIFE

SAIFE has adapted a Software Defined Perimeter approach and paired it with a Zero Trust model that defines access by the user, their device, and where they are located.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

SpiderOak

SpiderOak

SpiderOak's portfolio of Secure Communication & Collaboration products ensure the confidentiality, integrity, and availability of your most sensitive data in any environment.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

Binalyze

Binalyze

Binalyze is the world's fastest and most comprehensive enterprise forensics solution. Our software helps you to collaborate and complete incident response investigations quickly.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.