Cyber Crime on a Global Scale

ScaleOfCyberCrime.jpg

Cyber bad guys operate at all levels, from intercepting your car's bluetooth, to using apps and the Internet to steal private financial details of tens of millions of citizens.
Even a single person can create cybercrime mayhem.
In April 2015, Navinder Singh Sarao, a 36-year-old, appeared in court in the UK wearing baggy sweatpants, running shoes and a hoodie. This small-time investor drove a broken-down car, and lived in his parents' run-down flat near the flight path of Heathrow airport. But back on 6th May 2010, he had used off-the-shelf software to manipulate high-frequency trading algorithms to create the infamous 'flash crash'.
He sent the Dow Jones industrial average on a wild ride up and down some 1000 points. He briefly wiped over $1 trillion from the stock markets. To put that in perspective, that's about 1/60 of the gross domestic product of the entire planet, for a whole year. And along the way, using techniques called 'spoofing' and 'layering', he picked up $40 million, all done using a simple home computer.
Given it's that easy for one person to create havoc, think how much easier it would be for a government with all of its resources. People talk about 'cyber warfare', but it is a fairly vague term, referring to governments attacking other governments. Specifically, what happens when governments use the internet for sabotage, espionage and subversion.
Financial markets, military assets, communication networks, infrastructure of many types, if it's got a computer, it can be hacked.
In September 2010, the nuclear enrichment facilities in Iran were attacked by the Stuxnet-worm.
The Iranians were purifying uranium up to weapons-grade using centrifuges. These centrifuges were taken over by this worm. They spun so quickly they destroyed themselves. But while the attack was actually happening, the control panels of the Iranian operators wrongly indicated that the centrifuges were spinning normally.
This attack delayed the Iranian weapons-grade uranium program by over a year. Who did this? In June 2012, the New York Times claimed that President Obama had authorised this sabotage.
A modern country relies absolutely on infrastructure — sewerage, transport, drinking water, power, and so on. In 2009, President Obama said: "cyber intruders have probed our electrical grids".
Then, in 2012, an American company that monitors over 50 per cent of the gas and oil pipelines in the USA discovered that the Chinese had hacked its computer systems.
Were the Chinese simply looking for industrial secrets? Or were they planting bugs, so that they could shut down the US energy grid if China and the USA were to have a conflict sometime in the future?

In 2012, Iranian hackers took control of 30,000 computers belonging to the world's largest oil producer, Saudi Aramco. We know they changed the Aramco logo to a burning US flag. But what else did they do?

In March 2013, the major banks and broadcasting TV stations in South Korea were hacked. Was North Korea to blame, or was it somebody pretending to be North Korea?
In the Middle East, the Syrian Electronic Army hacked into the Twitter account of Associated Press. They then published a fake news item about a bomb at the US White House. That incident alone sucked $136 billion out of the US Equity Market.
One of the beauties of cyber warfare is its anonymity. While there are suspects, there is often still not enough information to positively identify the culprits.
Cyber warfare can also be done relatively cheaply. But of course, you get better results if you spend more.
In May 2010, the four-star general, Keith Alexander, was put in charge of the newly formed US Cyber Command. By 2014, its budget had jumped from $1 billion to $4.7 billion. They claim they need this money to deal with incessant attacks from other governments.
As part of their recruitment, the US Defense Department has annual competitions with cyber warriors running banks of military computers. Each team typically has to protect five computers (which are running seven different operating systems) against relentless waves of ever-sophisticated cyber attacks. 
China and many other countries are doing the same. After all, since time immemorial, teenagers have been given weapons and told to fight. Apparently this is the 21st-century version.
Ein News:  http://bit.ly/1Llc8Bs

 

« FBI Director says ISIS Could Cyberattack the US
Silicon Valley a Major Player in Cyberwarfare »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BruCERT

BruCERT

BruCERT is the referral agency for dealing with computer-related and internet-related security incidents in Brunei Darussalam.

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Waratek

Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.

Netmarks Indonesia (NMID)

Netmarks Indonesia (NMID)

Netmarks Indonesia is an IT solutions provider offering services related to ICT infrastructure, digital transformation and cyber security.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

CounterFind

CounterFind

CounterFind is turnkey technology that allows brands to find and remove counterfeit and infringing merchandise from online marketplaces and social media sites.

Polymer Solutions

Polymer Solutions

Polymer is a Data Governance & Privacy Platform for third party SaaS apps. A modern Data Loss Protection (DLP) approach to remove sensitive data exposure on collaboration tools in real-time.

Veratad Technologies

Veratad Technologies

Veratad Technologies, LLC is a world class provider of online/real-time Identity Verification, Age Verification, Fraud Prevention and Compliance Solutions.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

Yogosha

Yogosha

Yogosha is a crowdsourced cybersecurity platform enabling a win-win collaboration with the most talented hackers to detect and fix vulnerabilities on your most critical systems.

People Driven Technology

People Driven Technology

People Driven Technology is a customer-obsessed organization. We leverage our decades of business, technology, and engineering experience to deliver outcomes for our clients.

GTT Communications

GTT Communications

GTT are a global network provider that serves thousands of multinational and national enterprise, government and carrier customers with a portfolio of advanced connectivity and security services.

Nclose

Nclose

Nclose is a proudly South African cyber security specialist that has been securing leading enterprises and building our security portfolio since 2006.

Nihka Technology Group

Nihka Technology Group

Nihka offers full end-to-end ICT solutions from business optimisation, data centre modernisation, cloud connection and management, and ICT security.

Cytacs

Cytacs

Cytacs is the AI-powered cyber security platform specifically designed for small and medium-scale enterprises.