Targeted Attacks Focus On Economic Cyberterrorism

Orome1 writes "When it comes to dangerous Web threats, the only constant is change and gone are the days of predictable attack vectors. Instead, modern blended threats such as Aurora, Stuxnet, and Zeus infiltrate organizations through a variety of coordinated tactics, usually a combination of two or more. Phishing, compromised websites, and social networking are carefully coordinated to steal confidential data, because in the world of cybercrime, content equals cash. And, as a new Websense report illustrates, the latest tactics have now moved to a political and nationalistic stage. Cybercriminals and their blended attacks are having a field day taking advantage of security gaps left open by legacy technologies like firewalls, anti-virus, and simple URL blockers."

Re:Nations are stupid

[ScentCone]

Why do we still have nation-states? What good do they serve?
They help to make sure that even though millions of people want to live under Sharia law, I don't have to. Yet.

Re:Time for IBM to work on the ZTIC successor?

[httptech]

Have a look at Cronto - it's an out-of-band authentication system, similar to ZTIC but doesn't use an electrical connection to the computer that could be impacted by a malware infection on the PC. Instead it transfers encrypted/signed transaction details via visual code to the Cronto device (or Cronto app running on a camera-enabled smartphone). There are a few other similar systems from other vendors, but Cronto is the only one I've seen with a mobile app so far.

Re:Nations are stupid

[ScentCone]

Nations help oppress people, not keep them free

No. Nations that don't have a constitutional framework founded in liberty (freedom of speech, assembly, etc) might fit that description, but not all nations. Nations are either subject to the rule of law (as backed up by their founding documents) or they are just mob rule (or a fuedal society). A nation that doesn't prevent thugs from telling you what to do isn't keeping people free. A nation that is constititionally chartered around the idea of keeping thugs (individual or governmental) in check is, in fact, a preserver of liberty.

That doesn't mean that it always goes well, but that's the general idea. You seem to be suggesting that ALL nations are oppressive because some nations are oppressive to thugs. Denying liberty to those who seek to deny liberty to others is not oppression. It's the opposite.

it's the end of the interweb as we know it

[davidwr]

Countries and organizations are going to have to realize that connecting their in-house network to "the internet" securely is HARD and sometimes the best thing to do is to have an "ip gap" or better yet an "air gap" between their in-house data and the outside world. Oh, and turn off of those USB ports or at least treat them as untrustworthy. This isn't easy either, so there is a trade-off.

Many governments already do this for their sensitive networks.

This won't stop inside jobs and it won't stop the most determined invader but it will make it much more expensive to succeed.

Re:Cybercrime != Cyberterrorism

[Nidi62]

I would focus more on the political aspect of terrorism rather than the violence aspect. The DDOSing of the Georgian national bank by Russian hackers during the crisis over North Ossetia certainly didn't kill anyone, but it left a large portion of that state's population without access to cash for a few days. Attacks such as these have the potential to cause severe economic and psychological damage to a targeted society. Reducing confidence in something that a society takes for granted has great political/terroristic potential. Remove the ability for hundreds of thousands (millions?) of stay at home soccer moms to play Farmville, and you will have an affect. Terrorism should be defined more by the motive rather than the method.