Cyberspace has fundamentally transformed the global economy. It's transformed our way of life, providing two billion people across the world with instant access to information to communication, to economic opportunities. And yet, with these possibilities, also come new perils and new dangers. The Internet is open. It's highly accessible, as it should be. But that also presents a new terrain for warfare. It is a battlefield of the future where adversaries can seek to do harm to our country, to our economy, and to our citizens," said Defense Secretary Leon Panetta.
And it's not just talk about potential dangers. Just last week Iran launched on US banks. The Wall Street Journal reports, "Iranian hackers renewed a campaign of cyberattacks against U.S. banks this week, targeting Capital One Financial Corp. COF +0.43%and BB&T Corp. BBT -1.11% and openly defying U.S. warnings to halt, U.S. officials and others involved in the investigation into the attacks."
So what makes this attack different?
"In this case the Iranians blamed the attack on hacktivists. But it fact it was backed by Iranian government. This is significant because suddenly you can have a government backing up a hacktivist campaign and appear blameless to the international community. Plus you can do major damage to infrastructure at relatively low cost and risk," said Rob Rachwald.
Rachwald is the Director of Security Strategies at Imperva.
He told Chris Dorobek on the DorobekINSIDER program that we have officially entered the era of cyber war.
Era of Cyber-War
"Like any other arms race the cyber war is currently going through a process of escalation. After the New York Times piece was published that finally proved once and for all that the Stuxnet worm that took down a Iranian nuclear plant was started in the US, we were ripe for retribution. Us and Iran will be going tit for tat for the next few years," said Rachwald.
Are Denial-Of-Service Attacks Effective?
"Sometimes denial of services attacks are just smoke screens to divert attention from the real attack," said Rachwald.
1. Security pros need to re-think power of Denial-Of-Service attacks.
2. Need to look at different flavors of the attacks, they have technically changed in many ways in the last few years.
3. Basically you need to be prepared for any type of attack at anytime because if you look at how and when people are targeted there often no rhyme or reason.
4. It's not a question of if your organization will be attacked but when. "There are two types of companies, those that have been attacked and those who don't know they've been attacked," said Rachwald.
5. You need to have a serious review of how Denial-Of-Service Attacks are preformed.
Big Data Impact
"State sponsored attacks are much harder to identify," said Rachwald, "big data is really what's going to defeat the state sponsored stuff. Anti-virus is virtually useless. It only finds about 6-25% of virus'. You really have to rely on a much deeper set of intelligence. "
Hacker as the Innovator?
"Hackers are by definition innovators and early adopters. The good guys are always behind the curve," said Rachwald.