Worlds Trouble Spots Escalating Into Cyberthreats For Businesses

As regional troubles spill over to the digital world, companies should reinforce their defenses and demand their suppliers do the same, experts say

In the past, companies could avoid the worlds trouble spots, pulling out of war-torn countries and unstable regions to avoid conflict. Yet, as the worlds citizens become more savvy online, local unrest is quickly transforming into global threats that companies cannot easily evade.
The Syrian Electronic Armys
recent attacks
against media firms domain-name infrastructure is only the latest example of the escalation of local conflicts to the global digital stage. Over the last year,
distributed denial-of-service attacks
by the Iranian cyber militia known as the Izz ad-Din al-Qassam Cyber Fighters has cost U.S. and European banks millions of dollars. And, attacks by hackers
aligned with North Koreas interests
have hit both South Korean and U.S. servers.
The threat landscape has expanded in ways that are almost unimaginable, says Jeffrey Carr, a cyber threat consultant and founder of Taia Global. You cant really anticipate all the different threat actors out there that might be interested in your website, your IP [intellectual property], or your reputation.
So far, the impact of such digital attacks have been mild, if embarrassing. While security researchers and providers have warned that vulnerable critical infrastructure could be targeted by attackers with catastrophic results, attacks by purported hacktivist groups and patriotic hackers have been limited to denial-of-service attacks, defacements, and propaganda. Most groups seem deterred by the potential repercussions of a serious cyberattack, says Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike, a startup focused on advanced threats.
All these actors are cautious actors, because they dont want to incur too much of a reaction, he says. That is likely to continue unless there is actually a conflict in which the regime decides that a greater level of retaliation is needed.
The ongoing civil war in Syria and the possible punitive bombing of strategic government sites by the U.S. and Western nations has increased tensions, however. So far, Western nations have refused to intercede in the Syrian conflict, which has claimed more than 100,000 lives in the last two years and produced more than 2 million displaced refugees, according to tallies kept by the
United Nations
and the Syrian Observatory for Human Rights. Yet, with the U.S. and European nations building a case showing that the Syrian government used chemical warfare against rebels, the conflict looks ready to escalate.
The digital side of the conflict could escalate as well. The Syrian Electronic Army has
reportedly
claimed it would strike back at the United States, if the nation struck at potential chemical weapons storage sites or took other punitive actions.
We should not be shocked that other countries are using their capabilities to gain whatever advantage they can in the economic sphere or the geopolitical sphere, and that means that the private sector in this country is absolutely a target of these attacks because they are a key part of our infrastructure, he says.
Knowing that attacks come from Syrian hacktivists or government-sponsored hackers can help companies tune their defenses and implement additional protections around critical data, says Alperovitch. Companies should develop a greater ability to defend their own networks, starting with a good legal framework for what is allowed, he says.
You are going to have to enable the private sector to allow them to do more in defense of their private networks, he says. With these lower-level attacks, we wont see a response from the U.S. government.
[Protecting domains requires registry locks as well as other measures, including two-factor authentication and administrative access control. See
Domain Security Needs More Than Registry Locks
.]
For the government, the issue is complicated by the fact that attributing attacks to actual actors is difficult. Bouncing communications between multiple computers to hide the source of the controllers system is technically easy, says Raj Samani, chief technology officer for McAfees Europe, Middle East and Africa group.
For that reason, companies should never assume that hacktivists are who they say they are, he says. The barriers to become a hacktivist are low--anyone with some knowledge, a few free online tools and a flair for dramatic Pastebin posts can create their own hacktivism group or pretend to be one, he says.
Hitting the mark on attribution is very difficult in the cyber world, Samani says. If I attack your PC today, I can come from any computer in the world, and for you to really go after me, you have to go through a very painstaking and laborious process.
For that reason, companies should learn what they can through investigating details of the attack, but not lose focus of the general mission to reduce their attack surface area and harden their systems, says Taia Globals Carr.
You will never know everyone out there; you will never be able to plan for every contingency, he says. So while it is good to know and keep up with who the threat actors are, you cannot anticipate unknown threats.
Finally, companies need to not just lock down their own systems, but ensure that their suppliers are doing the same. The recent domain takeover that made The New York Times inaccessible for hours, and in some cases days, happened because the news organizations supplier of DNS services, MelbourneIT, had a third-party reseller whose credentials where compromised.
In many cases, it is not a question about security but of transparency, says McAfees Samani. Do you have transparency about all of the risks in your supply chain? And in most cases, the answer is no.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Worlds Trouble Spots Escalating Into Cyberthreats For Businesses