Cyberattacks waged via the Internet are the fastest growing form of espionage, Canada’s spy agency says.
The Canadian Security Intelligence Service also warns that the energy, financial and telecommunications sectors are becoming increasingly vulnerable to attack.
In its annual public report, CSIS says it investigated threats against critical systems last year by foreign countries, terrorists and hackers.
Internet-based tools and techniques offer a secure and low-risk means of conducting espionage, the spy service says.
“Increasingly, cyber-related tools and techniques have been added to the methods utilized by hostile actors to attack public- and private-sector systems,” says the report tabled Monday in Parliament.
“CSIS focuses its investigations on politically motivated threats or incidents where the integrity, confidentiality or availability of the critical information infrastructure is affected.”
Internet access at the Treasury Board and Finance departments was cut off in January after what officials called “an unauthorized attempt” to break into their networks.
A routine assessment of both departments last year revealed they had not been following all of the government’s information technology security requirements.
CSIS is aware that certain foreign agencies are conducting intelligence operations within Canada, the service’s director, Dick Fadden, says in a foreword to the report released Monday.
The spy agency did not respond to a request to interview him.
In a speech last year, Mr. Fadden said state-sponsored espionage against Canada was being conducted at levels equal to or greater than during the Cold War.
Canada is attractive to foreign spies because it’s an innovative leader in areas such as agriculture, biotechnology, communications, mining and the aerospace industry, he said.
“Certainly, China has often been cited in media reports as an example of a country that engages in such activity but it would not be exclusive to that country. Just as the Internet is global, so is the cyber threat,” Mr. Fadden said.
Attackers target computer systems to acquire technology, intellectual property, military strategy and commercial or weapons-related information, as well as details of national strategies on a variety of domestic and foreign issues, the CSIS annual report says.
It cites public information describing the use of botnets – networks of compromised machines that can be purchased or rented by potential attackers – as well as rogue e-mails, Twitter and other social networking services to launch attacks.
“CSIS is aware that this cyber-based variant is the fastest growing form of espionage, that the threat of cyberattacks is one of the most complicated issues affecting the public and private sectors and that attacks on the latter have grown substantially and are becoming more complex and difficult to detect.”
The report notes that terrorists and other extremists use online resources – including e-mail, chat rooms, instant messaging, blogs and video-sharing sites – to plan, co-ordinate and execute operations.
“The cyber-related capabilities of various extremist groups have been publicly described as limited at present, but their abilities are developing and evolving,” the report says.
“This was not a concern in the early days of CSIS as there was no broad, worldwide use of the Internet to speak of. Communication between individuals and groups that were targets or persons of interests was much more difficult than it is today and much easier for organizations such as ours to track.”
Terrorism, primarily Islamist extremist violence, remains the greatest threat to the safety and security of the West, including Canadians, adds the report.
A team of quantum cryptography researchers from Singapore and Norway have managed to eavesdrop on a communication that was encrypted by quantum key distribution (QKD) without being detected.
QKD is one variety of quantum cryptography, and is probably the most well known. In a nutshell, a communication encrypted by QKD is one where both the sender (known in the literature as “Alice”) and the receiver (“Bob”). Like the most common encryption protocol used today, public-key encryption, QKD relies on electronic “keys” to decrypt messages sent back and forth between Alice and Bob. In public-key encryption, the keys are very large prime numbers, which are difficult to current computers to calculate and determine through brute force.
In QKD, the key is actually in the form of stream of photons, where each photon consists of one bit of information about the key, depending on the photon’s state. In theory, this would prevent an eavesdropper (“Eve”) from breaking into the communication, because the very act of Eve trying to measure the state of the photons will actually change their state. That change would enable Bob and Alice to know that Eve was trying to listen in on their conversation, and also prevent Eve from obtaining the complete key.
In practice, however, this has turned out to be more difficult, due to the physical limitations of a QKD system. This has enabled several successful attacks on QKD systems, including the ability of Eve to obtain the key and listen to the communications. However, all of these methods still introduce some errors into the communcations and key receptions, meaning that it’s possible for Alice and Bob to notice the eavesdropping and act accordingly.
The researchers at the University of Singapore, however, have managed to go one step further — they’ve developed a method of producing a full exploit of a QKD system that allows for Eve to eavedrop on Alice’s and Bob’s communication — without introducing enough errors to allow her to be detected. Her eavesdropping appeared to be no different from the random background errors that are inevitable in the physical implementation of a QKD system.
Although the researchers were able to infiltrate this system with basically off-the-shelf parts, it’s worth noting that this exploit doesn’t mean that QKD isn’t a viable method of encryption. The researchers themselves suggest several countermeasures, and no doubt other countermeasures will be developed as this research continues. As the researchers themselves note: ”a more pointed question is what problems still lurk unnoticed in the gap between the theoretical description and the practical systems. Just as in classical cryptography, an ongoing search for backdoors is required to build hardened implementations of quantum cryptography for real-world use.”
Quantum cryptography is still in its infancy, but it’s still more than likely the future of encrypted communications once its been further refined and developed.
THE chief executive of Rupert Murdoch’s News International has been shown police evidence revealing that her voicemail was repeatedly hacked by a private investigator employed by one of the company’s newspapers.
The Independent last night reported that News International confirmed the 43-year-old media executive Rebekah Brooks met Metropolitan Police detectives last week to see records showing she was targeted by Glenn Mulcaire, the private detective employed by News International’s Sunday tabloid News of the World to eavesdrop on the voicemails of numerous public figures.
According to The Independent, the alleged hacking took place between 2005 and 2006, when Ms Brooks, who is also a former editor of the News of the World, was in charge of The Sun.
She became the subject of media interest in her personal life in November 2005 when she was arrested for an alleged assault on her then husband, actor Ross Kemp. She was released without charge.
The revelation that Ms Brooks was a likely repeated target for Mr Mulcaire was first made by Sky News, whose largest shareholder is Mr Murdoch’s News Corporation. Mr Murdoch is in London to attend a company board meeting.
The company’s shareholders and non-executive directors are believed to be concerned about the way the hacking affair has been handled by Mr Murdoch’s London lieutenants.
Three News of the World journalists have been arrested since the Metropolitan Police reopened its inquiry into the claims.
The Met’s original inquiry into the practice led to the conviction of NOTW royal editor Clive Goodman and Glenn Mulcaire in 2007.
A Manchester United footballer is the latest high-profile figure to sue the Murdoch tabloid for breach of privacy, claiming that his mobile phone messages were intercepted by journalists working for the paper.
Ryan Giggs has begun legal proceedings against the tabloid and Mulcaire over the phone hacking.
Scotland Yard, which is investigating multiple claims that NOTW staff hacked into the voicemail messages of celebrities and politicians, would not comment on the cases of either Ms Brooks or Giggs.
Actress Sienna Miller was last week awarded ÂŁ100,000 ($A153,810) damages at London’s High Court after bringing a privacy and harassment claim in connection with the NOTW‘s phone-hacking action.
Other well-known figures said to have been victims of mobile phone message hacking include actor Jude Law, former prime minister Gordon Brown, ex-footballer Paul Gascoigne and comedian Steve Coogan.
Attorney-General Robert McClelland. Photo: Marco Del Grande
Cyber espionage and foreign interference pose serious threats to Australia’s national security, the federal attorney-general says.
“The next ten years will undoubtedly see a marked intensification of this activity,” McClelland told a Sydney summit discussing the decade since the attacks of September 11, 2001.
McClelland pointed to recent prominent cyber attacks such as Ghostnet, which infected computers belonging to the office of the Dalai Lama and Stuxnet which brought Estonia to a virtual standstill.
“These attacks and the threat to critical infrastructure such as banking, telecommunications and government systems is not something we can be complacent about,” he said yesterday.
The Australian government has made cyber security a top national security priority and is investing to significantly enhance Australia’s cyber security capabilities, he added.
The global and interconnected nature of the internet means the threat extends beyond nations.
“For this reason it is critical that laws designed to combat cyber threats are harmonised, or at least compatible to allow for international cooperation,” McClelland told the conference hosted by the United States Studies Centre.
The government is seeking to strengthen international arrangements by moving to accede to the Council of European Convention on Cybercrime.
This is the only binding international treaty on this “significant threat”, he said.
“[Accession to the convention] will help Australian agencies to better prevent, detect and prosecute cyber intrusions.”
(Reuters) – The recent spate of cyber attacks have raised questions about the security of government and corporate computer systems, and the ability of law enforcement to track down hackers.
Here’s a breakdown of the different types of cyber assaults, from “hactivists” to serious criminals.
DISSIDENT HACKERS SEEKING MAXIMUM PUBLICITY
The Lulz Security and Anonymous groups have broken into computer servers to steal data that they publish on the Internet to embarrass their targets. Examples of this include LulzSec hacking into Fox TV’s “X Factor” contestant database, or breaking into FBI affiliate Infraguard and publishing its user base.
So-called hactivists also use distributed denial of service (DDOS) attacks, in which they get supporters to crash the websites of their targets by overwhelming the servers with traffic. The Anonymous group launched DOS attacks against Visa and MasterCard because the group thought the companies were hostile to Wikileaks and its founder Julian Assange.
CYBER ATTACKS FOR FINANCIAL GAIN
Primarily based on getting financial information, such as payment card data or bank account details, perpetrators tend to keep their attacks secret because the data is more valuable if victims do not know it has been stolen.
Citigroup disclosed that unknown hackers in May had stolen information from 360,083 credit card accounts in North America, in what was the most significant known direct assault on a financial institution.
These attacks can come from just about anywhere, although Western security experts have said that Russia and China deliberately turn a blind eye to this kind of activity from within their borders, provided it is not targeted domestically.
GOVERNMENT OR STATE-BACKED ATTACKS
Hacking by governments or state-sponsored groups is usually aimed at stealing classified information, such as military secrets or other prized data. Security experts have cited attacks on the International Monetary Fund and Google Inc’s email service as recent examples.
There is often finger-pointing at Russia and China after such attacks, although experts suspect other nations including the United States of using this technique more quietly.
There are also occasional suspected state-backed DDOS attacks, such as on Estonia and Georgia in 2007.
FROM VIRTUAL NETWORKS TO THE REAL WORLD
These are cyber attacks aimed at causing actual physical damage, such as by hacking into industrial computer controls to destroy military assets or public infrastructure.
The Stuxnet virus, which Iran has said was used to attack computers at its Bushehr nuclear reactor, is the only case so far that security experts widely agree fits into this category.
(Reporting by Marius Bosch and Jim Finkle; editing by Tiffany Wu)
