ANALYSIS-Cyber raids unlikely to stir faster global action

Thu Aug 4, 2011 2:47am EDT

* Latest breaches worry Western powers

* Experts want more data about the break-ins

* Stigma, spying remain barriers to harmonising cyber rules

By William Maclean

LONDON, Aug 4 (Reuters) - A major new hacking attack underscores that governments and companies are losing the war against cyber thieves, but it's unclear if the disclosure will prompt quicker global action against online break-ins.

A U.S. report that intruders breached the computer networks of 72 organisations around the world over a five-year period in the biggest hacking campaign found to date will be seized on by Western states to call for tougher digital defences.

"This is the biggest transfer of wealth in terms of intellectual property in human history," said Dmitri Alperovitch, vice president of Threat Research at U.S. security company McAfee, which produced the report.

McAfee said it believed there was one "state actor" behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China. There was no comment from China on the report.

Evidence of official Western concern about the raids surfaced on Wednesday when Britain's electronic spy agency issued a rare public comment, saying the report illustrated the importance of better cyber security for trade and social development.

<^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Q+A on Operation Shady RAT [ID:nN1E76R22Q]

Victims by category, country r.reuters.com/zug92s

Reuters Insider show link.reuters.com/neg92s

For graphic on cyber attacks link.reuters.com/buh92s

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^>

There was a need for the widest possible international "shared understanding" of acceptable online behaviour, the Government Communications Headquarters told Reuters.

At the White House, spokesman Jay Carney said U.S. President Barack Obama was working to tighten the defences of both the government and private sector.

Echoing that view, the British-based International Cyber Security Protection Alliance, which helps law enforcement agencies tackle online intruders, said the report showed cyber warfare had escalated to a degree that was irrefutable.

"Businesses that have mainstream exposure to the Internet and that are dependent upon technology for their survival must now surely take the threat seriously," alliance chief executive John Lyons told Reuters.

He said companies should now be "much less arrogant in their approach to ensure that their intellectual property and customer data is securely protected".

Whether they will be any more vigilant is another question.

STIGMA WANING, BUT SLOWLY

Despite growing alarm in Western governments, a host of obstacles stands in the way of a safer online world, not least the reluctance of stigma-conscious companies to report attacks.

That reluctance is eroding, following publicised strikes on Western and multilateral institutions in 2011, but not quickly enough for the liking of many security experts.

Mohan Koo, chief executive at security firm Dtex, said the report would encourage more companies to speak out and pool experiences to combat what he calls the hacking epidemic.

"However, I suspect most will want to remain anonymous due to the heightened fear of reputational implications," he said.

"More detail around what was stolen and how would certainly help illustrate the scenarios and would provide more chance of others coming and saying, 'Hey, that happened to me too!'."

Graham Cluley, senior technology consultant at Sophos, told Reuters the McAfee report was another important reminder for all firms and governments to take computer security seriously.

But he agreed that more information would help focus minds.

"At the moment, it's unclear whether it was Rose on Reception or Dave the CEO who had his computer attacked."

Then there is cynicism among businesses about publicised cyber disasters. These are sometimes seen as marketing by an industry competing hard for business from clients strapped for cash.

IDEOLOGICAL DIVIDE DEEPENS

"There is still a reluctance amongst organisations to believe this is happening -– especially of course when it’s a security company making the statements -– but that is slowly diminishing and CEOs are becoming more aware," said Tony Dyhouse, of Britain's ICT Knowledge Transfer Network, a multi-industry forum on innovation.

Another problem is that many organisations have difficulty using standard risk-management techniques to gauge the threat against the cost of impact to a business.

"It’s almost impossible to sensibly assess the financial impact as that often lies in leading-edge intellectual property which may form part of a bigger (business) picture, and may not be realised for years more," said Dyhouse.

Then there is the fact that all sophisticated governments try to snoop electronically on each other. That delicate reality means that any international effort to harmonise laws on cybercrime to enable violators to be pursued and punished across borders has to first tackle a deep deficit of trust.

What also complicates cyber diplomacy is an ideological divide between Western nations and more authoritarian societies. Autocracies tend to favour censorship. Western nations argue access to information has vital economic and social benefits.

"A digital curtain is descending across the globe," said Rafal Rohozinski, a senior scholar at the Canada Center for Global Security Studies.

Just over half of the world's Internet-connected population lives under one form of online restriction or another, and that number is rising fast, he told the U.S. Commission on Security and Cooperation in Europe at a July 15 hearing in Washington.

"Since 2003, when we first documented the emergence of the “great firewall” of China, more than 45 states worldwide have adopted similar means for turning the Internet from a global commons into a gated community."

(Additional reporting by Jim Finkle; editing by Michael Roddy)

((william.maclean@thomsonreuters.com)(+442075428908)) Keywords: SECURITY CYBER/RAIDS

(C) Reuters 2011. All rights reserved. Republication or redistribution ofReuters content, including by caching, framing or similar means, is expresslyprohibited without the prior written consent of Reuters. Reuters and the Reuterssphere logo are registered trademarks and trademarks of the Reuters group ofcompanies around the world.

Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.