Friday, July 15, 2011
Just as the United States Department of Defense released its DoD Strategy for Operating in Cyberspace (DSOC), new information from law enforcement agencies revealed new and more involved cyber crimes.
The DSOC is the first official and comprehensive strategy for protecting the nation's military, intelligence and business operations, including the financial payments industry, Deputy Secretary of Defense William J. Lynn told an audience at the National Defense University in Washington, D.C., in July 2011.
The DOD has more than 15,000 networks and more than 7 million computers. Lynn pointed out the military depends on the nation's power grid for 99 percent of its power needs; ninety percent of the military's voice and communication services are provided by private (civilian) networks. The military also heavily relies on civilian transportation systems to move military personnel and freight, on civilian refineries for fuel provision, and on the private financial industry to process military payments.
"Significant disruptions to any one of these sectors could impact defense operations," Lynn said. "A cyber attack against more than one could be devastating. The centrality of information technology to our military operations and our society virtually guarantees that future adversaries will target our dependence on it."
Lynn outlined a five-point plan for protecting cyber space and the industrial and military infrastructure it supports.
"This strategy holds that our posture in cyberspace must mirror the posture we assume to provide security for our nation overall," he said, adding that a military response to a cyber attack will remain an option, but the emphasis for the DOD will be to develop systems – in conjunction with private partners – that deny attackers any benefit from an attack.
The aim of the DOD strategy is to build "a more secure and resilient Internet," Lynn said.
Lynn noted that every day more than 60,000 new malicious software programs or variations are identified that threaten U.S. security, the U.S. economy, and U.S. citizens. Backing him up was a report issued the day of his speech by the Internet Crime Complaint Center (IC3), the partnership created by the FBI and the National White Collar Crime Center.
The report identifies new cyber crime trends, including an uptick in the number of distributed denial of service attacks. Among the attacks documented was an attack on one unidentified financial institution's Internet banking services that caused the bank to receive more than 8,000 hits per second to its login screen and thereby blocked access to bank services by legitimate clients.
Other scams documented by IC3 include:
IC3 reported merchants are getting hit with fraud scams at a rapidly growing rate. These scams are generally targeted to stealing consumer names, addresses, email addresses and IP addresses. IC3 noted that in the last three months there has been a "significant increase" in the amount of spear phishing directed at merchants. The good news is malware attacks were down during the same period.
According to the IC3, much of the increase in fraud attacks is attributable to thefts of personal information through fake donation sites for causes such as the Japanese earthquake and tsunami relief effort. Social networks are thought to be an important vehicle for promoting this scam.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.