McAfee report: Cyberespionage to be a top 2008 national security threat

A rise in international cyberspying will pose the most significant
threat to the national security of the United States in 2008, according
to a report from anti-virus vendor McAfee.

The company said that governments and "allied groups" will turn to cyberspying and cyberattacks against targets such as electricity grids, air-traffic control systems, financial markets and government networks - all critical infrastructure that, if compromised, could affect the country's national security, according to the report.

McAfee's annual “Virtual Criminology Report,” which looks at global cybersecurity trends, was conducted in conjunction with NATO, the FBI, the Serious Organised Crime Agency (SOCA), an independent organisation formed by the United Kingdom's Home Office, and security experts from non-profit organizations and universities.

"Cybercrime is now a global issue," Jeff Green, senior vice president of McAfee Avert Labs and product development, said in a prepared statement. "It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security. We're seeing emerging threats from increasingly sophisticated groups attacking organizations around the world. Technology is only part of the solution, and over the next five years, we will start to see international governments take action."

Tim Jemal, senior vice president of government relations for the Cyber Security Industry Alliance (CSIA), cited this year's attack on Estonian interests as an example of governments being targeted by malicious hacker groups.

"Cyberthreats to the United States pose a growing risk to national security, that's true," he said. "When a technology-savvy county like Estonia was recently crippled by botnet attack from Russian sources, it's a clear indication that cyberspace is being used by some criminal sources to destabilize countries, and the United States is definitely a target."

Other trends include increasing threats to online financial services and the emergence of a complex and sophisticated market for malware, according to the report, which noted that 120 countries “now use the internet for web-espionage operations,” with many of the cyberattacks originating from China.

While Jemal wouldn't comment on McAfee's estimate of 120 countries involved in web-based espionage, he said many were using the internet in other malicious activities.

“Twenty-five nations, including China, are engaged in cyberwarfare programs,” he said. “They use cyberspace as a weapon against another country."

The report also indicates that cyberattacks have become “more sophisticated, progressing from initial curiosity probes to well-funded, well-organised operations designed.” These operations, designed to slip under the radar of government defenses, increasingly encompass political, military, economic and technical espionage, according to the report.

Cybercriminals are also developing new attack methods. These include "vishing," or phishing via Voice over IP phone networks, and "phreaking," hacking into telephone networks to make long-distance phone calls.