A study released last week warns of a rise in international cyber spying, labelling it the single biggest threat to the enterprise in 2008.
The annual McAfee Virtual Criminology Report examines emerging global cyber security trends, with input from NATO, the FBI, SOCA and experts from leading industry groups and universities. It claims governments across the globe are using the internet for cyber spying and cyber attacks.
Hype about the need to protect critical infrastructure dominated headlines about six years ago, however, the issue has subsided in recent years as malware and phishing attacks wreaked havoc in the financial services industry.
The report says cyber targets include critical national infrastructure network systems such as electricity, air traffic control, financial markets and government computer networks. McAfee estimates 120 countries are now using the internet for web-based espionage operations.
McAfee senior vice president of product development, Jeff Green, echoes recent claims from around the world — and New Zealand Security Intelligence Service — saying many cyber attacks originate from China.
Green says the Chinese government has publicly stated it is pursuing activities in cyber espionage. He says cyber assaults have become more sophisticated in their nature, designed to specifically slip under the radar of government cyber defenses.
"Attacks have progressed from initial curiosity probes to well-funded and well-organised operations for political, military, economic and technical espionage," Green warns.
"Cybercrime is now a global issue. It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security.
"We're seeing emerging threats from increasingly sophisticated groups attacking organisations around the world. Technology is only part of the solution, and over the next five years we will start to see international governments take action."
David Vaile, executive director of the Cyberspace Law and Policy Center at the University of NSW, says it is difficult to measure cyber spying because there are so many denials. He says the recent cyber war in Estonia is proof of the growth in web espionage.
The attack took the form of coordinated mass requests for information and spam email which targetted at key web sites so they did not function or crashed. The cyber war was beleived to be the result of a political disagreement about a Soviet war memorial the Estonian government is seeking to relocate.
The study also identified genetically modified "super" threats claiming there is a new level of complexity in malware not seen before. These are more resilient, are modified over and over again like recombinant DNA, and contain highly sophisticated functionality such as encryption.
A new target for cybercriminals is Voice over IP (internet protocol) software, while in Japan, 50% of all data breaches have been via peer-to-peer software.