Active Stocks
Thu Mar 28 2024 15:59:16
  1. Tata Steel share price
  2. 155.90 2.00%
  1. ICICI Bank share price
  2. 1,095.75 1.08%
  1. HDFC Bank share price
  2. 1,448.20 0.52%
  1. ITC share price
  2. 428.55 0.13%
  1. Power Grid Corporation Of India share price
  2. 277.05 2.21%
Business News/ Industry / Infotech/  25 years after the ‘Morris Worm’
BackBack

25 years after the ‘Morris Worm’

As cyber-threats get more sophisticated, so are the countermeasures developed to deal with them

Cyber security experts believe it was only in 2003-04 that a new breed of hackers—with advanced expertise in computing—began to emerge. Photo: Thinkstock (Thinkstock)Premium
Cyber security experts believe it was only in 2003-04 that a new breed of hackers—with advanced expertise in computing—began to emerge. Photo: Thinkstock
(Thinkstock)

New Delhi: When a 23-year-old Cornell University student playfully wrote a self-replicating computer code and uploaded it on the Internet to see how fast it would spread, it ended up infecting 10% of all systems connected to the Internet.

That was in 1988. The malicious code, now known as the ‘Morris worm’ after its creator Robert Tappan Morris, ended up bringing down 6,000 Unix servers at an estimated cost of $100,000-$10,000,000. It was the first incident that opened the world to the idea of cyber threats and attracted the attention of industry and media.

Twenty five years later, the cyber threat landscape has changed dramatically.

From cyber-attacks meant for financial gains to stealing information from companies and governments, the world has already seen cyber-attacks that border on cyber warfare, one of the historical examples being the 2010 cyber-attack on Iran’s nuclear facility through a virus called Stuxnet, which allegedly brought down the facility for over six months.

These cyber-attacks are conducted using a variety of methods and technologies—from simple spamming and phishing (impersonating an entity such as a bank to obtain information) to using more sophisticated botnets and malware (viruses, worms, Trojan horses, etc.) to take control of a system or an entire network.

Evolution of cyber threats

That was an era of macro viruses, which primarily infect a system by multiplying their presence and causing traffic, thus increasing the load on the system. The intention was to slow down or crash the networks.

Cyber security experts believe it was only in 2003-04 that a new breed of hackers—with advanced expertise in computing—began to emerge.

“By early 2000s, new-age hackers started coming into the picture and these were not students but people who were professionals hired for hacking. They exploited operating systems, personal computers as well as enterprise web applications," says Dayal. “The agenda was to cause collateral damage so that they could either make a lot of money by blackmailing the compromised organizations or could steal data to sell in some particular market."

The inflection points

The inflection point that changed the cyber threat landscape came in 2007 with the launch of the first iPhone by Apple Inc.

“Earlier, power of computing was limited to mainframe. Since last 15 years, it started functioning on personal computers and laptops. But what happened with iPads and iPhones is that the computing power came into a device in your hand," says Dayal. “The whole new smartphone wave triggered the mobility revolution. It was the threat evolution coming on steroids."

This meant hackers didn’t need to attack a big server in a safe data centre in some remote country.

“They could get access to data residing in those servers from someone who is trying to get connected to that server from his phone and do collateral damage," Dayal adds. “That was the first mega trend which caused threats to multiply with a very alarming rate."

The other mega trends that multiplied inflection points include virtualization and cloud computing—that make accessing and computing data possible from servers located remotely—which made the power of computing cheaper by distributing it across various servers.

With the evolution of the Internet, the nature of cyber threat has changed from noisy to silent, says Vinayak Godse, director, data protection, Data Security Council of India (DSCI), a part of industry body Nasscom.

“The attacks have become targeted and sharp. They don’t try to show their presence and wait for the appropriate opportunity to hit the target and steal specific information," he says. “These people or organizations are looking for financial gains. For example, a few months back, a couple of Indian companies became victims to a group of hackers connected to a bigger network that had already stolen $45 million from ATMs across six countries."

According to internet security provider McAfee, annual global monetary losses due to cyber-attacks are between $300 billion to $1 trillion.

Global spending on cyber security is expected to reach $86 billion in 2016 from $60 billion in 2012, according to research firm Gartner Inc.

Targeted attacks

“Identification and account information theft, as well as phishing attacks through social media platforms for financial scams are now commonplace," says Sanjay Bahl, senior adviser to Cert-In (Indian Computer Emergency Response Team). “But there have also been attacks on the Prime Minister’s office, Planning Commission, Navy and various other government facilities, including Central Bureau of Investigation, that contain crucial information. These attacks were intended to steal data that is critical for nation’s security."

Cert-In was set up in 2004 by the department of information technology to enhance the security of the country’s communications and information infrastructure and respond to breaches in computer security.

“At present we don’t have tools and technologies that can positively and accurately attribute targeted attacks to any source," says Bahl. “Without any positive attribution to source, we can’t attack. We can only defend."

DSCI’s Godse says a number of individuals and organizations are always trying to find vulnerabilities in critical sectors such as power, telecom, aviation and banking to launch a complex set of attacks to weaken or bring these down. “Of the million scenarios, every operating system has one or two scenarios that can bring the whole system down. Finding the zero-day vulnerability, which does not have any way to be closed, is the prime goal for such organizations," he says.

Critical infrastructure such as power and telecom are increasingly shifting towards networked system platforms—computerized systems that are interconnected for automation—and security experts warn that if these are not properly defended, it would result in havoc.

“The key targets for such attacks are sectors like telecom or power," Bahl says. “For example, if the power system is reasonably networked and computerized, there is a chance that the system may be attacked. If that happens, it might cause a black-out, crippling infrastructure like transport and communication network."

Banks and telecom companies have been asked to establish information sharing and access centres and hire professionals certified in cyber security to protect their systems. “It is crucial because in most of the cases, corporates try not to divulge information about cyber-attack on their systems," says Godse.

Countermeasures

As the threats evolved, so did the countermeasures.

“We started building defence mechanisms within multiple layers of a system instead of securing systems only from outside through firewalls," says Dayal of Cisco Systems. “Integrated networking platform emerged, for example, routers could do more than routing packets to correct destination like verifying whether a data packet is good or bad."

The recent addition to cyber security is context-aware devices that can go a level deeper and find not only the actions on a network but also the context of these actions. Self-defending networks, some of the industry veterans believe, will be the next generation of cyber security.

“The common thread factor in all the mega trends is the network. It is extremely important to integrate and enable the network to act as first line of defence," says Dayal. “There will be a stage when networks will have artificial intelligence and will become software-defined, self-defending networks that can react to a particular kind of action."

The Indian government has set up a working group to figure out how to build cyber security infrastructure in partnership with private entities. The government has been struggling to implement its cyber security policy introduced in July, and establish a national cyber security architecture.

“We are pursuing a four-point agenda that includes setting-up of a centre of excellence and finding out security lapses through a joint working group that has been established in partnership between Cert-In and industry bodies such as DSCI," Bahl says. “There are different projects spanning out including sensitizing people of security issues. We are focusing on the PPT (people, process and technology) factor, of which people is the weakest link."

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Industry News, Banking News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
More Less
Published: 02 Oct 2013, 10:43 PM IST
Next Story footLogo
Recommended For You
Infotech Stocks
₹1,547.25-0.26%
₹1,484.10.99%
₹4,928.750.15%
₹3,837.51.2%
₹472.21.66%
Switch to the Mint app for fast and personalized news - Get App