As we await the naming of our new “Cyber Czar,”  it’s worth noting just what a jungle it is out there on the internet, and how much we need one.

While working in networking , I had the opportunity to see firsthand the level of garden-variety denial of service attacks a typical DNS server exposed to the public internet faces (DNS, in many ways the soft white underbelly of the internet, is discussed a bit here).

While impressive, though, my experience was limited to small business networks - imagine what it’s like when entire governments go at it: in 2008, the Department of Defense reported almost 360 million attempted attacks - that’s close to a million every day (up from ‘only’ about 6 million in 2006).

Here then, a short list of recent cyber-spying activity…
Read the rest of this entry »

By now you’ve probably heard about ghostnet, the large-scale operation originating from somewhere within China.  So far, 1,295 computers in 103 countries have been discovered to be infected by the sophisticated rootkit malware (rootkits are particularly tough to detect because they live at a very low level, as close to the actual machine as the operating system itself).  Like most such attacks, ghostnet was launched via ‘trojan’ malware (software embedded into commonly emailed file formats such as Word, Acrobat, or PowerPoint).  The file arrives as an attachment in an email “spoofed” to appear from a trustworthy source, and the malware executes when the user opens the seemingly innocent file.
Read the rest of this entry »