Sophos: The Biggest Security Risk Is You

This week, Sophos published its mid-year 2010 Security Threat Report, detailing trends and developments in IT security for the first half of 2010. The headlines focused what the survey revealed about peoples’ attitudes towards cyber warfare, or “state-sponsored cyber crime”, as Cluley describes it.

In Sophos’s survey of 1077 computer users, 63 percent said they thought it was acceptable for their country to spy on other nations by hacking or installing malware. Nearly a quarter said this was acceptable even in peace time.

“In a way I can kind of understand that, because there’s always been one rule for your country and another rule for your citizens,” said senior technology consultant at Sophos, Graham Cluley. “There’s obviously horrible things that happen in the name of a country that aren’t allowed on an individual level.”

Cyber Warfare

But it goes one stage further when you begin to ask whether it is all right to launch attacks against communication systems and financial systems, said Cluley. “We still found an astonishing percentage of people who said, well that’s all right during peace time as well. You can image the chaos that would ensue if there were organised denial of service attacks on a regular basis, purely to give your country and economic advantage.”

One of the biggest problems, according to Cluley, is the lack of any sort of international agreement on the rules of cyber warfare. In June it was reported that General Keith Alexander, head of the US Cyber Command, had called for the establishment of clear rules of engagement for cyberspace, as the country dealt with the prospect of “remote sabotage”. However, as yet, no such rules have been drawn up.

According to Cluley, it is often difficult to prove that a cyber attack is state-endorsed, as opposed to activists or politically-minded people taking a pot shot for their own reasons. “It’s possible to disguise an attack, to for instance make it look as though it’s come from China, and in fact it came from Belgium,” he said.

Another interesting aspect of the Sophos report was the suggestion that more and more people are being lured into the world of crime, and programmers who cannot find jobs in legitimate software houses are more easily recruited by criminal gangs. Cluley explains that people with technological expertise are increasingly in demand in criminal circles.

Organised Crime

“I think we are seeing more evidence of organised criminals getting onto the Internet crime bandwagon, without necessarily doing the coding themselves,” he said. “They are looking for other people to do the technological bit. It’s a bit like when you used to rob banks, you wouldn’t necessarily be the person who drove the car. You’d get someone who’s really quick at driving cars to do the getaway. You bring in the specialists.”

The economic recession has seen lots of technically-skilled people being laid off, and those who still have jobs are not necessarily getting the same kind of rewards as those in Silicon Valley. “There may be chips on some of those guys’ shoulders,” suggested Cluley. “As more people are struggling financially, the temptation to go down the cyber crime route becomes even greater.”

However, Cluley stressed that it is important not to scare people about this. “If you’re sensible about computers and the information you share on social networks and which programmes you use, you can manage this threat,” he said.

Page: 1 2

Sophie Curtis

View Comments

  • I agree with the Title of the article. It's in hand of individuals to protect themselves.

    Lack of personal responisbility and personal hygine is the issue.

    Best Regards,

    "Human Behaviour is the Biggest Risk in Security - Vicky Shah" (Copyright 2005- 2010 Vicky Shah)

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago