The Internet battlefield
November 14, 2013Airplanes can be made to crash, processes in chemicals plants disrupted, and nuclear power plant systems manipulated. And terrorists and intelligence agencies have been even more industrious of late in manipulating computer systems containing sensitive information. According to Sandro Gaycken, a computer security expert in the Department of Mathematics and Computer Science at Berlin's Free University, "There have been near-misses of disasters at nuclear power plants stemming from software defects and hacker attacks."
Gaycken consults companies as well as numerous government institutions, including the German military, on cyber wars and security. He had the rapt attention of the over 500 police and security experts that Germany's Federal Criminal Police Office (BKA) invited this week to Wiesbaden for its annual autumn conference.
Gaycken noted that Internet crime was not just the domain of petty crooks, but that global politics were also at stake.
"In the Middle East, there are concerns that some groups aim to draw other countries into conflicts," said Gaycken, who has written about cyber manipulation in various scientific journals and authored the book "Cyberwar." Insiders call such methods "false-flag operations." Saboteurs spread data on the Internet in such a way as to make the digital structures appear exactly like that of a particular country. There were 231 such operations in the year 2011 alone, Gaycken said.
There are even greater attempts in other types of cyber-spying, he said, noting a project called "Genie." That project "aimed to create back doors in IT products." Such backdoors would facilitate access to tens of thousands of computers around the world. Nowadays, computers do not even need to be hooked up to the Internet to be vulnerable to attacks as they can be accessed via high-frequency audio signals.
Underestimated dimensions
Gaycken's lecture at the annual conference made federal criminal investigators antsy as they listened. They were actually hoping to receive tips from the IT expert about how to track down and prosecute cyber crooks. But what Gaycken had to say went way beyond what investigators imagined as the dimensions of Internet crime. And it made the revelations by whistleblower Edward Snowden pale in comparison to the tools available to criminals.
Gaycken also said common software had massive weak points. "Our IT security is quite limited, and in many ways, is in its baby stage," he said. Attempts at security are constantly trying to catch up with developments, rather than trying to look ahead.
Yet Gaycken also admitted that many of the activities he named were also the work of nations and their intelligence agencies - in other words, entities with solid financing and major specialist teams. Still, hackers working in a "gray zone" also pose a threat. They may have normal or "official" jobs in computer security, but can also be hired for other tasks.
"We hear about people sometimes who just show up at someone's door with a suitcase full of money. Not everyone says 'no' to that," the computer scientist said.
The entire financial sector is affected by such attacks and crime. But banks, noted Gaycken, never make such breaches or near-misses public out of fear of spooking markets, scaring away customers or revealing their own weak points.
How to react
Police investigators and law enforcement authorities at the conference wanted to know how they could fight such crime, yet Gaycken was not optimistic about current methods. "We have the expertise in Germany," he told DW, but more funds needed to be invested. He said the country's universities and mid-sized companies were filled with plenty of knowledgeable people. "They know what's wrong and what they would have to do to fix it, but they can't drum up funds for it."
Clear recognition of the problem and a sound strategy for combating it is required, he added.
Jörg Ziercke, head of the BKA, took the means for combating cyber threats one step further. He said German laws were too restrictive for investigators and that Germany should implement the data retention directive as defined by the European Union. The directive "requires operators to retain certain categories of data [for identifying users and details of phone calls made and emails sent, excluding the content of those communications] for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism," according to the European Commission's Home Affairs website.
Klaus-Dieter Fritsche, a deputy minister at the Federal Ministry of the Interior, added that "we need more personnel and we also need the data."