F-Secure’s Mikko Hypponen on Cyber Warfare at Wired 2012

Chief Research Officer at F-Secure and true computer security guru Mikko Hypponen outlines the state and scope of today’s cyber threatscape at Wired 2012 event.

Presentation starts with a short newsreel video in Russian language:

Translation: How to become a millionaire in six months? Gifted programmers failed to keep this secret from the police. Moscow’s Department K officers arrested several computer geeks suspected of creating and spreading a dangerous virus through the Internet. The dodgy program allowed the hackers to earn around 60 million rubles.

The usual way through the door to the apartment on the 8th floor was disregarded by police officers as it could have disrupted their operation: the suspect could throw the evidence out of the window. [police comes in through the window] The apartment owner was asleep when people wearing masks showed up. Officers from the Department K which is which is engaged in solving cybercrimes had been watching this man for a few months.

Mikko Hypponen My name is Mikko Hypponen, and his name is “Arashi”. He is one of the examples of Russian organized cyber criminals who create malware, spread it around the world, and make money out of it. In this case he and 8 of his partners in crime made something in the range of $9 million with different kinds of Trojans.

But today I’m not going to speak about cyber criminals who commit crimes to make money. I’ll speak more about cyber war, because when we go from the world of cyber crime to the world of offensive cyber attacks, things change.

And I actually don’t like the term Cyber War. Well, there’s nothing wrong with the term, but I think it’s way overused, because you keep hearing this word whenever there’s some denial-of-service attack somewhere, or something gets hacked. And I don’t think we’ve actually seen cyber war. How could we have seen cyber war if we haven’t seen a war? We will see in the future wars between technically advanced countries, and those wars will most certainly have cyber attacks as part of the real conflict. And that could be characterized as cyber war maybe. But right now what’s happening probably isn’t; even the Stuxnet saga – I wouldn’t call that a cyber war, because there is no war going on between the countries involved.

The local pizza place is not going to get infected by Stuxnet because they are not the target, unlike uranium enrichment facilities in Iran.

But it’s also important to understand that we have completely different players in place. People are worried about, in many cases, exactly the wrong thing. People read about things like Stuxnet, and then they worry about Stuxnet. Well, Stuxnet is nothing to worry about: here, in London, none of you will be infected by Stuxnet; you’re not the target. The local pizza place is not going to get infected by Stuxnet because they are not the target. Uranium enrichment facilities in Iran might get infected by Stuxnet, because they are the target.

Groups of players in the cyber underworld

Groups of players in the cyber underworld

So it’s important to understand different players we have, the different actors, and their different motives. And you can roughly split them into three: we have the criminals who write malware to make money, like “Arashi” who we saw in the video. Then we have hacktivists, who do their attacks not to make money but to send a message, to protest or to embarrass their target, for example. And then, as the third origin of attacks, we have governments: governments launching attacks, governments creating malware, writing Trojans, and infecting computers to gain their results. And these hacktivist groups or movements like Anonymous are a fairly new phenomenon.

Criminals have been writing malware to make money for a decade now: we saw the first moneymaking viruses in 2003. Movements like Anonymous really came into play only 3 or 4 years ago, and they have become one of the major players. But I’m not going to speak about Anonymous today either. We’ll focus on governments.

Read next: Mikko Hypponen on Cyber Warfare 2: Types of Governmental Attacks

Like This Article? Let Others Know!
Related Articles:

Leave a comment:

Your email address will not be published. Required fields are marked *

Comment via Facebook: