My name is Mikko Hypponen, and his name is “Arashi”. He is one of the examples of Russian organized cyber criminals who create malware, spread it around the world, and make money out of it. In this case he and 8 of his partners in crime made something in the range of $9 million with different kinds of Trojans.
But today I’m not going to speak about cyber criminals who commit crimes to make money. I’ll speak more about cyber war, because when we go from the world of cyber crime to the world of offensive cyber attacks, things change.
And I actually don’t like the term Cyber War. Well, there’s nothing wrong with the term, but I think it’s way overused, because you keep hearing this word whenever there’s some denial-of-service attack somewhere, or something gets hacked. And I don’t think we’ve actually seen cyber war. How could we have seen cyber war if we haven’t seen a war? We will see in the future wars between technically advanced countries, and those wars will most certainly have cyber attacks as part of the real conflict. And that could be characterized as cyber war maybe. But right now what’s happening probably isn’t; even the Stuxnet saga – I wouldn’t call that a cyber war, because there is no war going on between the countries involved.
But it’s also important to understand that we have completely different players in place. People are worried about, in many cases, exactly the wrong thing. People read about things like Stuxnet, and then they worry about Stuxnet. Well, Stuxnet is nothing to worry about: here, in London, none of you will be infected by Stuxnet; you’re not the target. The local pizza place is not going to get infected by Stuxnet because they are not the target. Uranium enrichment facilities in Iran might get infected by Stuxnet, because they are the target.So it’s important to understand different players we have, the different actors, and their different motives. And you can roughly split them into three: we have the criminals who write malware to make money, like “Arashi” who we saw in the video. Then we have hacktivists, who do their attacks not to make money but to send a message, to protest or to embarrass their target, for example. And then, as the third origin of attacks, we have governments: governments launching attacks, governments creating malware, writing Trojans, and infecting computers to gain their results. And these hacktivist groups or movements like Anonymous are a fairly new phenomenon.
Criminals have been writing malware to make money for a decade now: we saw the first moneymaking viruses in 2003. Movements like Anonymous really came into play only 3 or 4 years ago, and they have become one of the major players. But I’m not going to speak about Anonymous today either. We’ll focus on governments.