Virtual hacks: How the dark side is morphing

In terrorism, a false threat is often far more disruptive than the real thing. Now we are seeing that same tactic in the virtual world.

We'll probably have to spend more on the virtual hacking threat than we ever have on the real one. Photo: Shutterstock

Written at London's Gatwick airport and dispatched to TechRepublic a week later from my favourite coffee shop via a wi-fi link at 22Mbps.

I can't remember a time when terrorism hasn't been a big problem somewhere on the planet. Over the years, people have perpetrated apparently random attacks and bombings with and without warning in support of their various causes.

The impact of the attacks has often been magnified by false threats and multiple bombings timed to trap people as they flee or tend the wounded. None of these tactics developed by accident.

As I stand in the security line at airports I often ask myself: who won after 9/11? The cost of dealing with the continued threat of further incidents has been enormous and continuously disruptive. But what else can we do?

Develop better security technologies seems to be the only answer, but I fear we will never return to the pre-9/11 modes of travel. So, in that sense the dark side won that battle.

A decade on and we are now seeing a build-up of similar activities in the virtual domain. Threatened attacks are now a reality. The hoaxers, disgruntled employees, digital criminals and terrorists have discovered a new tool and developed new tactics of disruption.

For the moment they seem content to attack governments, companies, and big sites, but their techniques are bound to migrate down to smaller targets including companies and individuals.

Looking to the future it seems likely that this process is going to become increasingly automated and could become a far bigger disrupter than real attacks.

We all receive those phishing attacks and blatant requests for us to confirm our banking information. All of them depend on a volume of hits to find the careless, unguarded or unknowing.

So, what can we do? Obviously we have to get ahead of the game and develop suitable strategies and defences that involve far more than firewalls and virus protection.

Continuous and automatic monitoring

We are talking continuous and automatic monitoring of network traffic for billions of fixed and mobile terminals worldwide. Creating this security will be no mean undertaking and, logically, far more sophisticated scenarios will have to be developed if and when the disruption escalates.

Personally, I prefer the ghost scenario - running real and ghost targets side by side, with seamless switchovers when an attacker strikes or a threat is posed. It just appeals to my sense of irony.

Visible targets can come and go, get damaged, only to be repaired and replaced at speed, while honeypot targets take a growing percentage of the flak.

What's certain is that a strategy of ignoring all these problems and hoping they go away is untenable. We will probably have to spend more on this virtual threat than we ever have on the real one.

So, as I stand in that security line at the airport once more, I remind myself that there are far more good neurons on the planet than bad, and at all costs we must never let the dark side win.