The Cold War is fought in the network

USB infected or 'software' spies are the new weapons that put in check the world powers that reinforce their defensive structures on the internet

  In 1995, the American magazine 'Time' dedicated its cover of August 21 to the Cyberwar. Two decades later, it reappears among the papers of the presidential offices of the great world powers. "Governments have been using the Internet for political purposes for years, be it for electoral campaigns, propaganda purposes or, more controversially, to spy on citizens and other countries," says Marina Nogales, director of Intelligence and Cybersecurity at K2 Intelligence.

On October 21, two cyber attacks produced the fall of numerous websites around the world, including the Airbnb, Spotify, The New York Times and Paypal portals, among others. Two attacks in three hours that put major web pages in check with a DDOS attack on the US provider DNS Dyn.

   But could this shake the security infrastructures of the world powers? John Shaw, vice president of product management at Sophos, is skeptical: "The Internet is very resistant, there is no single way for data to travel, and when one route is blocked, the data packets find another, that's how it was The internet protocol was designed to collapse Spain completely, an attacker would have to collapse the whole world, but, of course, malicious actors can choose to cause great damage to Spanish companies, Spanish institutions and their infrastructures.

The National Cryptologic Center (CCN), a body dependent on the CNI, has managed around 19,000 cyber incidents this year, 5% more than in 2015. The level of dangerousness was critical in 42 cases, very high in 516 and high in 11,648.

The Ministries of Foreign Affairs and Defense are "the most attacked," according to CCN Deputy Director General Luis Jiménez. Connections that affect the information systems of the state and that originate in China, Russia, Europe and the United States, although CNN points out that it is "very difficult" to discover who is behind. Increased concern about network security that began in 2007, when the Estonian government decided to end all Soviet memories in their country. The Executive withdrew from Tallinn a statue in homage to the fallen Soviet military fighting Nazism. The protests started on the street and moved to the network.

"The government website receives between 1,000 and 1,500 visits per day, at the peak of the attacks, in the first week of May, they received between 1,000 and 1,500 per second," explained Mikko Maddis, spokesperson defense.

The American intelligence services looked at Moscow. After this attack was born the Tallinn Manual focused on cybersecurity within NATO to defend the allies. "Our approach has to be practical, like the international laws in force, treaties and regulations that regulate activities in cyberspace," said Professor Michael Schmitt, project director of the Tallinn Handbook. NATO is working hard to protect allied countries that share borders with Russia and stop cyber attacks from Moscow.

On the other side of the planet, the United States feeds conflict 2.0, the Obama Administration has incorporated 130 teams around the world that work together with the Navy, the Navy and the Air Force, as well as the teams that work with the National Agency of security.

Low investment

Is Spain ready for a cyber war?
the experts respond

-Marina Nogales (K2Intelligence): "In Spain a great effort is being made to improve the position of cybersecurity and cyberdefense, both public and private."

-Jonh Saw (Sophos): "This is hard to say, what is clear is that if the concept is limited to piracy that is truly state-sponsored or is extended to include all cybercrime, war is certainly already in place. march, whether or not we are ready for it. "

-Marina Nogales (K2Intelligence): "Yes, of course, some governments like the United States have very advanced cyber intelligence units and research capabilities in the network."

-Jonh Saw (Sophos): "Sometimes governments can get a good idea, sometimes it's impossible to say, unless the security forces successfully locate the individuals, they will not know for sure."

Between 2011 and the current year, the Government of David Cameron (former Prime Minister of the United Kingdom) allocated a total of 860 million pounds to protect the critical infrastructure of the country. In Spain, in December 2013, the Government of Rajoy promulgated the country's new cybersecurity strategy.

Among them, there are several public bodies that deal with this issue. The Incibe (National Institute of Cybersecurity), which watches over the safety of companies and citizens or the CNPIC (National Center for the Protection of Critical Infrastructures) that works with critical infrastructure operators to try to prevent a cyberattack having serious consequences for the population.

Organizations that have scarce resources as reported by the Sophos director, John Shaw. "The Incibe has a budget of 20.7 million euros, is it enough?" No. The United Kingdom recently announced funding of more than 2,000 million euros in five years for cybersecurity and is already being criticized as an expense. low".

More attacks every year

According to the Incibe, the attacks registered until September of this year (90,000) already double those registered throughout 2015. The latest Akamai security report, the DDoS attacks have broken all records and "have grown by 138%" , point out in their report on the state of security in the third quarter of 2016.

To date, the most powerful scored are two with 555 Gbps and 623 Gbps and have a responsible behind: Mirai. "This is a 'malware' with the ability to launch massive denial of service attacks using multiple or millions of devices connected to the Internet and that are unprotected," says Roberto Vilela, director of Services and Solutions at Techco Security. The small Chinese company Hangzhou Xiongma has become the unexpected protagonist actor, since the hackers used their connected DVD devices and IP cameras to collapse the internet last October.

However, Flashpoint analysts have carefully analyzed the attack that shook the bowels of the Internet and its conclusion is that it is "amateur hackers and not the government of a nation." "People often do not take long to blow up conspiracy theories," recalls John Shaw.

Alarming data that started with the 'worm' Stuxnet. Known as the first weapon of the war that infected almost 100,000 computers. A silent virus distributed by USB that spied and reprogrammed industrial systems in Iran, India, the United States and Australia. A simple action that can intercept a high security connection. Although in recent years the espionage has been sophisticated to achieve the creation of silent software installed at the factory.

The silent spies

The use of USB has become outdated, after recently Adups, a Chinese company, developed a system capable of monitoring contact data, location, SMS or calls from millions of phones. Brands like Huawei or ZTE are two of those affected by this silent spy. The computer companies of the Asian company took advantage of a back door of the "firmware" of the device to control all contacts with Beijing, as revealed this week 'The Wall Street Journal'.

Kryptowire, a security company, has reported through its blog the inclusion of programs made to take the content of messages and send them to servers every 72 hours.

A problem that has gone unnoticed by users, but can only solve this security hole with future updates of 'firmware' to be launched by the companies involved. Although the prevention and, especially, the granting of permits to applications downloaded on smartphones are two essential keys to keep privacy safe, as assured by the experts contacted by this means.