|Network Security Consulting SecurityFocus Article
No Cyberwar Yet, But Soon, Says Firm
In 2007, a massive denial-of-service hit government and financial servers in Estonia. In 2008, as Russia invaded the former Soviet state of Georgia, attackers cut off communications to the outside world. In 2009, attacks on South Korea and U.S. targets caused consternation.
Yet, none of these attacks rise to the level of cyberwarfare, security company McAfee stated in a report released on Tuesday. By looking at four characteristics -- source, motivation, sophistication, and impact -- the company found that none of the events passed the threshold for cyberwarfare.
"We have gone back and looked at all the high-profile attacks, and we don't believe that we have yet seen it," said Dmitri Alperovitch, vice president of threat research at McAfee.
Attacks that would constitute cyberwarfare would be conducted by a nation state, have a political -- not financial -- motivation, use highly custom and sophisticated software, and have a significant impact on the target, the company stated. The closest thing to cyberwarfare -- the attack on Georgia -- falls short of the definition. While the attack appeared to have been directed by Russian government sources and was motivated by national aims -- cutting off Georgia's ability to get out its side of the story -- the sophistication and actual impact of the attack fell short, McAfee said.
The report also highlighted the five countries that are the most advanced in the cyberwarfare arena: The United States, China, Russia, Israel, and France. Each nation has significant cyber espionage capabilities and active cyber programs, McAfee stated.
"We are at point where the cyber arms race is the reality, with those five countries in the race," Alperovitch said. "But today it is mostly classified discussions behind closed doors between government officials."
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos