Gefahren aus dem Cyberspace
COMPUTERS: Internet threats are getting tougher to detect
Internet threats are getting tougher to detect
Internet security experts are meeting in Bonn for the 7th Future Security Conference. Many users are aware of viruses and botnets, but it's getting harder to detect them.
We can barely function without computers these days. Water and power supplies, emergency services, transportation, and telecommunication all rely on IT.
And the security that such systems offer is often undermined by the insecurity of not knowing what to do when the systems fail - or when they are hit by a cyber attack.
Research, economic, and security agency experts are meeting at the two-day Future Security Conference in Bonn to discuss ways we can protect ourselves and our systems.
The experts say the risks are everywhere and detecting them is becoming more and more difficult. They are especially concerned about so-called botnets.
Invisible and elusive
A botnet is computer network that has fallen under the control of an unknown third party - usually with secret and malicious intent.
The operators infiltrate insecure computer systems and load a program onto a server which duplicates and spreads itself throughout the network.
Bernhard Kless of the Fraunhofer Institute says botnets pose a great threat to Internet security.
"A central computer takes over these computers. And the criminal then has an entire network of computer systems to obey his orders and can, for example, carry out attacks on other computers," says Kless.
Botnets can be made up of millions of computers. But the smaller the botnet, the harder it is to detect.
So-called sleeping botnets are even worse - they lie dormant and undetectable until activated.
Security agencies find it difficult to fight botnets because the servers are often in countries that are slow take action against them. And the owners of infiltrated computer networks seldom know they have been hit.
Botnets can secretly control a network of millions of computers
"They affect large company networks as much as small-scale businesses and private users," says Kless.
Cyber criminals have been known to blackmail companies, threatening to paralyze their computer systems. They can also spy on companies with the aim of counterfeiting merchandise.
The most common form of cybercrime known to users is often found in their inboxes - spam. When botnet operators send spam, they receive a commission when a product sells well.
"They can also influence stock trading by bidding on cheap stocks that gullible customers then buy," Kless says. "A real industry is growing behind the scenes."
Some estimates suggest that cybercrime has the potential to yield greater profits than the drug trade, although it is unclear exactly how much they earn.
Dr. Peter Martini, an IT-security professor at the University of Bonn, believes cyber attacks could even paralyze entire areas of society.
"ATMs [could] stop dispensing money. Or safety mechanisms at an airport could fail and passengers would be barred from boarding for security reasons," says Martini.
But it is the planned introduction of smart grids that poses the next big challenge for Internet security.
Smart grids are intelligent control systems for power networks, which will ensure heating and power plants, and biogas plants produce electricity only when it is needed.
These systems are controlled over the Internet and because so many thousands of power generators - and consumers - will rely on them, they will be vulnerable.
The consequences of a cyber attack on a smart grid would be highly dramatic - virtually all areas of public life depend on electricity. And Martini says emergency back up generators would not be enough. Emergency power would become scarce as many companies count on being able to rent generators in the event of an emergency. Pumping stations would also cease to dispense diesel or gasoline during a power outage.
Lükex 2011: Emergency authorities in Germany have simulated the aftermath of a network failure
Cellular phone networks and fixed line phone systems could crash as well. Martini says one of the biggest priorities should be to ensure that "basic modes of communication and operation" exist for communities to switch to in critical situations. Police and fire department officials would have to be able to communicate efficiently to maintain law and order.
Clearly defined measures
But Martini says merely calling for higher levels of Internet control won't help. While Martini says it may be necessary to trace harmful software, it should not be allowed to interfere in people's privacy. He suggests that authorities should instead clearly define secure and less secure areas on networks.
"You could say this is a high security area that we're going to monitor closely and this is an area that we won't monitor," says Dr. Martini.
Even the most secure areas are seldom immune to cyber attacks, as the Trojan, Stuxnet, showed.
Two years ago, Stuxnet infested centrifuges at an Iranian nuclear complex and caused destruction there by allowing areas to overheat.
"What was special about Stuxnet was that it found a way into a completely shielded area. It got over barriers that were considered insurmountable," says Roman Grunwald of Germany's Federal College for Security Studies.
Harmful software need not infect computers via the Internet. A virus can be on a chip that's installed into the computer during production.
"We deal with computers in a very open way in our western societies, which is completely fine," says Grunwald. "But just like I need to know that I can hit my finger when I'm using a hammer, I need to know that I can really damage my computer if I'm naïve [about the Internet]. Sometimes I think we're really naïve when it comes to computers."