A group of mostly Middle East and North Africa based criminal hackers launched a cyber-attack campaign Tuesday that tested the cybersecurity of U.S. government agencies, financial institutions and commercial businesses.
Dubbed OpUSA, the effort is the latest in a string of cyber-attacks on crucial U.S. entities aimed at slowing down or blocking these heavily trafficked sites.
"We see this as a widening in the cyber war front and organizations may require new tactics or technical defenses to defend," Carl Herberger, VP of security solutions at Radware Ltd. (Nasdaq: RDWR) told FOX Business Network.
"We anticipate that today's [Tuesday] attacks will be against high impact targets, including government websites, law enforcement organizations, brand-name entities, financial services organizations and critical infrastructure providers," he added.
The Department of Homeland Security and the FBI warned of the attacks weeks ago.
"The attacks will likely result in limited disruptions and mostly consistent of nuisance level attacks against publicly accessible web pages and possible data exploitation," read an unclassified memo from Homeland Security, first obtained by cybersecurity blog KrebsOnSecurity.com.
"Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-US message," the alert said.
Indeed, the story made its rounds in the media, while cybersecurity personnel were on high alert.
The Cybersecurity Investment Opportunity Everyone Is Missing
China's Cyber Attacks on the United States Will Only Get Worse
Sometimes the truth is scarier than fiction, like in the case of China's cyber attacks on the United States.
In what reads more like a crime novel than a true story, a report released today (Tuesday) from Virginia-based cybersecurity firm Mandiant, a specific Chinese military unit is likely behind one of the largest cyber attacks aimed at American corporations and infrastructure.
China's Unit 61398, housed in a 12-story building in Shanghai with a headcount in the hundreds, is being accused of stealing "hundreds of terabytes of data from at least 141 organizations" since 2006. Some 115 targets in 20 different industrial sectors from energy and aerospace to transportation to financial institutions are said to have been violated.
The investigation tracked, for the first time, individual members of the savviest Chinese hacking group, dubbed "Comment Crew" and "Shanghai Group," directly to the military unit's headquarters. While Mandiant couldn't pinpoint the hackers' exact whereabouts inside the high-rise, the firm very convincingly makes the case that the building is where the attacks originated.
"Once [Unit 61398] has established access [to a target network], they periodically revisit the victim's network over several months or years and steal broad categories of intellectual property, including technology blueprints, proprietary manufacturing processes, test results, business plans, pricing documents, partnership agreements, and emails and contacts lists from victim organizations' leadership," the detailed 74-page report reads.
American officials also confirmed that digital forensic evidence presented by Mandiant leads to the Shanghai building as the prime source of the attacks, according to The New York Times, which first reported on Mandiant's findings Monday. Mandiant is the same firm The Times secured to investigate the cyber attacks that infiltrated their own systems in China last month.
The Chinese government adamantly denies the allegations. Chinese Foreign Ministry spokesperson Hong Lei said at a press conference the claims in the Mandiant report were unsupported.
"To make groundless accusations based on some rough material is neither responsible nor professional. Cyberattacks are anonymous and transnational, and it is hard to trace the origin of attacks, so I don't know how the findings of the report are credible," The Wall Street Journal reported.
Stuxnet Virus Triggers New Era of Cyber Attacks – Is the U.S. Ready?
Due to threatening cyber attacks like the Stuxnet virus, the United States has made cybersecurity a top priority.
But are we still too vulnerable?
After all, cyber attacks have gotten more sophisticated, and more targeted to specific operations in the past couple of years.
They also often remain undetected for long periods of time. Less than 5% of cybersecurity attacks are discovered within hours, while almost 80% aren't found for weeks or months, according to Verizon's 2011 threat report.
The growing concern caused FBI Director Robert Mueller to warn last week that cyber attacks will become the No. 1 terrorist threat to the United States - which is why Congress is trying to pass the first U.S. cybersecurity law.
"We will suffer a catastrophic cyberattack," said House Intelligence Committee Chairman Rep. Mike Rogers, R-AL. "The clock is ticking."
The Stuxnet Virus
Much of the fear surrounding a U.S. cyber attack has escalated due to the Stuxnet virus.
The Stuxnet virus was first detected in June 2010 when a software security firm's Iranian client complained about a software glitch.
"As soon as we saw it, we knew it was something completely different. And red flags started to go up straightaway," Liam O Murchu, an operations manager at antivirus company Symantec Corp. (Nasdaq: SYMC), told "60 Minutes" correspondent Steve Kroft in a March 4 segment on Stuxnet.
To continue reading, please click here...