Are nations paying criminals for botnet attacks?

McAfee security report examines cyberattacks that seem concentrated on a specific country

Nations that want to disrupt their enemies' banking, media and government resources don't need their own technical skills; they can simply order botnet attack services from cybercriminals.

That's a point made in McAfee's new report "Virtually Here: The Age of Cyber Warfare," which draws from the opinions of about 20 experts, including William Crowell, former deputy director of the U.S. National Security Agency.

There have been several larger denial-of-service attacks over the past few years that raised suspicions about whether they were initiated by nations in conflict against their adversaries. Such incidents include cyberattacks that hit Estonia and Georgia, which some viewed as traceable to Russia. More recently, many were tempted to blame North Korea for this year's July 4th cyberattacks on South Korea and U.S. resources (though others disagreed).

The McAfee report, prepared by Paul B. Kurtz, an analyst at Good Harbor Consulting, presents the opinions of diplomats, researchers and others about the nature of cyberattacks that seem concentrated on a specific country but where it's hard, if not impossible, to determine whether or not another nation-state initiated the attack.

One reason it may be hard to tell is simply because a nation state may go to the criminal underground to secretly pay for a massive botnet attack against its enemy. In this case, it's conceivable that the criminals themselves would not fully understand what they're being asked to do since the request and payment of botnet attack services are typically carried out as anonymously as possible, says Dmitri Alperovitch, vice president of threat research at McAfee.

"There is an overlap between cyberwar and cybercrime," former NSA official William Crowell points out in the report. "For instance, anyone can go to a criminal group and rent a botnet. We've reached a point where you only need money to cause disruption, not know-how, and this is something that needs to be addressed." The hacking skills of a criminal group may make them natural allies for nation states looking for a way to deny involvement in cyberattacks, it's noted.

The cyber warfare report points out that this year's July 4th cyberattacks against South Korea and the United States., in which North Korea was the suspected aggressor, showed that high-profile cyber events can have significant political repercussions. The report notes that by the end of that week, Rep. Peter Hoekstra (R-Mich.) "was stating publicly that the U.S. should conduct 'a show of force or strength' against North Korea for its alleged role in the attacks." The congressman expressed concern that unless the United States and allies "stood up to North Korea" there could be a next time when "they will go in and shut down a banking system or they will manipulate financial data" or that people could even get killed.

McAfee's Alperovitch says there is "no absolute proof" that North Korea had anything to do with the cyberattacks, but notes it was odd that the botnet was entirely concentrated in South Korea, something of a technical feat. Another unusual aspect of the situation with North Korea is that it gets its Internet link from China, Alperovitch points out, because North Korea never took ownership of the top-level domains assigned to it by ICANN.

Though no one seems to know for sure, the report concludes that if the attacks did originate with North Korea, one motivation could have been to test the impact of flooding South Korean networks and the transcontinental communications between the U.S. government and South Korea to disrupt military communications.

Meanwhile, some nations are known to be developing their own cyber defense and offense capabilities. According to the report, the nations that have the most sophisticated cyberwar capabilities are the United States, France, Israel, Russia and China. If a cyber conflict of real consequence heats up, businesses and individuals can be expected to be caught in the middle of it -- which suggests there should be much more open and public discussion about the issues around the world.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags mcafeebotnetscyber security

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?