The Channel logo


By | John Leyden 4th June 2015 08:34

We stand on the brink of global cyber war, warns encryption guru

Schneier: Sony hack ‘high skill, high focused’

We are in the early years of a cyber war arms race, security guru Bruce Schneier warned delegates at the Infosecurity Europe exhibition on Wednesday.

Schneier, CTO of Resilient Systems, said the much publicised Stuxnet attacks on Iran by the US and Israel in 2010, Iran’s attack on Saudi Aramco, China’s apparent role in hacking GitHub, and the North Korean assault on Sony Pictures last year are all examples of the phenomenon.

“These nations are building up for cyber war and now we're all in the blast radius,” he warned, while speaking in London.

Most of these attacks — including Stuxnet and the assault on GitHub — inflict collateral damage, Schneier told El Reg, adding that cyber attacks are likely to become mainstream aspect of many conflicts. “I’m afraid things will get out of hand,” he said.

During a keynote presentation, Schneier focused on a detailed commentary on last year’s attack on Sony Pictures. After months of doubting North Korea’s involvement in the attack Schneier was finally convinced of its role by a mid January article by David Sanger in the New York Times.

Other theories — most notably that a disgruntled insider collaborated with elements of Anonymous to launch the attack — were widely touted in the weeks following the attack. This illustrates the wider point that attributing attacks in cyberspace is very hard, Schneier said.

“You can be attacked and not be sure if it's a nuclear-powered government or two guys in a basement,” Schneier noted.

The security industry has developed technology to rebuff high volume, unfocused attacks. However, skilled and focused attackers, commonly referred to in the infused biz as advanced persistent threats (APTs), or otherwise known as state-sponsored cyberspies, remain a huge challenge.

“A sufficiently skilled, funded and motivated attacker will never fail to get in,” Schneier said. The “high skill, high focused” attack thrown against Sony would have floored most every target, he added.

“Fundamentally, I don't think any of us could withstand this type of attack from this type of adversary,” Schneier concluded.

Schneier claimed that the $15m clean-up costs booked by Sony Pictures in the wake of the attack seem to under-estimate costs and further charges will likely follow. ®

comment icon Read 66 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe