The Need for a Cyber Attack Warning System
In the 1960s, one of the largest threats being faced was nuclear warfare. The development of satellites capable of detecting nuclear launches or explosions was a decade away, but the United States and the United Kingdom needed a means of detecting if they were under nuclear attack.
In response to this need, Western Union developed the Bomb Alarm System – a series of light sensors deployed around the US and UK designed to send a message when detecting the flash from a nuclear explosion.
Above: An Atomic Bomb Alarm from the 1960’s.
Today a similar need has presented itself – the need for a cyber attack warning system. Weeks prior to an attack by the Russian military in 2008, the country of Georgia found itself under a severe cyber attack. It is clear any modern war will now include cyber warfare capabilities. Of course, installing attack sensors in every network across the globe would be extremely cost prohibitive. Instead, we must rely on third-party data sources.
Google recently created a website called Digital Attack Map. This website displays active and historical cyber attacks within the last several months. However, the real value of this data is only realized when combined with a map of cyber attacks from Recorded Future.
Through data provided by Recorded Future, the political, economic, and criminal reasons behind these cyber attacks can be uncovered and further analyzed.
A recent attack of note is an attack in early August against the United States. This attack, which lasted from August 5 through August 11, had a peak of 304,206 Mbps. This attack was targeted at port 10004, which is the port commonly used by EMC Replication Manager.
During this time, there were numerous reports of denial of service attacks against the United States, including attacks against major US banks.
Later in August, it was released smaller denial of service attacks against US banks were being used to divert attention away from cyber criminals stealing millions of dollars from those banks.
The lesson to be taken away from all of this is a cyber attack warning system can be a powerful tool as an early warning system for related attacks, both physical and virtual. A common technique now being used by attackers is to use a denial of service attack as a distraction while another more sinister attack actually takes place.