Cyber-invasions of Estonia in 2007 and Georgia this summer have altered the perception of the Internet as an always-positive economic force. Escalating levels of sophistication in cyber-crime are altering the same perceptions for businesses. New techniques and new capabilities have elevated the cyber-criminal’s and the cyberwarrior’s ability to wreak damage on selected targets.
With this new escalation has come a bigger enforcement problem: how to identify and locate those who launch attacks. “Botnets” enable their criminal or military operators to commandeer computers anywhere in the world – without their owners’ knowledge, making the attacks seem to come from everywhere confusing those who might want to respond to the origins of the problem.
This new cyber-reality has several characteristics: (1) Assaults come from everywhere, at any time; (2) they’re easy and cheap; and (3) flexibility and confusion rule. Now that individuals, criminal gangs and militaries can launch massive cyberattacks from computers based anywhere in the world, effective security, enforcement and response to the attacks are going to get more complex, potentially making the Internet a major liability as well as an asset.