If the growth of Facebook and the emergence of the Apple iPad were the most widely reported tech stories in 2010, the emergence of Cyber Warfare that targets governments and enterprises is the most under reported one, with far greater consequences. In fact 2010, could be viewed as the year that Cyber Warfare emerged as a true weapon. Below I outline six steps to take to protect your enterprise.
It is now very clear that certain governments are using Cyber warfare to attack adversaries, including private/public companies. Some key things that occurred in 2010:
1. Facebook and other consumer social sites played a role in the Great Hack of Google and 34 other firms. However, it is worse than that. Thousands of firms may have been breached according to Kevin Mandia, CEO of security firm Mandiant.
2. Redirection of US Internet Traffic by China on April 8, 2010 and the attack of at least 5 other firms.
3. Confirmation by the US Federal Government that attacks against Google and other enterprises were ordered by Chinese Government officials (via CNBC).
A key conclusion from an earlier post: these new modes of attack, known as Advanced Persistent Threats, are far too sophisticated to stop with software and firewalls. The best known method to protect your corporate assets (source code and intellectual property) is to isolate key corporate systems from the normal corporate network. In other words, you need two networks.
What does all of this really mean? Well, for starters, it is a new era of electronic warfare and this time it is information that is the currency that is being fought over. There stakes are very high: the future of countries and the future economic well being of both the country and the companies that operate in those countries.
Why? Well, the military and technology firms are linked together in interesting ways, as this article (based on research by Rand Corp) demonstrates. Companies have become fronts for governments and military organizations. Some may say that this is not new, but the scale of what is going on now has not been seen in the past.
For enterprises, all of the investment in products that represent the future could be wasted if those secrets are stolen. Cisco learned this a few years back when some of its code was stolen by