Team up again to fight Conficker's chums

At the recent annual Davos conflab, the World Economic Forum (WEF) named cyber security as one of the top five threats facing the world. Its Global Risks 2011 report highlights the issue as a “risk to watch” with potentially severe or unexpected consequences not yet fully appreciated – or taken seriously. Although the study acknowledges that awareness is growing in the real world, it warns that the complexity and seriousness of cyber security issues are widely underestimated and misunderstood.

The term cyber security is extremely broad. It encompasses a spectrum of scenarios and activities starting with data and information security, which could simply be petty online theft by bored nerds or disgruntled former employees. It runs the gamut of full-blown cyber espionage affecting private companies or national bodies. At the end of the scale, it could take the form of government-led attacks on critical infrastructures, a scenario described by WEF – with somewhat uncharacteristic drama – as having the potential to produce “catastrophic consequences”.

There is no doubt that the US legislature is mindful of these consequences. The controversial proposal that Barack Obama should have a “kill switch” (conjuring up images of a Bond-style, big red button) that can turn off the country’s internet has again reared its ugly head. First mooted in the June 2010 Protecting Cyberspace as a National Asset Act, the kill switch is back on the agenda as legislators vow to reintroduce the bill to Congress later this year. Although the blogosphere is getting its knickers in a twist over this proposal, existing US statutes – specifically Section 706 of the Communications Act – already provides the executive branch with broad authority to take over communications networks.

It is also telling that, in the face of deep cuts across Whitehall, the UK’s home secretary Theresa May recently earmarked some £63m to counter cyber-crime over the next four years. The move came after a broader £650m cyber security fund was allocated last year in the government’s National Security Strategy.

Given the real and present danger posed by these threats, and the dynamic and distributed nature of the attacks, attention is now focused on how we can fight back. In this respect, it is instructive to look at the way in which the Conficker worm – one of the worst global cyber security problems of recent times – was defeated. This malware swept across the world at the end of 2008, resulting in at least seven million PCs becoming infected and turned into “zombies” controlled by the worm’s creator.

A new report by analysts Rendon Group, commissioned by the US Department of Homeland Security, provides valuable insight into the lessons learned in fighting this particular plague. Recognising the nature and scale of the problem, and the fact that no single company or agency could hope to beat it alone, a global Conficker Working Group was assembled from a wide consortium of tech industry players including security companies, Microsoft, The Internet Corporation for Assigned Names and Numbers, domain registry operators and researchers. Despite its somewhat on-the-hoof genesis, the group won praise for its “unprecedented act of co-ordination and collaboration”.

That is exactly the blend of speed, pragmatism and skill that should be used to fight cyber threats in the future. The menace is orchestrated, global and dynamic – so it is essential the responses at corporate, national and international levels are equally robust. For companies and countries alike, this will take expertise, constant vigilance and the joining-up of technical solutions with effective policies and processes. The new battlefields may be virtual, but there is nothing intangible about the damage that can be inflicted by cyber criminals in the real world.