Australia needs to increase the funding and expand initiatives to protect critical infrastructure if it is to avoid a cyber war similar to the one that has struck Estonia for the past three weeks, according to a Deakin University professor.
The head of Deakin’s School of Information Systems, Professor Matthew Warren, said a recent cyber war in the northern European country had proved to the perpetrators that the technology worked.
In Estonia the cyber war took the form of coordinated mass requests for information and spam e-mail which slowed down key Web sites so they did not function or crashed due to the attacks.
The attacks, which started around April 27, have crippled Web sites for Estonia’s prime minister, banks, and less-trafficked sites run by small schools, said Hillar Aarelaid, chief security officer for Estonia’s Computer Emergency Response Team (CERT). But most of the affected Web sites have been able to restore service.
Aarelaid said analysts have found postings on Web sites indicating Russian hackers may be involved in the attacks. However, analysis of the malicious traffic shows that computers from the US, Canada, Brazil, Vietnam and others have been used in the attacks, he said.
Deakin’s Warren said this cyber war came out of a political disagreement about a Soviet war memorial the Estonian government wants to relocate and is the most severe to date with over a million computers used.
The Estonian government estimated the damage inflicted will cost tens of millions of euros.
“We are just seeing the start of a new trend in cyber warfare and Australia could be at risk,” Warren said. “We can expect to see an increase in cyber warfare attacks when political disagreements between countries occur.”
The problem with cyber warfare is that a country, sub-state group or individuals can be behind such an attack, he said.
A DOS attack involves commanding other computers to bombard a Web site with requests for data, causing the site to stop working. Hackers use “botnets” – or groups of computers they’ve infected with malicious software – to launch an attack.
“A worry for Australia is now that whenever Australia has a political disagreement with another country, the end result may be a cyber war against Australia’s online infrastructure,” Warren said.
“Australia urgently needs to prepare for this future risk by expanding current critical infrastructure protecting initiatives and increasing funding. We definitely would not want Australia to be the victim of a cyber war like Estonia.”
Warren believes Australia has taken steps to prevent cyber attacks but still lacks a critical infrastructure protection unit.
“There isn’t a single agency to coordinate a response,” he said. “There should be a new entity.” According to Warren the Labor party has proposed a department of homeland security to combat the risks all developed countries are facing.
— With files from Jeremy Kirk