As in previous periods, attacks on the availability of websites and networks were most common in the second half of 2010. The motivation for such attacks has shifted considerably, however. This is documented in the report of the Reporting and Analysis Centre for Information Assurance (MELANI).

Attacks on availability increasingly due to financial and ideological interests

Attacks on the availability of websites, i.e. distributed denial-of-serve (DDoS) attacks, are used for various purposes in the cyberworld. Initially, attacks occurred primarily as simple acts of vandalism by Internet criminals against other criminal groups or prosecution authorities. Meanwhile, the intentions have changed. DDoS attacks are now observed for instance as tools of revenge, as a way to damage competitors or extort protection money, or as politically motivated attacks. This type of attack is not new, but the quality and in some cases the collateral damage has drawn attention in Switzerland as well. This is seen for instance in the attacks against Swiss companies in connection with the founder of Wikileaks.

Website infections persist at high level

Website infections are currently the most widely used dissemination vector for malware. Websites are hacked and infected with malware so that they infect users who simply visit the websites (drive-by infections). Increasingly, there are reports of incidents in which the websites of larger companies have become victims of such attacks. Several political initiatives and awareness-raising campaigns by private groups and public authorities are trying to counteract this development and achieve better protection.

Stuxnet - Attack against control systems

Another important topic in 2010 was Stuxnet. This was the first computer worm attacking SCADA (supervisory control and data acquisition) systems, which are used to control industrial processes, including in the energy sector. Already discussed for years in expert circles, the problem of attacks against SCADA systems drew worldwide attention for the first time. The example of Stuxnet shows that with sufficiently high levels of motivation and sufficient resources, practically any systems can be infiltrated and sabotaged sooner or later. It must therefore be expected that similar attacks will occur again in future.

Additionally, the current MELANI semi-annual report examines the increasing attractiveness of smartphones for Internet criminals, cloud computing, and changes in the underground and the associated adjustment of criminal business models.

The complete report is available immediately at:
www.melani.admin.ch.

Address for enquiries:

Pascal Lamia,
Director of the Reporting and Analysis Centre for Information Assurance MELANI,
Federal Strategy Unit for IT FSUIT,
Tel. +41 31 323 45 06

Publisher:

Secretariat-General FDF

Internet: http://www.efd.admin.ch

General Secretariat DDPS

Internet: http://www.vbs.admin.ch