Cyber-attacks: just how safe are we?

If you are reading this piece online, imagine a scenario where at a click of a button a total stranger located in one of Abuja's busy streets can access all of your personal information; name, date of birth, passwords, credit card details, bank account details, and so on.

If you are reading this piece online, imagine a scenario where at a click of a button a total stranger located in one of Abuja’s busy streets can access all of your personal information; name, date of birth, passwords, credit card details, bank account details, and so on. 

Such personal information can be obtained through several ways including phishing, pharming, pretexting, and wireless hacking.

That said I sincerely hope that your device is secure online because without security software programme, cyber-attacks can wreak havoc with our finances, credit history and reputation.

It has increasingly become inescapable not to worry about cybercrime, cyber-warfare and cyber-espionage for that matter. In fact, more recently, cyber warfare seems to be dominating headlines so much that some tech commentators have gone as far as predicting that in the near future, a keyboard will replace a gun as a weapon of choice. 

Many of these attacks are purely criminal. But the most sophisticated are more often the work of rogue or even legitimate governments, carried out either directly or by hired clandestine groups dotted the world over.

Admittedly, governments have conceded that detecting these attacks is not an easy task, so officials are reluctant to blame foreign governments publicly.

But of course, China, Russia and North Korea have taken the most blame – with many tech analysts insisting that these countries employ thousands of gifted software engineers to target foreign governments and major enterprises for reasons only known to them.

The United States is by no means a passive victim. For instance, in 2010, in collaboration with Israel, the US was accused of developing and deploying a malware Stuxnet, with the sole intention of paralysing Iran’s Natanz uranium-enrichment plant.

But how serious are cyber-attacks and are they really the weapons of choice of the future? It is indeed difficult to answer the above two questions with certainty. However, as things stand, there are critical examples that can help us form an informed opinion on this matter.

First of all, it is vital that we all understand the meaning of cyber warfare.

According to tech experts RAND, cyber warfare involves the actions by an organisation or state to attack and attempt to damage another nation’s computers or information networks through, for example, computer viruses or denial-of-service attacks.

An increasing number of clandestine groups hack home computers for fun and / or systematically attack government agencies to steal and/or leak personal records, financial information, and more recently, threats to release secret company data, all for reasons that remain debatable.

In the case of Sony, for example, on 22nd November 2014, it is alleged that a clandestine group threatened to release secret company information if the entertainment company did not follow orders to shelve The Interview, a comedy movie based on a plot to assassinate the leader of North Korea, Kim Jong-un.

At this stage, it is widely believed that hackers who attacked Sony are based in Pyongyang, North Korea’s capital.

Equally, in March 2013, South Korean financial institutions as well as the Korean broadcaster YTN had their networks infected in an incident said to resemble past cyber efforts by North Korea.

And of course, this week, more cyber-attacks were directed at South Korea where hackers posted data online revealing sensitive information of the nuclear power plant.

According to the BBC, South Korean officials confirmed that indeed designs and manuals of plant equipment were leaked but maintained that sensitive data including the reactor’s innermost networks remained secure. 

Again, in an attack on public services, in April 2007, networks of the Estonian government were harassed by a denial of service attack by unknown foreign intruders, following the country’s spat with Russia over the removal of a war memorial.

Some government online services were temporarily disrupted and online banking was halted.

This event caused great panic among citizens and businesses alike, with many believing that the attack cost them time and money to resolve.

Fortunately, in the long run, the attacks were more like cyber riots than crippling attacks, because the Estonian government responded well by boosting cyber security on its networks and proceeded to re-launch some services within hours and some within a matter of days.

Likewise, in June 2007, the US Secretary of Defence’s unclassified email account was hacked by unknown foreign intruders as part of a larger series of attacks to access and exploit the Pentagon’s networks.

The year before, after America’s National Aeronautics and Space Administration (NASA) learnt that the plans for the space launch had been obtained by foreign intruders, the agency was forced to block emails that came with attachments before the shuttle launched.

This was all out of fear they would be hacked during a critical hour.

As a final point, how safe are we? Well, it is sensible to acknowledge that cyber-attacks aren’t simply rhetoric – their threats on our lives hold substance in a sense that aside from potentially causing havoc on public service networks, such attacks are indeed likely to be used as weapons of choice going forward.

To limit this from happening, we must be ready to invest in Research & Development in order to find ways to protect ourselves, our services and our institutions from clandestine groups who may wish to see us slow down in our quest for development.