Cyber warfare: 63 per cent think it's acceptable, says survey

Fewer say private sector cyber crime is acceptable

Politically motivated cybercrime is becoming mainstream

A survey by security vendor Sophos shows that an alarming 63 per cent of respondents consider country-on-country cyber espionage to be acceptable as a means of maintaining a country's might and economic standing.

This was revealed in Sophos’ mid-year update to its 2010 Security Threat Report, which surveyed 1,077 computer users.

The report also uncovered other alarming attitudes towards international cyber espionage.

Respondents were also asked if they thought spying via hacking or malware attacks is an acceptable practice, and whether or not they thought computer networks of private companies in other countries were legitimate targets.

Of those polled, 40 per cent said attacks such as these were acceptable only during wartime, while 37 per cent said they were not acceptable. However, one in 14 respondents believe that service attacks against another country's communication or financial web sites are acceptable during peacetime.

“I think this opens up a whole new area of cybercrime. It used to be hobbyist, but has become increasingly financially motivated. Now we’re seeing economic and politically motivated cybercrime too,” said Cluley.

But what does this mean for business? Cluley argues that there is a trend towards attacks on specific business people, and that they are beginning to infiltrate business systems and steal critical information.

The attacks are mainly browser-based, although email clients are still being targeted with common programs such as Adobe's PDF software and Flash media package being used to hoodwink users.

Booby-trapped PDF documents are one way of installing malware.

This sees workers receive a PDF document that appears to be from a colleague. Inside the document is a web link that takes users to a site which installs malware on their desktop systems.

Hackers are also getting users to visit malware-infected sites by using search engine optimisation techniques to ensure their web sites rank highly.

“Hackers are using automated tools to collate data from Google trends about what’s hot in terms of news. They’ll then use content from those sites and automatically generate juicy content for use on their own infected web site,” said Cluley.

One of the burgeoning types of malware being used is fake anti-malware. “This is a huge problem. Sandra Bullock’s troubled marriage and Tiger Woods' car accident are just some of the stories used by these hackers,” warned Cluley.

Fake anti-malware is malware purporting to uncover supposed problems on users' computer systems. In reality, the writers are trying to obtain users' credit card details and payments for a licence to the supposed anti-malware.