Compiled by security firm McAfee, it bases its conclusion on analysis of recent net-based attacks.
Analysis of the motives of the actors behind many attacks carried out via the internet showed that many were mounted with a explicitly political aim.
It said that many nations were now arming to defend themselves in a cyber war and readying forces to conduct their own attacks.
While definitions of what constitutes cyber war are not shared, it was clear that many nations were preparing for a future in which conflict was partly conducted via the net.
"There are at least five countries known to be arming themselves for this kind of conflict," said Greg Day, primary analyst for security at McAfee Europe.
The UK, Germany, France, China and North Korea are known to be developing their own capabilities.
The US is known to have an operating manual governing the rules and procedures of how it can use cyber warfare tactics. It is known to have used hack attacks alongside ground operations during the Iraq war and has continued to use this cyber capability while policing the nation.
Mr Day said there was evidence of a growing number of attacks that could be classed as "reconaissance" in advance of a future conflict. The ease with which the tools of such attacks can be gathered and used was worrying, said Mr Day.
"To go to physical war requires billions of dollars," he said. "To go to cyber war most people can easily find the resources that could be used in these kind of attacks."
The targets of such future conflicts were likely to be a nation's infrastructure, said Mr Day, because networks of all kinds were now so embedded in peoples' lives.
In response, he said, many nations now have an agency overseeing critical national infrastructure and ensuring that it is adequately hardened against net-borne attacks.
Chris Wysopal, chief technology officer at Veracode which advises many governments on security, said cyber war presented its own problems when it came to deciding motive and finding the perpetrators.
"In physical warfare it's pretty clear who has which weapon and how they are using them," he said. "In the networked world that attribution is incredibly difficult."
The same is true for cyber crime, he said, where following a trail of money can lead investigators back to a band of thieves.
"If it is someone stealing information or planting logic bombs, it's far more difficult to find them," he said.
Mr Wysopal said many governments had woken up to the threat and were starting to put in place systems and agencies that could help protect them.
However, he said, they still had some weaknesses.
"The thing about governments doing this is that they have a time horizon of many years," he said. "But the criminals are doing it in a matter of months."
No comments:
Post a Comment