TALLINN, June 10, 2011 (AFP) - The world is entering an era of a cyber arms race where ever-more sophisticated versions of malware are the weapons of choice of actors often impossible to trace, a top IT expert told NATO Friday.
"We are entering the era of a cyber arms race, but the problem in this arms race is we don't know what kind of new arms the others have, so we don't have a quick, effective means to counter them," Mikko Hypponen said at a meeting on global cyber conflict organised by the Tallinn-based NATO Cyber Centre.
"And we often don't know also who is in charge, who has these weapons," said the Finn, who works for a top global IT security firm.
Hypponen is known for having been involved in weeding out the feared Storm and Stuxnet computer worms and has assisted authorities in the United States, Europe and Asia in cracking global cyber crime.
He singled out defence contractors, government and non-governmental organisations as the "three main large target groups of hackers."
"We are following daily how hackers break into computers and take them over without users having the slightest idea what is going on," Hypponen said.
"The damage arrives usually with the attachment from a sender you know or trust fully, having been linked even to mail looking like arriving from the US Department of Defence, World Bank, United Nations etc., but having in fact nothing to do with them," he added.
He said failures in a widely-used documents system were largely to blame.
"Current technologies are simply failing," charged Chris Brown, an expert from US network security company NetWitness.
"People underestimate the complexity and capability of cyber threat and are not taking proactive steps," he warned.
A NATO official announced this week at the Tallinn conference that the alliance plans to beef up its cyber defence capabilities with the creation of a special task force to detect and respond to Internet attacks.
The Symantec cyber security firm recently reported that web-based attacks in 2010 were up 93 percent from 2009.
The June 7-10 NATO cyber security conference attended by 300 top IT experts from across the globe focuses on the legal and political aspects of national and global Internet security.