Predictions for 2003 - How accurate was mi2g?
London, UK - 8 December 2003, 17:00 GMT -This time last year, the
mi2g Intelligence Unit made ten key predictions for 2003 which, upon
further analysis, reveal a conservative forecast. The number of digital attacks
from malware, spam and hackers as well as the related economic damage has
been considerably greater than originally forecast. World events in 2003 have
continued to be mirrored in cyberspace, which still remains a useful barometer
for global political tensions and conflict.
1. Successful overt digital attacks were predicted to follow the trend
established over the last seven years, numbering between 120,000 and 140,000
worldwide in 2003. This proved to be a very conservative estimate, as mi2g
has recorded in excess of 200,000 overt digital attacks from hackers so far
Concern was expressed that blended attacks - physical attacks synchronised
with digital attacks - could materialize in 2003 or 2004. While this has not
yet proved to be the case, the mi2g Intelligence Unit continues to
express concern in this regard. We advocate continued vigilance and disaster
recovery resilience especially within sectors such as financial services,
transport, utilities, telecommunications and emergency services.
While it was predicted that the incidence of new viruses and worm species
could show an overall decline in 2003, we recorded a near 50% rise in new
malware. Our additional prediction that a few "killer viruses or worms"
would cause enormous levels of damage and disruption came to be accurate as
a result of the now notorious Sobig virus in particular, which caused a staggering
$36.4 billion damage worldwide, the greatest amount that has ever been attributed
to a single virus family. The top five most damaging malware families of all
time have been particularly active in 2003 including Sobig, Klez ($19.1bn),
Yaha ($11.18bn), Mimail ($9.64bn) and Swen ($9.59bn). Slammer ($1.05bn) was
the fastest spreading worm to date, which was released in late January 2003.
2. It was anticipated that the USA would remain one of the most attacked
countries followed by other NATO member countries and allies following the
outbreak of the war with Iraq. Successful overt attacks against the US were
conservatively estimated to reach 50,000 in 2003 whilst the actual number
recorded to date already exceeds 63,000. Other NATO member countries attacked
during the war with Iraq and in its aftermath include Germany (21,500+), UK
(11,500+), Italy (9,000+), Canada (5,500+) and Netherlands (4,000+).
3. The mi2g Intelligence Unit predicted increasing solidarity
and co-operation in 2003 between fundamentalist and anti-capitalist hacker
groups with a united agenda against Western interests during the war with
Iraq if it took place. As predicted, the Israel-Palestine conflict, the US/UK
War on Terrorism as well as the India-Pakistan issue on Kashmir continued
to bring disparate fundamentalist hacker groups closer to each other. Eastern
European, Central Asian, Indonesian and Malaysian hacking groups also continued
to assist the fundamentalist agenda.
4. A backlash on Arab world and other Islamic countries' online presence
from Western vigilante hacker groups was predicted to occur in 2003, should
pro-Islamic hacking and the consequent online damage of Western economic interests
continue apace. This was seen in the form of the massive denial of service
attack directed against the website of Al-Jazeera, an Arabic satellite news
service based in Qatar, by a Western hacker in March 2003; and numerous small
attacks targeting Islamic online presence.
5. Any destabilising impact of the war with Iraq on certain Islamic
countries such as Saudi Arabia or Pakistan, was predicted to precipitate a
sharp rise in the digital attacks occurring within those countries and across
their neighbours. This has since been observed particularly in the case of
neighbouring Turkey and Saudi Arabia. Pakistani hackers remain extremely active
both against India as well as Western targets.
6. The proliferation of broadband internet services was predicted to
result in small to medium size entities as well as individual users coming
under more frequent hacker and virus attack - which was indeed the case; attacks
on SMEs and households have occurred in far greater numbers in 2003 than on
Unsuspecting individuals and small to medium size businesses with broadband
access were also predicted to become both surrogates for and victims of increasingly
targeted Distributed Denial of Service (DDoS) attacks. This has been manifest
only recently when eastern European criminal syndicates increasingly began
to adopt DDoS as a tool for running extortion rackets against online eCommerce
As predicted, identity theft, credit-card theft as well as customer/personnel
data and software piracy has been seen to increase in the form of the frequent
phishing scams that now proliferate on the internet.
7. Brazil is still the capital and main exporter for hacking activity
worldwide in 2003 as predicted. The mi2g Intelligence Unit predicted
that Brazilian hackers may soon begin to collaborate with anti-capitalist
and fundamentalist groups throughout the world in 2003. There is no concrete
evidence at present in regard to the extent to which this has been true, but
Brazilian hackers are often seen promoting radical and anti-capitalist agendas.
Eastern Europe was predicted to remain the centre for virus and malicious
code development as well as sophisticated hacker attacks by criminal syndicates
seeking to carry out financial fraud through identity theft, credit card number
theft and sale activity. While the origins of some of the most damaging malware
in 2003 have not yet been established, the sudden escalation in phishing scams
and anti-spam/spammer wars is attributed primarily to Eastern European countries,
especially the Russian Federation.
8. 2003 was predicted to see the emergence of all-encompassing Internet
Service Provider (ISP) solutions departing from the traditional component
based internet or security services approach to a more complete model offering
broadband internet access, mail and web hosting, on the fly virus detection,
spam filtering, firewall cover as well as sophisticated intrusion detection
and authentication services. This has so far proved to be elusive yet many
ISPs are planning to offer a Messagelabs type model for safer and more secure
integrated online services in 2004.
9. In 2003, people policies, legal issues as well as specific digital
insurance cover were predicted to be increasingly seen as interdependent constituents
of a more holistic approach to digital risk management strategy - alongside
layered firewalls and anti-virus tool kits - by the boards of directors. Cyber
risk insurance cover has been a rapidly growing industry in 2003 according
to insurance brokers operating in the UK and US markets.
10. The connection between software vulnerabilities, digital attacks,
economic damages and vendor liabilities has indeed become more obvious during
2003, with liability issues associated with large software vendors coming
to the fore. The number of digital attacks reported in most parts of Africa,
Central Asia, Greenland and Antarctica are still negligible, as predicted.
... and of course, our expectation that more "reputable" authors
would emerge to write long public expositions debating what is right and wrong
with mi2g Intelligence Unit research came true as well. We will continue
to welcome all feedback and will be releasing our predictions for 2004 in
the very near future.
Also read The 10 Digital Risk Predictions for 2004
Full details of the November 2003 report are available as of 1st December
2003 and can be ordered from here.
(To view contents sample please click here).
Become a member of the Inner
Sanctum to retrieve articles in full.