Major cyber attacks can be predicted, say researchers

Hopes mathematical model may help understanding

TODO alt text

University of Michigan researchers have claimed that major international cyber attacks follow predictable patterns.

A mathematical model could help understand the strategy and timing of attacks and predict the "next move" in conflicts, according to Robert Axelrod, professor of political science at the University.

Axelrod likens the current state of cyber attacks to the early nuclear era and hopes the model may help states understand the strategic implications, helping to draw the line between cybercrime and cyber attacks.

"One of our major contributions is to develop some concepts to deal with this new realm of cyber conflict," Axelrod said. "It took 15 years in the nuclear world for people to understand the implications of nuclear technology. It is our hope that it won't take that long to understand the strategic capabilities of cyber technology."

Categories of attack

"We also hope this will encourage other efforts to study these things in a rigorous way," Axelrod said. "There's a lot of discussion about cyber problems, but it's so new that the language isn't established. People use the word attack to mean anything from stealing a credit card number to sabotage of an industrial system."

The timing of attacks can be predicted by analysing the ability of a resource to remain undiscovered, as well as its ability to infiltrate systems. Combining the two abilities gives a model which can predict the timing of attacks.

Speaking to Ars Technica, Allan Woodward, a cybersecurity expert at the University of Surrey said that the model fit existing attacks 'perfectly'.

The new model could offer a greater understanding of what "cyber espionage" is and how states use it. "A good resource should have both stealth and persistence," Axelrod said. "The less persistent a resource is, the sooner (it should be used) lest the vulnerability is fixed before (there's) a chance to exploit it."