Cyber Attacks Are The New Cold War

On 16th June President Biden had a meeting with President Putin in Geneva to talk about cyber secuity, among several other important issues. Doubtles on the agenda was  the attack which hacked the US IT services company SolarWinds, the successful ransom attacks on the Colonial Pipeline, Microsoft and numerous other costly breaches of US and allied governments and agencies.  

The US governmnet has pointed at Russian state-sponsored hackers known as Darkside as being the perpetrators at the direction of Russia's intelligence services. The geo-political engagement between the two leaders shows the level of heated argumnent beween the US and Russia over responsibilty for these cyber attacks.

The White House itself has not made any public comments about the international response to the SolarWinds hack, perhaps because cyber attacks have become so common that only the largest scale and most damaging attacks make the news, but it has been working with Microsoft on an investigation.  

Just like the the Cold War in the 1940s and 1950s, each side has reason to fear its opponent gaining a technological upper hand, and just as the Internet brings people together socially it has also enabled malicious activity with data breaches, ransomware and destroyed systems. 

Now, more than 30 years after the end of the Cold War, the US and Russia have decommissioned thousands of nuclear weapons, however, tensions are growing one more. A modern-day cold war would include cyber attacks and nuclear powers’ involvement in allies’ conflicts. It’s already happening.

Now a new kind of Cold War, with Artificial Intelligence (AI) serving as the basis of this arms race and nation-states are employing cyber-attacks, as a prelude to military actions. Attacks launched from the open Internet are at a constant level of activity, just below armed conflict.We think of cyber-attacks in terms of router configurations or malware code, but the tremendous amounts of communications traffic make cyber security a field of data science. 

The US is one the  most connected  country in the world, with everything from cars to refrigerators to security cameras connected online, making it among the most vulnerable. 

All these new sensors and Internet of Things (IoT) devices produce tremendous amounts of data that can be analysed to detect adversary activity. Such massive volumes of data need analytic techniques to synthesise the essence of the activity for human understanding and decision-making and the use of AI to analyse these massive amounts of cyber data and capabilities is growing exponentially. 

Cyber attacks are now a constant and range from the annoying to the devastating. There is still a significant lag between attack and detection and AI can be used to improve defenses and reduce that gap. Previously, rules-based systems were applied in cyber security to detect malware signatures and look for known insider threat patterns. But AI's self-learning techniques are now being used to look for unknown insider threat patterns and other malicious activity. Significantly, these methods can learn based on data that may already contain the threat activity. In addition, AI can synthesize the difference between normal router outages in the open Internet and botnet attacks.

In the Cyber Cold War, one must always assume that your defenses have been breached and your adversaries are already in the system. This is the basic  assumption behind Zero Trust,  which is an essential defensive methodology. 

Organisations must move away from perimeter security to follow the principles of zero trust, to adopt in role-based access controls for every resource and provide secure communications throughout. It can not be assumed that the open Internet is benign and concept of zero-trust concept must be extended into the open Internet to "defend forward" beyond our network perimeters. Finally, we need to extend our security monitoring to leverage AI to search for unknownpatterns of malicious activity. AI is the arms race to analyse more data with greater speed and provide transparent identification and recommendations for human decision-makers.

Cyber resilience must not be viewed as a costly optional add-on but must be considered an essential part of doing business. We must recognise that the more governments develop offensive techniques, the more vulnerable our infrastructure is on defense. Cyber will be a part of every future military action where in the world of AI and sensory-intelligent machines, there are no non-combatants.

Dark Reading:   BBC:      Metro:    The Converstaion:     Cyber NewsFeed:    Jioforme:    Urgent Comm:     

You Might Also Read:

Cyber Warfare Is The New Frontier:

Cyberwar Vs. Traditional Conflict: (£)

 

 

« Why Is It So Difficult To Convict Cyber Criminals?
Cyber Security In The Crypto World »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

InfoSec People

InfoSec People

InfoSec People is a leading UK provider of specialist recruitment services for Information Security, Business Continuity and Risk Management.

GigaOm

GigaOm

GigaOm's mission is to provide enterprises with information and analysis to help them make better decisions about technology.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

Zanasi & Partners

Zanasi & Partners

Zanasi & Partners is a security research and advisory company active in the EU and MENA areas. Services focus on technology solutions.

Avansic

Avansic

Avansic is a leading provider of e-discovery and digital forensics services to attorneys, litigation support teams, and business communities.

Sandline Discovery

Sandline Discovery

Sandline Discovery provides digital forensics, eDiscovery solutions, managed review and litigation consulting services.

Tech Mahindra

Tech Mahindra

Tech Mahindra is a global leader in IT solutions, BPO, business consulting services & digital technologies.

Sysdig

Sysdig

With Sysdig teams find and prioritize software vulnerabilities, detect and respond to threats, and manage cloud configurations, permissions and compliance.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

Sovrin Foundation

Sovrin Foundation

The Sovrin Foundation is a private-sector, international non-profit that was established to govern the world's first self-sovereign identity (SSI) network.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

Indevis

Indevis

Indevis provides IT security, datacenter and network solutions, accompanied by professional consulting, management and support services.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

RubinBrown

RubinBrown

RubinBrown LLP is a leading accounting and professional consulting firm. The RubinBrown name and reputation are synonymous with experience, integrity and value.

Quarkslab

Quarkslab

Quarkslab is a dedicated team of cyber-security engineers and developers. We aim at forcing the attackers, not the defender, to adapt constantly.