Cyber Deterrence: How To Curb Cyber Attacks

Rising cyber attacks across the globe have been a menace and threatening to targets. From 2005 to 2015, US Federal agencies reported a 1,300 percent jump in cyber security incidents.

Recently, Russia was accused of interfering and manipulating the whole US election results by hacking into Democratic Party computers. Then in October several high-profile websites were knocked offline when thousands of internet-connected devices, such as digital video recorders and cameras were compromised by Mirai malware.

It’s high time we think of better ways for addressing these threats. Amid this, the idea of cyber-deterrence has started emerging. Deterrence has long been effective to counter the threat of nuclear weapons, so can it even work against cyber weapons?

Deterrence focuses on making potential adversaries think twice about attacking; firstly, by making them consider the cost of their act and the consequence of counterattack and second is punishment by making sure the adversaries know there will be a strong response that might inflict more harm than they are willing to bear.

Unlike nuclear weapons which are there only in a few countries and only significant resources need to invest in them, cyber weapons can be quickly developed by individuals or small groups and they can be easily replicated and distributed across networks.

Cyber weapons are often deployed under a cloak of anonymity, making it difficult to figure out who is really responsible and it also leaves a broad range of effects, most of which is disruptive and costly, but not catastrophic.

However, this does not imply that cyber deterrence cannot work.

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defences and establish international norms for cyberspace. The first two of these measures will significantly improve our cyber defences so that even if an attack is not deterred, it will not succeed.

Improving Cyber Security

if the protection is geared up, the attack will be stopped before the hackers can achieve their goal. For this, login security should be beefed up, data and communications need to be encrypted, viruses and malware need to be fought and software should be regularly updated to patch any weakness found.

A more pressing protection issue today is the shipping and selling of cheap Internet-of-Things devices which lead to many attacks. While some companies like Microsoft, heavily invest in product security, may others do not do so.

Cyber-security expert, Bruce Schneier advises that regulation should be imposed on manufacturers to put in basic security standards in devices, failing which they should be held liable when they are products are used in attacks.

Employ Active Defences

Action against attackers can be taken by monitoring, identifying and countering adverse cyberattacks. These active cyber defences are similar to air defence systems.

Network monitors that watch for and block hostile packets are one example, as are honeypots that attract or deflect adversary packets into safe areas. There, they do not harm the targeted network, and can even be studied to reveal attackers’ techniques.

Another set of active defences involves collecting, analysing and sharing information about potential threats so that network operators can respond to the latest developments and if any malware is found, they could disconnect the devices from the network and alert the devices’ owners to the danger.

An active cyber defence can often unmask the people behind them, leading to punishment. Nongovernment attackers can be shut down, arrested and prosecuted; countries conducting or supporting cyber warfare can be sanctioned by the international community.

Establish International Norms

International norms for cyberspace can aid deterrence if national governments believe they would be named and shamed within the international community for conducting a cyber-attack.

It’s difficult to completely get rid of cyber-space but at least the attacks can be minimised to a certain level if strong security, cyber defences and international cyber norms are actively used.

eHacking News:               War In The Information Age

 

« Cybersecurity Trends In 2017
Claims That Google's Search Algorithm Spread False Information »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

National Trading Standards eCrime Team (NTSeCT)

National Trading Standards eCrime Team (NTSeCT)

The National Trading Standards eCrime Team tackles online consumer scams, rip-offs and fraud, as well as those committed by text or email.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

Trusted CI

Trusted CI

Trusted CI, the NSF Cybersecurity Center of Excellence is comprised of cybersecurity experts who have spent decades working with science and engineering communities.

Early Birds

Early Birds

Early Birds is a Business to Business (B2B) marketplace for Innovators (Startups/Scaleups) and Early Adopters to exchange value early on.

QNu Labs

QNu Labs

QNu Labs’s quantum-safe cryptography products and solutions assure unconditional security of critical data on the internet and cloud across all industry verticals, globally.

Nexor

Nexor

Nexor are a UK-based cyber security company with 30 years' experience in secure information exchange.

VinCSS

VinCSS

VinCSS Internet Security Services JSC is a leading organization working in the field of researching, developing, producing products as well as providing cyber security services.

DartPoints

DartPoints

DartPoints helps bridge the digital divide by delivering cloud, colocation, managed services + edge infrastructure.

Locuz

Locuz

At Locuz, we’ve made it our mission to help businesses like yours create an actionable digital strategy.

Cranium

Cranium

Cranium are an international consultancy organisation specialised in privacy, security and data management.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

Aardwolf Security

Aardwolf Security

Aardwolf Security specialise in penetration testing to the highest standards set out by OWASP. We ensure complete client satisfaction and aftercare.

PRE Security

PRE Security

PRE Security is leading the transition into the next era of AI cybersecurity with a new model: Predict & Prevent.

Scality

Scality

Scality storage unifies data management from edge to core to cloud. Our market-leading file and object storage software protects data on-premises and in hybrid and multi-cloud environments.