Cyberwarfare: Borders Offer No Defense

The US has long relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field.

It’s unclear how President Donald Trump, who has emphasised an “America First” approach to domestic issues, will respond to Cyber-space threats, which transcend traditional borders and make it easier and cheaper than ever for foreigners to attack the US. Whatever the approach, it will set the tone and precedent for global policies during a critical time when the ground rules are still being written.

At a hearing recently on foreign Cyber-threats, the chairman of the Senate Armed Services Committee, Sen. John McCain, , ran through a list of recent operations the US believes was carried out by foreign countries, Russia, China, Iran and North Korea.

The targets: The White House, State Department, Office of Personnel Management, Joint Chiefs of Staff, Navy, major US financial institutions, a small New York dam and Sony Pictures Entertainment Inc.

“Our adversaries have reached a common conclusion, that the reward for attacking America in cyberspace outweighs the risk,” McCain said.

With most of the US critical infrastructure in private hands and Americans among the most connected citizens in the world, the potential attack surface for any hacker is vast and increasing. US officials and lawmakers have argued that because there is no official policy on Cyber-Warfare, the response to any attack can be slow, politicised and ultimately ineffectual.

The US took two months, after publicly accusing Russian government hackers of trying to influence the presidential election, to respond with economic sanctions and other more symbolic measures.

The reality is that the “nature of conflict has moved to the information space instead of just the physical kinetic space, and it now operates at greater scale and quicker speed,” said Sean Kanuck, who served as the first US national intelligence officer for cyber issues in the Office of the Director for National Intelligence.

Under the Obama administration, the US proposed international cyber rules for peacetime, including that countries should not target another’s critical infrastructure. But otherwise, it has maintained existing international laws and reserved the right to respond to any Cyber-attack.

The Trump administration is reviewing cyber policies, but it has said it will prioritize developing defensive and offensive cyber capabilities. It has also said it will work with international partners to engage in “cyberwarfare to disrupt and disable (terrorist) propaganda and recruiting.”

Unlike conventional warfare, the costs in Cyber-space can have rippling impacts for both the victim and attacker. Malicious software may end up spreading in an unforeseen and unplanned manner, and a hacker who gets into a single computer can cause unpredicted effects to a network.

“Look at what North Korea did to Sony or what China did to us via the OPM hack,” said David Gioe, a history fellow at the Army Cyber Institute at West Point and a former intelligence officer. “You’ve got all of these aircraft carriers and all of this ocean, and it really doesn’t matter because we’re still feeling effects. They’re not kinetic effects, but they’re surely effects.”

More than 20 million people had their personal information compromised when the Office of Personnel Management was hacked in what the US believes was a Chinese espionage operation.

“Really it’s our geeks versus their geeks,” Gioe said. “In the same way as single combat. It doesn’t matter how good my army is or your army is, it’s me versus you.”

Ein News

Technology, Multilateralism, War and Peace:     

Hacker, Tailor, Soldier, Spy: Future Cyberwar:     Pentagon Creates New 5,000 Strong Cyber Force:

 

 

« Data Fusion For Military Intelligence & Business
Five Arrested For Large Scale Bank Hacking »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Voyager Networks

Voyager Networks

Voyager Networks is an IT solutions business with a focus on Enterprise Networks, Security and Collaborative Communications.

National Cybersecurity Agency (ANCS) - Tunisia

National Cybersecurity Agency (ANCS) - Tunisia

ANCS (L'Agence Nationale de la Cybersécurité) is the national cybersecurity agency for Tunisia.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Digital Craftsmen Ltd

Digital Craftsmen Ltd

We're ISO27001 & Cyber Essentials Cybersecurity experts, delivering full cloud security and managed services. We take a bespoke approach for each client from hosting, optimising & securing them online

IMQ Group

IMQ Group

IMQ is one of Europe’s top players in the field of conformity assessment. We offer certification services to support all the major sectors of the manufacturing and service industries.

Cheops Technology

Cheops Technology

Cheops is a specialist in IT Business Technology Services. We help SMEs and large companies build, optimize and manage their IT so they can focus on their core business.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Vanta

Vanta

Vanta helps companies scale security practices and automate compliance for the industry’s most sought after standards - SOC 2, ISO 27001, HIPAA, GDPR, and other security and privacy frameworks.

Cyber Law Consulting

Cyber Law Consulting

Cyber Law Consulting is a Dynamic full service legal firm which offers complete services for Cyber Law, cyberlaw, Internet Law, Data Protection Act, Cyber Security, IPR, Drafting.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Tranchulus

Tranchulus

Tranchulus are a global provider of offensive and defensive cyber solutions, information security assessment, compliance and managed security services.

Sinergi Digital

Sinergi Digital

Sinergi Digital is a business unit of the Metrodata Group with a focus on providing ICT solution to help accelerating digital transformation.

RESTIV Technology

RESTIV Technology

RESTIV Compliance Copilot is your partner in continuous compliance. Real-time monitoring, continuous testing, and transparent evidence—no surprises, just peace of mind.

Forsyte IT Solutions

Forsyte IT Solutions

Forsyte Guardian 365 provides 24x7x365 personalized protection to keep your most valuable assets safe.