Cyberwarfare: Borders Offer No Defense

The US has long relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field.

It’s unclear how President Donald Trump, who has emphasised an “America First” approach to domestic issues, will respond to Cyber-space threats, which transcend traditional borders and make it easier and cheaper than ever for foreigners to attack the US. Whatever the approach, it will set the tone and precedent for global policies during a critical time when the ground rules are still being written.

At a hearing recently on foreign Cyber-threats, the chairman of the Senate Armed Services Committee, Sen. John McCain, , ran through a list of recent operations the US believes was carried out by foreign countries, Russia, China, Iran and North Korea.

The targets: The White House, State Department, Office of Personnel Management, Joint Chiefs of Staff, Navy, major US financial institutions, a small New York dam and Sony Pictures Entertainment Inc.

“Our adversaries have reached a common conclusion, that the reward for attacking America in cyberspace outweighs the risk,” McCain said.

With most of the US critical infrastructure in private hands and Americans among the most connected citizens in the world, the potential attack surface for any hacker is vast and increasing. US officials and lawmakers have argued that because there is no official policy on Cyber-Warfare, the response to any attack can be slow, politicised and ultimately ineffectual.

The US took two months, after publicly accusing Russian government hackers of trying to influence the presidential election, to respond with economic sanctions and other more symbolic measures.

The reality is that the “nature of conflict has moved to the information space instead of just the physical kinetic space, and it now operates at greater scale and quicker speed,” said Sean Kanuck, who served as the first US national intelligence officer for cyber issues in the Office of the Director for National Intelligence.

Under the Obama administration, the US proposed international cyber rules for peacetime, including that countries should not target another’s critical infrastructure. But otherwise, it has maintained existing international laws and reserved the right to respond to any Cyber-attack.

The Trump administration is reviewing cyber policies, but it has said it will prioritize developing defensive and offensive cyber capabilities. It has also said it will work with international partners to engage in “cyberwarfare to disrupt and disable (terrorist) propaganda and recruiting.”

Unlike conventional warfare, the costs in Cyber-space can have rippling impacts for both the victim and attacker. Malicious software may end up spreading in an unforeseen and unplanned manner, and a hacker who gets into a single computer can cause unpredicted effects to a network.

“Look at what North Korea did to Sony or what China did to us via the OPM hack,” said David Gioe, a history fellow at the Army Cyber Institute at West Point and a former intelligence officer. “You’ve got all of these aircraft carriers and all of this ocean, and it really doesn’t matter because we’re still feeling effects. They’re not kinetic effects, but they’re surely effects.”

More than 20 million people had their personal information compromised when the Office of Personnel Management was hacked in what the US believes was a Chinese espionage operation.

“Really it’s our geeks versus their geeks,” Gioe said. “In the same way as single combat. It doesn’t matter how good my army is or your army is, it’s me versus you.”

Ein News

Technology, Multilateralism, War and Peace:     

Hacker, Tailor, Soldier, Spy: Future Cyberwar:     Pentagon Creates New 5,000 Strong Cyber Force:

 

 

« Data Fusion For Military Intelligence & Business
Five Arrested For Large Scale Bank Hacking »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Intercede

Intercede

Intercede is a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

PhishLabs

PhishLabs

PhishLabs provides 24/7 services that help organizations protect against the cyberattacks targeting their employees, their customers and their brands.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Sepior

Sepior

Our vision is to make Sepior the leading provider of cloud-encryption software in the world.

Celare

Celare

Celare delivers DPI based network perimeter monitoring solutions with integrated Big Data security analytics and threat detection.

InfoGuard

InfoGuard

InfoGuard is a leading Swiss company providing comprehensive cyber security and network solutions.

Dermalog Identification Systems

Dermalog Identification Systems

Dermalog Identification Systems is a pioneer in biometry and the largest German manufacturer of biometric devices and systems.

PT Netmarks Indonesia

PT Netmarks Indonesia

PT Netmarks Indonesia is an IT solutions provider offering services related to ICT infrastructure, digital transformation and cyber security.

Wipro

Wipro

Wipro Limited is a leading global information technology, consulting and business process services company.

Quadible

Quadible

Quadible BehavAuth is an AI-platform that continuously authenticates the users, without the need of any input, by learning their behavioural patterns.

BotGuard

BotGuard

BotGuard provides a service to protect your website from malicious bots, crawlers, scrapers, and hacker attacks.

AiCULUS

AiCULUS

AiCULUS is a global technology company that specializes in API security and Risk Management products.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.

Northrop Grumman

Northrop Grumman

Northrop Grumman is a global provider and integrator of complex, advanced and rapidly adapting information technology, cybersecurity, mobility and optimized services and solutions.

Halcyon

Halcyon

Halcyon is the industry’s first dedicated, adaptive security platform focused specifically on stopping ransomware attacks.