Cyberwarfare: Borders Offer No Defense

Uploaded on 2017-02-22 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

The US has long relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field.

It’s unclear how President Donald Trump, who has emphasised an “America First” approach to domestic issues, will respond to Cyber-space threats, which transcend traditional borders and make it easier and cheaper than ever for foreigners to attack the US. Whatever the approach, it will set the tone and precedent for global policies during a critical time when the ground rules are still being written.

At a hearing recently on foreign Cyber-threats, the chairman of the Senate Armed Services Committee, Sen. John McCain, , ran through a list of recent operations the US believes was carried out by foreign countries, Russia, China, Iran and North Korea.

The targets: The White House, State Department, Office of Personnel Management, Joint Chiefs of Staff, Navy, major US financial institutions, a small New York dam and Sony Pictures Entertainment Inc.

“Our adversaries have reached a common conclusion, that the reward for attacking America in cyberspace outweighs the risk,” McCain said.

With most of the US critical infrastructure in private hands and Americans among the most connected citizens in the world, the potential attack surface for any hacker is vast and increasing. US officials and lawmakers have argued that because there is no official policy on Cyber-Warfare, the response to any attack can be slow, politicised and ultimately ineffectual.

The US took two months, after publicly accusing Russian government hackers of trying to influence the presidential election, to respond with economic sanctions and other more symbolic measures.

The reality is that the “nature of conflict has moved to the information space instead of just the physical kinetic space, and it now operates at greater scale and quicker speed,” said Sean Kanuck, who served as the first US national intelligence officer for cyber issues in the Office of the Director for National Intelligence.

Under the Obama administration, the US proposed international cyber rules for peacetime, including that countries should not target another’s critical infrastructure. But otherwise, it has maintained existing international laws and reserved the right to respond to any Cyber-attack.

The Trump administration is reviewing cyber policies, but it has said it will prioritize developing defensive and offensive cyber capabilities. It has also said it will work with international partners to engage in “cyberwarfare to disrupt and disable (terrorist) propaganda and recruiting.”

Unlike conventional warfare, the costs in Cyber-space can have rippling impacts for both the victim and attacker. Malicious software may end up spreading in an unforeseen and unplanned manner, and a hacker who gets into a single computer can cause unpredicted effects to a network.

“Look at what North Korea did to Sony or what China did to us via the OPM hack,” said David Gioe, a history fellow at the Army Cyber Institute at West Point and a former intelligence officer. “You’ve got all of these aircraft carriers and all of this ocean, and it really doesn’t matter because we’re still feeling effects. They’re not kinetic effects, but they’re surely effects.”

More than 20 million people had their personal information compromised when the Office of Personnel Management was hacked in what the US believes was a Chinese espionage operation.

“Really it’s our geeks versus their geeks,” Gioe said. “In the same way as single combat. It doesn’t matter how good my army is or your army is, it’s me versus you.”

Ein News

Technology, Multilateralism, War and Peace:     

Hacker, Tailor, Soldier, Spy: Future Cyberwar:     Pentagon Creates New 5,000 Strong Cyber Force:

 

 

« Data Fusion For Military Intelligence & Business
Five Arrested For Large Scale Bank Hacking »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Secure Source

Secure Source

Secure Source specialise in search and recruitment for Cyber Security and Security Cleared markets.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Oodrive

Oodrive

Oodrive is the first trusted European collaborative suite allowing users to collaborate, communicate and streamline business with transparent tools that ensure security.

Alliance for Cyber Security

Alliance for Cyber Security

An alliance of all major players in the field of cyber security in Germany with a mission to strengthen Germany’s resistance to cyber-attacks.

CyberSift

CyberSift

CyberSift is a cyber security provider. We develop threat detection software which needs no infrastructure changes as it integrates with almost any security tool.

CybeReady

CybeReady

CybeReady’s Autonomous Platform offers continuous adaptive training to all employees and guarantees significant reduction in organizational risk of phishing attacks.

Sky Data Vault

Sky Data Vault

Sky Data Vault provide the simplest and most cost effective method of Disaster Recovery / Business Continuity for mission critical systems and applications.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

Kasada

Kasada

Kasada provides bot detection and mitigation for enterprise web applications. Stop the bots before they reach your site and web applications.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

UST

UST

UST is a global provider of digital technology and transformation, IT services and solutions including managed security services.

AHAD

AHAD

AHAD provides cybersecurity, digital transformation, and risk management services and solutions to Government, Fortune 500, And Start-Up Companies in the Middle East region.

Labaton Sucharow

Labaton Sucharow

Standing on the horizon of law and technology, our Cybersecurity and Data Privacy Practice helps to protect consumers who have been harmed by businesses’ failures to safeguard their customers' data.