Is The World On The Verge Of A Cyber War?

Uploaded on 2017-02-13 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW

A combination of geopolitical and strategic circumstances is leading to an inevitable war. It’s not the type of war we traditionally envision, which includes kinetic weapons, physical destruction and most importantly, casualties. It’s a war that will undermine information systems, expose secret political, military and diplomatic documents, target the confidentiality, integrity and availability of critical computer systems, and more.

This grim prediction stems from recent developments that nearly eliminate any sort of deterrence the United States had in cyberspace.

Most importantly, the US reaction to the Democratic National Convention hack. US President Barack Obama acknowledged that “when a foreign government tries to impact the integrity of our elections... we need to take action.”

And finally, he recently ordered the deportation of some Russian diplomats from the US. However, the absence of an immediate, strategic response to the hack is detrimental to deterring future attacks.

That could signal to other foreign actors, China for example, that such attacks against critical infrastructure in the US will go unpunished, while giving a major political advantage to the attacker at nearly no cost.

It is unlikely that Russia will be involved in major cyber operations during Donald Trump’s presidency, given that Russian President Vladimir Putin promised to stop hacking after confronted by Obama. However, that still leaves the possible scenario of China engaging in major operations against the US.

This is strengthened by recent troublesome events in the realm of US-China affairs, which consist of Trump’s phone call with Taiwanese President Tsai Ing-wen, which infuriated China due to its stance that Taiwan is an integral part of China.

Trump later suggested that the US should rethink the One China policy, which naturally did not help in mitigating this tension. Recently, China intercepted and seized a US underwater drone in the South China Sea. Although the drone has now been returned, this represents another escalation.

Predicting possible conflicts with a great degree of precision is somewhat difficult. Yet certain indications point to a possible escalation in the realm of cyberspace.

It was recently reported by cyber-security expert Bruce Schneier that someone is “learning how to take down the Internet,” which essentially means that a nation-state is “testing the ability to manipulate Internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services.” According to Schneier, the evidence “suggests China,” but it has not been established beyond doubt, due to possible disguise used by the state involved in that probing.

Unfortunately, the DNC hack case study suggests that cyber-attacks against core democratic values may go unpunished, or may have a delayed response, like the diplomats’ deportation. To be clear, the implications of the DNC hack transcend the bilateral relations of Russia and the US, and may include other actors who monitor the situation and evaluate their future actions vis-à-vis the US.

This suggests that China is aware that the DNC hack was not accompanied by a real response on the US’s part. That observation may result in China examining the boundaries of what it can get away with in cyberspace.

It may be hard to predict the precise nature of this “cyber war,” but what’s clear is that it could potentially affect communications, online services, confidentiality of sensitive data, unavailability of critical systems and much more. This scenario will occur if tensions between China and the US escalate during the Trump presidency, and with the absence of clear deterrence strategy for cyberspace, the Chinese might get away with it.

This cyber war does not even necessarily require the utilisation of most sophisticated and forceful tools (such as cutting undersea cables, or developing specialized malware), it could simply be an immensely widespread distributed denial of service (DDoS) attack against DNS providers.

To Americans, such scenarios could be devastating.

President Obama rightly observed that the US is more vulnerable to these sort of attacks, due to its ubiquitous digitalisation and dependency on information systems. The Internet is a global platform, but certain countries are far more dependent on it than others.

The meaning would be an asymmetry in the harm that could be caused by such war to the US compared to a country like China.

Often, experts attempt to create a sterility between cyberspace and the physical world. This distinction is immensely detrimental, because it wrongly assumes that activities in cyberspace are unrelated to affairs taking place in the physical sphere.

The DNC hack attempted to influence a physical world process, just as the Sony hack in 2014 attempted to coerce Sony to cancel the release of The Interview, a movie which depicts the North Korean regime in a mocking manner. The cyber-war scenario presented in this piece will be just as physical as anything else, it will be a response to an overly Taiwan-friendly administration, as well as policies deteriorating the economic and trade relationship between China and the US.

Such war should be envisioned as part of a whole picture, involving a multitude of actors with a variety of conflicting interests and motives. The realisation that such scenario is possible if certain developments take place vis-à-vis China may be helpful in strengthening the security of the critical systems currently in place.

However, the more important realisation is that certain administration attitudes toward China may come with a price tag in cyberspace.

This integrality of the virtual and physical calls for attention in foreign affairs. It assumes that cyber-attacks happen for a reason, they are responding to certain events in the world, or attempting to influence ongoing processes, but the crux of the argument is that nation-states will not engage in cyber operations unless doing so would will directly benefit them.

The question, therefore, is whether in 2017 cyber war will benefit a nation-state, and what potential victims can do to prevent, or to respond, to such a scenario.

In a recent Forbes piece, Paul Laudicina calls for attention to the prediction that “The first crippling cyber-attack will be launched on critical infrastructure in a major economy.” Laudicina argues that the next administration should have a leading role in countering the threats emanating from cyber-space.

Although stemming from a slightly different perspective, this prediction seems more real than anything else. Though many experts and leaders have been sounding the alarm regarding a “Cyber Pearl Harbor” or “Cyber 9/11” for some time, this time it appears that circumstances are maturing in a way that makes cyber war possible.

Obama’s administration has certainly done a lot, but regretfully not enough. The White House Commission on Enhancing National Cybersecurity released its report on December 1. This report has many important, even original, recommendations. However, it is unclear whether Trump’s administration will implement any of these. In addition, the way the Obama administration dealt with the DNC hack can be seen as another misstep.

All evidence seems to suggest that Trump’s hawkish attitudes toward China may result in the dangerous precedent of a crippling, sustained and state-sponsored cyber war, which will greatly affect not only the military but also the rest of us, those who store their data online, who depend on the Internet for communication, who need cyberspace for transport control, electricity, dam management and more.

Although no bullets will be fired, such a scenario might prove to be extremely detrimental and harmful to today’s interconnected society. Given that environment, every political step against China should be weighed very, very, carefully.

2017 just might be the year of Cyber War.

Ein News:                Stuxnet, Secrecy & The New Era of Cyber War:

America’s Cyber Security Dilemma:

 

 

 

« BYOD Security Is Critical For Business
Give Children More Control Of Data Privacy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Centripetal Networks

Centripetal Networks

Centripetal Networks was founded with one vision - to protect networks from advanced threats by simplifying intelligence-driven security.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

TruSTAR Technology

TruSTAR Technology

TruSTAR is a threat intelligence exchange platform built to protect and incentivize information sharing.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

NTIC Cyber Center

NTIC Cyber Center

NTIC Cyber Center is an organization dedicated to making the National Capital Region (Washington DC) more resilient to cyber-attacks.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

White & Black

White & Black

White & Black are specialist corporate & technology lawyers based in London & Oxford.

Deepwatch

Deepwatch

deepwatch’s cloud SecOps platform and relentless customer focus are redefining the managed security services industry.

Fortress Information Security

Fortress Information Security

Fortress Information Security is one of the largest cyber security providers of supply chain risk management and vulnerability risk management in the US.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

SIA Group

SIA Group

SIA Group, an Indra company, combines Consulting, Systems Integration and Managed Services in four specialized business areas: Information Security, Storage, IT Management and IT Mobility.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

Sectyne

Sectyne

Sectyne is a full-stack cyber consultancy committed to providing tailored services, advisory consultations, and training.

tTech

tTech

tTech is the first and foremost company providing outsourced Information Technology solutions to businesses in Jamaica.

PointWire

PointWire

PointWire offers a range of cybersecurity solutions and services including Penetration Testing on various levels, as well as Intrusion Detection and Prevention Systems.