On the Brink of Cyber War…

On Thursday last week, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva.

Years ago the Stuxnet virus showed the possibility of anonymous “kinetic” attacks in the cyber arena, leading many military and defense analysts to worry that World War III may be carried out with a keyboard.

On Thursday last week, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva. The US says that the two countries are renewing efforts to prevent rushing into a cyber war “by mistake,” but many wonder what defines a "cyber war," and whether it actually poses a credible risk.

In recent years, America has pushed the boundaries of cyberwarfare while Western media focused on imagined threats from Russian and Chinese hackers. Beginning in 2010, with Operation Olympic Games, the US and their Israeli counterparts released the Stuxnet virus, crippling Iran’s Natanz nuclear facility and demonstrating the potential of "kinetic effects" as a result of cyberwarfare.

Further, in 2014, the NSA was implicated in surveilling the president of Brazil and the country’s state-owned oil giant Petrobras. Documents released from that NSA surveillance triggered the "car wash" investigation, leading to a vote to impeach Brazilian President Dilma Rousseff.

Recently, a series of cyberattacks by Iran demonstrated that turnabout is fair play. A federal indictment was issued against several Iranian officials for hackers engaging not only in market manipulation but also attempting to  cripple a dam in New York state that, if it had been successful, could have resulted in substantial loss of life and long-term agricultural damage.
With the purported specter of cyber war moving from the realm of science fiction to a leading national security distraction, Sputnik’s Brian Becker sat down on Friday with journalists Dmitry Babich and Declan McCullagh to discuss the cooperative meetings between US and Russian officials and whether the so-called new Cold War has already migrated online.

"There is a really bad relationship between the US and Russian government," Babich told Loud & Clear, "and there are constant accusations in the US press against Russia about Russian hackers on the payroll of the government trying to ruin the economy and military systems of countries like Estonia."

"I think the real picture is more complicated," suggested Babich. "There are some companies in Russia, big companies, which are dealing with cybersecurity and are part of international business. A [Russian] company like Kaspersky is an integral part of the global cybersecurity system."

Babich believes Russian cybersecurity companies and specialists are not engaged in cyber war against the United States or elsewhere, that they "don’t want to quarrel with the US and the EU," and are frustrated that the West takes such an aggressive posture towards them.

The journalist believes that the meeting between the two military superpowers will help to clear misconceptions, often advanced by Western media, that Russian hackers are "trying to attack the innocent West" when, in reality, Russia is both a competitor and a cooperative partner, engaged in activities that mirror US efforts.

Declan McCullagh agreed, likening US-Russian relations on cyber warfare to competition between tech giants Google and Apple. "Google competes with Apple, but it also releases maps and mail for the iOS Chrome browser – there is both cooperation and competition there," said McCullagh. "Similarly, the US and Russia are interested in the other party’s computer vulnerabilities, data, and obtaining military and defense intelligence, but they also cooperate regularly on cybersecurity."

McCullagh provided the example of a 2013 cyber crime extradition working group, and more recently a cyberwar hotline established for countries to quickly ask counterparts whether they are responsible for a cyberattack in order to rapidly deescalate situations and avoid misunderstandings.

What challenges stand in the way of cooperation in the cyber arena?

"Attribution," said McCullagh. "The real difference in cyber is the issue of attribution, because if a missile is fired you know who fired the missile, or if a spy is caught you can track down who the spy is, but if you are hacked by somebody and it is sent through five different routers in five different countries then attribution is impossible, you won’t know who did it."

The two guests raised the issue that law and policy have yet to catch up to cyber realities, creating the possibility for false-flag attacks, misunderstandings and overreaches that could become military conflicts. 
Ein News: http://bit.ly/1MSBKM8

« Self-Defence In A Connected World
Cybercrime Increases As Crooks Get AI Smarter »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Securi-Tay

Securi-Tay

Securi-Tay is an information Security conference held by the Ethical Hacking Society at Abertay University, Dundee.

AuthenTrend

AuthenTrend

AuthenTrend provide biometric authentication products to achieve high security with extreme ease-of-use for the user.

Smart Contract Security Alliance

Smart Contract Security Alliance

The Smart Contract Security Alliance supports the blockchain ecosystem by building standards for smart contract security and smart contract audits.

International Cybersecurity Institute (ICSI)

International Cybersecurity Institute (ICSI)

ICSI is a UK company offering specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals.

Cyber NYC

Cyber NYC

Cyber NYC is a suite of strategic investments to grow New York City’s cybersecurity workforce, help companies drive innovation, and build networks and community spaces.

Montreal International

Montreal International

You’re an entrepreneur planning to launch a company in an innovative sector such as AI, cybersecurity, 'deeptech' or fintech? You’ve found the right place!

OffSec

OffSec

OffSec have defined the standard of excellence in penetration testing training. Elite security instructors teach our intense training scenarios and exceptional course material.

Neosec

Neosec

We’re reinventing API security. Understanding behavior requires data, analytics, and intelligence. Neosec brings XDR techniques to application security.

NACVIEW

NACVIEW

NACVIEW is a Network Access Control solution. It allows to control endpoints and identities that try to access the network - wired and wireless, including VPN connections.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

CryptoDATA

CryptoDATA

CryptoDATA develops products and services based on Blockchain technology, that ensure user security and data encryption, applicable in various fields.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

DerSecur

DerSecur

DerSecur has been engaged in advanced technology activities in the field of Application Security since 2011. We offer R&D technology solutions in the field of SAST, DAST and SCA analysis.

Guardian Angel Cyber

Guardian Angel Cyber

Guardian Angel Cyber, is your trusted ally in safeguarding your digital assets and online presence.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.

Neqst

Neqst

Neqst is an investment firm specialising in profitable growth companies within the Nordic software and IT-services sectors.