Cyber Attacks Are The New Cold War

Uploaded on 2021-06-17 in INTELLIGENCE--International, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

On 16th June President Biden had a meeting with President Putin in Geneva to talk about cyber secuity, among several other important issues. Doubtles on the agenda was  the attack which hacked the US IT services company SolarWinds, the successful ransom attacks on the Colonial Pipeline, Microsoft and numerous other costly breaches of US and allied governments and agencies.  

The US governmnet has pointed at Russian state-sponsored hackers known as Darkside as being the perpetrators at the direction of Russia's intelligence services. The geo-political engagement between the two leaders shows the level of heated argumnent beween the US and Russia over responsibilty for these cyber attacks.

The White House itself has not made any public comments about the international response to the SolarWinds hack, perhaps because cyber attacks have become so common that only the largest scale and most damaging attacks make the news, but it has been working with Microsoft on an investigation.  

Just like the the Cold War in the 1940s and 1950s, each side has reason to fear its opponent gaining a technological upper hand, and just as the Internet brings people together socially it has also enabled malicious activity with data breaches, ransomware and destroyed systems. 

Now, more than 30 years after the end of the Cold War, the US and Russia have decommissioned thousands of nuclear weapons, however, tensions are growing one more. A modern-day cold war would include cyber attacks and nuclear powers’ involvement in allies’ conflicts. It’s already happening.

Now a new kind of Cold War, with Artificial Intelligence (AI) serving as the basis of this arms race and nation-states are employing cyber-attacks, as a prelude to military actions. Attacks launched from the open Internet are at a constant level of activity, just below armed conflict.We think of cyber-attacks in terms of router configurations or malware code, but the tremendous amounts of communications traffic make cyber security a field of data science. 

The US is one the  most connected  country in the world, with everything from cars to refrigerators to security cameras connected online, making it among the most vulnerable. 

All these new sensors and Internet of Things (IoT) devices produce tremendous amounts of data that can be analysed to detect adversary activity. Such massive volumes of data need analytic techniques to synthesise the essence of the activity for human understanding and decision-making and the use of AI to analyse these massive amounts of cyber data and capabilities is growing exponentially. 

Cyber attacks are now a constant and range from the annoying to the devastating. There is still a significant lag between attack and detection and AI can be used to improve defenses and reduce that gap. Previously, rules-based systems were applied in cyber security to detect malware signatures and look for known insider threat patterns. But AI's self-learning techniques are now being used to look for unknown insider threat patterns and other malicious activity. Significantly, these methods can learn based on data that may already contain the threat activity. In addition, AI can synthesize the difference between normal router outages in the open Internet and botnet attacks.

In the Cyber Cold War, one must always assume that your defenses have been breached and your adversaries are already in the system. This is the basic  assumption behind Zero Trust,  which is an essential defensive methodology. 

Organisations must move away from perimeter security to follow the principles of zero trust, to adopt in role-based access controls for every resource and provide secure communications throughout. It can not be assumed that the open Internet is benign and concept of zero-trust concept must be extended into the open Internet to "defend forward" beyond our network perimeters. Finally, we need to extend our security monitoring to leverage AI to search for unknownpatterns of malicious activity. AI is the arms race to analyse more data with greater speed and provide transparent identification and recommendations for human decision-makers.

Cyber resilience must not be viewed as a costly optional add-on but must be considered an essential part of doing business. We must recognise that the more governments develop offensive techniques, the more vulnerable our infrastructure is on defense. Cyber will be a part of every future military action where in the world of AI and sensory-intelligent machines, there are no non-combatants.

Dark Reading:   BBC:      Metro:    The Converstaion:     Cyber NewsFeed:    Jioforme:    Urgent Comm:     

You Might Also Read:

Cyber Warfare Is The New Frontier:

Cyberwar Vs. Traditional Conflict: (£)

 

 

« Why Is It So Difficult To Convict Cyber Criminals?
Cyber Security In The Crypto World »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

FlashRouters

FlashRouters

FlashRouters offers DD-WRT compatible router models with improved performance, privacy/security options, and advanced functionality.

National Crime Agency (NCA)

National Crime Agency (NCA)

The NCA's Cyber Crime Unit focuses on critical cyber incidents in the UK as well as longer-term activity against the criminals and the services on which they depend.

TWNCERT

TWNCERT

TWNCERT is the National Computer Emergency Response Team of Taiwan.

Qolcom

Qolcom

Qolcom is a leading UK based integrator of secure wireless network and mobile device management solutions.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

NNIT

NNIT

NNIT​ is one of Denmark’s leading consultancies in IT development, implementation and operations, including cyber security.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

CyCraft Technology Corp

CyCraft Technology Corp

CyCraft is an AI company that forges the future of cybersecurity resilience through autonomous systems and human-AI collaboration.

Dope Security

Dope Security

Dope Security is a fly-direct Secure Web Gateway that eliminates the data center stopover architecture required by legacy providers, instead performing security directly on the endpoint.

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Cyphershield

Cyphershield

Cypershield is a Security and Smart Contract audit company providing professional smart contract auditing services for varied Crypto projects.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.