Cyber Deterrence: How To Curb Cyber Attacks

Uploaded on 2017-01-03 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Rising cyber attacks across the globe have been a menace and threatening to targets. From 2005 to 2015, US Federal agencies reported a 1,300 percent jump in cyber security incidents.

Recently, Russia was accused of interfering and manipulating the whole US election results by hacking into Democratic Party computers. Then in October several high-profile websites were knocked offline when thousands of internet-connected devices, such as digital video recorders and cameras were compromised by Mirai malware.

It’s high time we think of better ways for addressing these threats. Amid this, the idea of cyber-deterrence has started emerging. Deterrence has long been effective to counter the threat of nuclear weapons, so can it even work against cyber weapons?

Deterrence focuses on making potential adversaries think twice about attacking; firstly, by making them consider the cost of their act and the consequence of counterattack and second is punishment by making sure the adversaries know there will be a strong response that might inflict more harm than they are willing to bear.

Unlike nuclear weapons which are there only in a few countries and only significant resources need to invest in them, cyber weapons can be quickly developed by individuals or small groups and they can be easily replicated and distributed across networks.

Cyber weapons are often deployed under a cloak of anonymity, making it difficult to figure out who is really responsible and it also leaves a broad range of effects, most of which is disruptive and costly, but not catastrophic.

However, this does not imply that cyber deterrence cannot work.

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defences and establish international norms for cyberspace. The first two of these measures will significantly improve our cyber defences so that even if an attack is not deterred, it will not succeed.

Improving Cyber Security

if the protection is geared up, the attack will be stopped before the hackers can achieve their goal. For this, login security should be beefed up, data and communications need to be encrypted, viruses and malware need to be fought and software should be regularly updated to patch any weakness found.

A more pressing protection issue today is the shipping and selling of cheap Internet-of-Things devices which lead to many attacks. While some companies like Microsoft, heavily invest in product security, may others do not do so.

Cyber-security expert, Bruce Schneier advises that regulation should be imposed on manufacturers to put in basic security standards in devices, failing which they should be held liable when they are products are used in attacks.

Employ Active Defences

Action against attackers can be taken by monitoring, identifying and countering adverse cyberattacks. These active cyber defences are similar to air defence systems.

Network monitors that watch for and block hostile packets are one example, as are honeypots that attract or deflect adversary packets into safe areas. There, they do not harm the targeted network, and can even be studied to reveal attackers’ techniques.

Another set of active defences involves collecting, analysing and sharing information about potential threats so that network operators can respond to the latest developments and if any malware is found, they could disconnect the devices from the network and alert the devices’ owners to the danger.

An active cyber defence can often unmask the people behind them, leading to punishment. Nongovernment attackers can be shut down, arrested and prosecuted; countries conducting or supporting cyber warfare can be sanctioned by the international community.

Establish International Norms

International norms for cyberspace can aid deterrence if national governments believe they would be named and shamed within the international community for conducting a cyber-attack.

It’s difficult to completely get rid of cyber-space but at least the attacks can be minimised to a certain level if strong security, cyber defences and international cyber norms are actively used.

eHacking News:               War In The Information Age

 

« Cybersecurity Trends In 2017
Claims That Google's Search Algorithm Spread False Information »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Research Institute in Science of Cyber Security (RISCS)

Research Institute in Science of Cyber Security (RISCS)

RISCS is focused on giving organisations more evidence, to allow them to make better decisions, aiding to the development of cybersecurity as a science.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

Kenexis

Kenexis

Kenexis is a consulting engineering firm providing services for process hazards analysis, fire and gas mapping, and industrial cybersecurity.

NuData Security

NuData Security

NuData Security, A Mastercard Company, is an award winning behavioral biometrics company.

Chainalysis

Chainalysis

Chainalysis provides blockchain analysis software to prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.

ReSec Technologies

ReSec Technologies

ReSec provides total protection against all types of known and unknown malware threats including viruses, Trojans, ransomware and phishing, regardless of their delivery method.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Threatspan

Threatspan

Threatspan is a cybersecurity firm helping shipping and maritime enterprises achieve and maintain nautical resilience in an age of increasing cyber threats.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

Cyber Science

Cyber Science

Cyber Science is the flagship conference of C-MRiC, focusing on pioneering research and innovation in Cyber Situational Awareness, Social Media, Cyber Security and Cyber Incident Response.

ChainSecurity

ChainSecurity

ChainSecurity provides products and services for securing smart contracts and blockchain protocols and conducts R&D in the areas of security, program analysis, and machine learning.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Fusion Risk Management

Fusion Risk Management

Fusion Risk Management focuses on operational resilience encompassing business continuity, risk management, IT risk, and crisis and incident management.

DHCO IT

DHCO IT

The DHCO IT team are experts in IT support, cyber security, cloud support and disaster recovery, and are Microsoft 365 partners.

Everfox

Everfox

Everfox (formerly Forcepoint Federal) has been defending the world's most critical data and networks against the most complex cyber threats imaginable for more than 25 years.

Cyberleaf

Cyberleaf

Cyberleaf is simplified managed cybersecurity for MSPs, enabling top tier cyber protection for small and medium enterprise.