Cyberwarfare: Borders Offer No Defense

Uploaded on 2017-02-22 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

The US has long relied on its borders and superior military might to protect against and deter foreign aggressors. But a lack of boundaries and any rulebook in cyberspace has increased the threat and leveled the playing field.

It’s unclear how President Donald Trump, who has emphasised an “America First” approach to domestic issues, will respond to Cyber-space threats, which transcend traditional borders and make it easier and cheaper than ever for foreigners to attack the US. Whatever the approach, it will set the tone and precedent for global policies during a critical time when the ground rules are still being written.

At a hearing recently on foreign Cyber-threats, the chairman of the Senate Armed Services Committee, Sen. John McCain, , ran through a list of recent operations the US believes was carried out by foreign countries, Russia, China, Iran and North Korea.

The targets: The White House, State Department, Office of Personnel Management, Joint Chiefs of Staff, Navy, major US financial institutions, a small New York dam and Sony Pictures Entertainment Inc.

“Our adversaries have reached a common conclusion, that the reward for attacking America in cyberspace outweighs the risk,” McCain said.

With most of the US critical infrastructure in private hands and Americans among the most connected citizens in the world, the potential attack surface for any hacker is vast and increasing. US officials and lawmakers have argued that because there is no official policy on Cyber-Warfare, the response to any attack can be slow, politicised and ultimately ineffectual.

The US took two months, after publicly accusing Russian government hackers of trying to influence the presidential election, to respond with economic sanctions and other more symbolic measures.

The reality is that the “nature of conflict has moved to the information space instead of just the physical kinetic space, and it now operates at greater scale and quicker speed,” said Sean Kanuck, who served as the first US national intelligence officer for cyber issues in the Office of the Director for National Intelligence.

Under the Obama administration, the US proposed international cyber rules for peacetime, including that countries should not target another’s critical infrastructure. But otherwise, it has maintained existing international laws and reserved the right to respond to any Cyber-attack.

The Trump administration is reviewing cyber policies, but it has said it will prioritize developing defensive and offensive cyber capabilities. It has also said it will work with international partners to engage in “cyberwarfare to disrupt and disable (terrorist) propaganda and recruiting.”

Unlike conventional warfare, the costs in Cyber-space can have rippling impacts for both the victim and attacker. Malicious software may end up spreading in an unforeseen and unplanned manner, and a hacker who gets into a single computer can cause unpredicted effects to a network.

“Look at what North Korea did to Sony or what China did to us via the OPM hack,” said David Gioe, a history fellow at the Army Cyber Institute at West Point and a former intelligence officer. “You’ve got all of these aircraft carriers and all of this ocean, and it really doesn’t matter because we’re still feeling effects. They’re not kinetic effects, but they’re surely effects.”

More than 20 million people had their personal information compromised when the Office of Personnel Management was hacked in what the US believes was a Chinese espionage operation.

“Really it’s our geeks versus their geeks,” Gioe said. “In the same way as single combat. It doesn’t matter how good my army is or your army is, it’s me versus you.”

Ein News

Technology, Multilateralism, War and Peace:     

Hacker, Tailor, Soldier, Spy: Future Cyberwar:     Pentagon Creates New 5,000 Strong Cyber Force:

 

 

« Data Fusion For Military Intelligence & Business
Five Arrested For Large Scale Bank Hacking »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Engage Black

Engage Black

Engage Black provides solutions for securing and protecting cryptographic keys, data at rest, and data in motion.

Cybonet

Cybonet

Cybonet provides easy to deploy, flexible and scalable security solutions that empower organizations of all sizes to actively safeguard their networks in the face of today’s evolving threats.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

HelseCERT

HelseCERT

HelseCERT is the health and care sector's national information security center for Norway.

Information Technology & Cyber ​​Security Service (STISC) - Moldova

Information Technology & Cyber ​​Security Service (STISC) - Moldova

STISC is a public institution whose purpose is to ensure the administration, maintenance and development of the information technology infrastructure in Moldova.

At-Bay

At-Bay

At-Bay is the world’s first InsurSec provider designed from the ground up to help businesses tackle cyber risk head on.

ditno

ditno

ditno uses machine learning to help you build a fully governed and micro-segmented network. Dramatically mitigate risk and prevent lateral movement across your organisation – all from one centralised

Data Storage Corp (DSC)

Data Storage Corp (DSC)

Data Storage Corporation is a provider of data recovery and business continuity services that help organizations protect their data, minimize downtime and recover and restore data.

Cybots

Cybots

Cybots is a multinational cyber defence brand founded in Singapore in 2018 to help organizations stay ahead of increasingly sophisticated threats from cyber criminals.

Grip Security

Grip Security

Grip Security provides comprehensive visibility, governance and data security to help enterprises effortlessly secure a burgeoning and chaotic SaaS ecosystem.

SEMNet

SEMNet

SEMNet is an IT solutions provider and an infrastructure and security consulting firm.

GuardDog.ai

GuardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Scribe Security

Scribe Security

Scribe security provides end-to-end software supply chain security solutions.

Aberrant

Aberrant

A radically new approach to managing information security. Aberrant is the single pane of glass through which a security program can be viewed.

Cyscomply

Cyscomply

Cyscomply is an AI-powered self-assessment platform to identify gaps, benchmark against global standards and take the right action. You can assess against NIST CSF, DORA, ISO 27001, NIST 800-171.