Global Cyber Conflict Is Close

The announcement of a sixth subterranean nuclear test has the world talking about how to contain the threat of a nuclear -ready North Korea, but there is another concern getting insufficient attention: the potential for full spectrum cyber war.

Just what that might look like is known, but seldom discussed.

Remember the NASDAQ flash crash? It happened on May 6, 2010, at 2:32 pm and lasted for more than 30 minutes. It was a trillion-dollar stock market crash.

At the time, a minority in the cybersecurity community believed that crash was a hack. Some time ago the Washington Post chided the tendency to cry “hacking” when something systemic fails.

“The 2003 Northeast blackout was first blamed on hacking, the 2010 ‘flash crash’ was first blamed on hacking.” That said, James Lewis opined, “Evil mad-genius hackers who want to wreak mass havoc on society because they are in a bad mood don’t exist in real life.”

Fair enough, but evil state-sponsored hackers do want to wreak mass havoc on the societies they deem to be the enemy.

It is probable, not just possible, that cyberattacks will shut down the power grid (that may have already happened in the Ukraine), erase or paralyse financial data systems or cause military equipment to malfunction in the near future.

Certainly very odd

“It certainly is very odd that so many incidents have taken place in a relatively short period of time,” Finnish computer programmer Harri Hursti told me.

Hursti said vulnerabilities in GPS technology would be the logical place to start any investigation into the US Navy mishaps that have plagued the Pacific fleet this year, but pointed out that there was not enough information about the systems used to make an educated guess at what may have happened.

He did go on to say that pseudolites (a contraction of pseudo-satellite) might have been involved, since these mechanisms are capable of sending false information to the kinds of receivers used in marine navigation.

The unpredictability of war

Say what you will about President Trump’s missteps, he’s right about the need for stealth when it comes to wartime decisions. And make no mistake, with or without missiles flying, we are at war with many nation states, although North Korea seems to be first among them.

“A one-time event is unpredictable,” said Ondrej Krehel, CEO and founder of LIFARS, a digital forensics and cybersecurity intelligence firm.

We were discussing the crash of the Navy destroyer USS John S. McCain, specifically the possibility that the “steering failure” experienced by that ship was a hack.

Earlier hacks made it at least conceivable. There was the infamous example where white hat hackers were able to kill the engine of a Jeep driving at the upper speed limit on a highway and still other car hacks, including speculation that the one-car crash that killed journalist Michael Hastings may have been the result of a hack as well.

“Anything is possible,” Krehel said.

“All the systems on a ship are interconnected.” Listing the various modes of possible attack, including a man-in-the-middle take-over of the destroyer’s satellite navigation system, Krehel said the most likely mode was one that would be undetectable, and has not been discussed much in media reports.

“Implants,” Krehel said. “That would be impossible to detect.”

Krehel was talking about cyber organisms that live in memory systems, migrated there through spear phishing campaigns targeted at specific personnel, which is still the most common way this kind of infiltration occurs. The organisms have the ability to create complete system failure, destroying all data in the process, including the bug.

When it comes to cyber protections, it is a truism that for every knock on the front door, there are a thousand-fold attempts at windows, side doors and vents, and human beings are the weakest link in any system.

“The beauty of this kind of attack,” Krehel told me, “is that when it shuts down the system, it is deleted. There is no trace.”

Forewarned is forearmed

In our post-Wikileaks, post-Stuxnet world, we know state-sponsored cyber war exists, and the capabilities are unknowable.
As I’ve said elsewhere, things that look like freak accidents, glitches of technology, could be acts of war. It is simply impossible for anyone outside of the Pentagon to know for sure.

President Trump announced recently that Cyber Command would no longer report to the NSA but would rather, and finally, be elevated to a "Unified Combatant Command." This means that it would be a military operation in its own right, on an equal footing with the other commands overseeing military operations worldwide.

It is up to Defense Secretary Gen. James Mattis to sort out exactly how this will happen, something that may get lost in the shuffle while the world scrambles to get a nuclear muzzle on North Korea. It’s imperative that we stay focused on Cyber Command at such a crucial juncture, because while we look at the sky for scudding missiles, a worm could very well turn off the lights.

The Hill

You Might Also Read

Is A Cyber Attack An Act of War?:

Which Countries Are Ready For Cyberwar?:

« Measuring The Economic Value of Data
Cybersecurity Investigations After US Naval Collision »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cloud Security Alliance (CSA)

Cloud Security Alliance (CSA)

The CSA is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

Oracle Cloud Security

Oracle Cloud Security

Oracle’s cloud security solutions enable organizations to implement and manage consistent security policies across the hybrid data center.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

CryptTalk

CryptTalk

CryptTalk is an easy-to-use secure communication service.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

NeuShield

NeuShield

NeuShield is the only anti-ransomware technology that can recover your damaged data from malicious software attacks without a backup.

Verificient Technologies

Verificient Technologies

Verificient Technologies specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Norma Inc.

Norma Inc.

Norma provides the secured wireless environment (WiFi and Bluetooth) with the unauthorized AP detection, and secures your IoT assets from various threats.

Finnish Security & Intelligence Service (SUPO)

Finnish Security & Intelligence Service (SUPO)

The Finnish Security and Intelligence Service is a government agency tasked with combating serious threats to national security in Finland.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

XONA

XONA

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.