On the Brink of Cyber War…

On Thursday last week, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva.

Years ago the Stuxnet virus showed the possibility of anonymous “kinetic” attacks in the cyber arena, leading many military and defense analysts to worry that World War III may be carried out with a keyboard.

On Thursday last week, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva. The US says that the two countries are renewing efforts to prevent rushing into a cyber war “by mistake,” but many wonder what defines a "cyber war," and whether it actually poses a credible risk.

In recent years, America has pushed the boundaries of cyberwarfare while Western media focused on imagined threats from Russian and Chinese hackers. Beginning in 2010, with Operation Olympic Games, the US and their Israeli counterparts released the Stuxnet virus, crippling Iran’s Natanz nuclear facility and demonstrating the potential of "kinetic effects" as a result of cyberwarfare.

Further, in 2014, the NSA was implicated in surveilling the president of Brazil and the country’s state-owned oil giant Petrobras. Documents released from that NSA surveillance triggered the "car wash" investigation, leading to a vote to impeach Brazilian President Dilma Rousseff.

Recently, a series of cyberattacks by Iran demonstrated that turnabout is fair play. A federal indictment was issued against several Iranian officials for hackers engaging not only in market manipulation but also attempting to  cripple a dam in New York state that, if it had been successful, could have resulted in substantial loss of life and long-term agricultural damage.
With the purported specter of cyber war moving from the realm of science fiction to a leading national security distraction, Sputnik’s Brian Becker sat down on Friday with journalists Dmitry Babich and Declan McCullagh to discuss the cooperative meetings between US and Russian officials and whether the so-called new Cold War has already migrated online.

"There is a really bad relationship between the US and Russian government," Babich told Loud & Clear, "and there are constant accusations in the US press against Russia about Russian hackers on the payroll of the government trying to ruin the economy and military systems of countries like Estonia."

"I think the real picture is more complicated," suggested Babich. "There are some companies in Russia, big companies, which are dealing with cybersecurity and are part of international business. A [Russian] company like Kaspersky is an integral part of the global cybersecurity system."

Babich believes Russian cybersecurity companies and specialists are not engaged in cyber war against the United States or elsewhere, that they "don’t want to quarrel with the US and the EU," and are frustrated that the West takes such an aggressive posture towards them.

The journalist believes that the meeting between the two military superpowers will help to clear misconceptions, often advanced by Western media, that Russian hackers are "trying to attack the innocent West" when, in reality, Russia is both a competitor and a cooperative partner, engaged in activities that mirror US efforts.

Declan McCullagh agreed, likening US-Russian relations on cyber warfare to competition between tech giants Google and Apple. "Google competes with Apple, but it also releases maps and mail for the iOS Chrome browser – there is both cooperation and competition there," said McCullagh. "Similarly, the US and Russia are interested in the other party’s computer vulnerabilities, data, and obtaining military and defense intelligence, but they also cooperate regularly on cybersecurity."

McCullagh provided the example of a 2013 cyber crime extradition working group, and more recently a cyberwar hotline established for countries to quickly ask counterparts whether they are responsible for a cyberattack in order to rapidly deescalate situations and avoid misunderstandings.

What challenges stand in the way of cooperation in the cyber arena?

"Attribution," said McCullagh. "The real difference in cyber is the issue of attribution, because if a missile is fired you know who fired the missile, or if a spy is caught you can track down who the spy is, but if you are hacked by somebody and it is sent through five different routers in five different countries then attribution is impossible, you won’t know who did it."

The two guests raised the issue that law and policy have yet to catch up to cyber realities, creating the possibility for false-flag attacks, misunderstandings and overreaches that could become military conflicts. 
Ein News: http://bit.ly/1MSBKM8

« Self-Defence In A Connected World
Cybercrime Increases As Crooks Get AI Smarter »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

Foregenix

Foregenix

Foregenix are global specialists in Digital Forensics and information security including Penetration testing and Website Security.

Bricata

Bricata

Bricata offers industry-leading IPS solutions for enterprise-wide threat prevention and unparalleled situational awareness.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Charities Security Forum (CSF)

Charities Security Forum (CSF)

The Charities Security Forum is the premier membership group for information security people working for charities and not-for-profits in the UK.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

PreEmptive Solutions

PreEmptive Solutions

PreEmptive Protection hit the sweet spot between cost, convenience and functionality by helping you protect and secure your apps in a smarter way.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

Acronis

Acronis

At Acronis, we protect the data, applications, systems and productivity of every organization – safeguarding them against cyberattacks, hardware failures, natural disasters and human errors.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.

Reaktr.ai

Reaktr.ai

Reaktr.ai is founded on the vision of using AI as a catalyst to propel industries into a future where we redefine what's possible. Fortify your cybersecurity defense with our AI-powered platform.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.

tmc3

tmc3

tmc3 is an award-winning, people-centric consultancy that is transforming cyber security from an overhead into an organisational enabler.

Octane

Octane

Octane is an AI cybersecurity startup using machine learning to identify and fix vulnerabilities in blockchain codebases.