On the Brink of Cyber War…

On Thursday last week, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva.

Years ago the Stuxnet virus showed the possibility of anonymous “kinetic” attacks in the cyber arena, leading many military and defense analysts to worry that World War III may be carried out with a keyboard.

On Thursday last week, senior cybersecurity officials from the US and Russia began two-day meetings in Geneva. The US says that the two countries are renewing efforts to prevent rushing into a cyber war “by mistake,” but many wonder what defines a "cyber war," and whether it actually poses a credible risk.

In recent years, America has pushed the boundaries of cyberwarfare while Western media focused on imagined threats from Russian and Chinese hackers. Beginning in 2010, with Operation Olympic Games, the US and their Israeli counterparts released the Stuxnet virus, crippling Iran’s Natanz nuclear facility and demonstrating the potential of "kinetic effects" as a result of cyberwarfare.

Further, in 2014, the NSA was implicated in surveilling the president of Brazil and the country’s state-owned oil giant Petrobras. Documents released from that NSA surveillance triggered the "car wash" investigation, leading to a vote to impeach Brazilian President Dilma Rousseff.

Recently, a series of cyberattacks by Iran demonstrated that turnabout is fair play. A federal indictment was issued against several Iranian officials for hackers engaging not only in market manipulation but also attempting to  cripple a dam in New York state that, if it had been successful, could have resulted in substantial loss of life and long-term agricultural damage.
With the purported specter of cyber war moving from the realm of science fiction to a leading national security distraction, Sputnik’s Brian Becker sat down on Friday with journalists Dmitry Babich and Declan McCullagh to discuss the cooperative meetings between US and Russian officials and whether the so-called new Cold War has already migrated online.

"There is a really bad relationship between the US and Russian government," Babich told Loud & Clear, "and there are constant accusations in the US press against Russia about Russian hackers on the payroll of the government trying to ruin the economy and military systems of countries like Estonia."

"I think the real picture is more complicated," suggested Babich. "There are some companies in Russia, big companies, which are dealing with cybersecurity and are part of international business. A [Russian] company like Kaspersky is an integral part of the global cybersecurity system."

Babich believes Russian cybersecurity companies and specialists are not engaged in cyber war against the United States or elsewhere, that they "don’t want to quarrel with the US and the EU," and are frustrated that the West takes such an aggressive posture towards them.

The journalist believes that the meeting between the two military superpowers will help to clear misconceptions, often advanced by Western media, that Russian hackers are "trying to attack the innocent West" when, in reality, Russia is both a competitor and a cooperative partner, engaged in activities that mirror US efforts.

Declan McCullagh agreed, likening US-Russian relations on cyber warfare to competition between tech giants Google and Apple. "Google competes with Apple, but it also releases maps and mail for the iOS Chrome browser – there is both cooperation and competition there," said McCullagh. "Similarly, the US and Russia are interested in the other party’s computer vulnerabilities, data, and obtaining military and defense intelligence, but they also cooperate regularly on cybersecurity."

McCullagh provided the example of a 2013 cyber crime extradition working group, and more recently a cyberwar hotline established for countries to quickly ask counterparts whether they are responsible for a cyberattack in order to rapidly deescalate situations and avoid misunderstandings.

What challenges stand in the way of cooperation in the cyber arena?

"Attribution," said McCullagh. "The real difference in cyber is the issue of attribution, because if a missile is fired you know who fired the missile, or if a spy is caught you can track down who the spy is, but if you are hacked by somebody and it is sent through five different routers in five different countries then attribution is impossible, you won’t know who did it."

The two guests raised the issue that law and policy have yet to catch up to cyber realities, creating the possibility for false-flag attacks, misunderstandings and overreaches that could become military conflicts. 
Ein News: http://bit.ly/1MSBKM8

« Self-Defence In A Connected World
Cybercrime Increases As Crooks Get AI Smarter »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

RedTeam Security

RedTeam Security

RedTeam Security is a provider of Penetration Testing, Social Engineering, Red Teaming and Red Team Training services.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

Cambridge Intelligence

Cambridge Intelligence

Cambridge Intelligence are experts in network visualization and finding hidden trends in complex connected data. Applications include cybersecurity.

Software Factory

Software Factory

Software Factory develops custom-built high-performance software solutions and products for applications including industrial cyber security.

Basis Technology

Basis Technology

Basis Technology provides software solutions for text analytics, information retrieval, digital forensics, and identity resolution.

AKS IT Services

AKS IT Services

AKS IT Services (an ISO 9001:2015 and ISO 27001:2013 certified company) is a leading IT Security Services and Solutions provider.

Glilot Capital Partners

Glilot Capital Partners

Glilot Capital Partners is an Israeli seed and early-stage VC. We specialize in businesses which disrupt enterprise technology, mainly in the fields of AI, big data and cybersecurity.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

Saepio Solutions

Saepio Solutions

Saepio promote an all-encompassing approach to cybersecurity, ensuring the appropriate balance of budget and resource across Policy, Product and People.

Matrium Technologies

Matrium Technologies

Matrium Technologies has been a leading provider of technology solutions since 1991, with a strong industry background in Network Testing, Network Visibility and Security.

IPKeys Cyber Partners

IPKeys Cyber Partners

IPKeys Cyber Partners, together with the IPKeys Power Partners unit, provide Cyber Security and CIP Compliance for utilities, grid operators and public safety organization across the USA.

National Cybersecurity Alliance

National Cybersecurity Alliance

The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world.

IDECSI

IDECSI

IDECSI delivers cutting-edge technology and engages all employees in the security system for effective and cost-efficient data protection.

S2W

S2W

S2W is a data intelligence company specialized in cyber threat intelligence, brand/digital abuse, and blockchain.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.

CQR

CQR

CQR are at the forefront of innovative cyber solutions, dedicated to securing and fortifying Operational technology (OT) infrastructure.