Reshaping The Future Of War With Malware

Uploaded on 2019-11-06 in NEWS-Cybersecurity News, FREE TO VIEW

As tensions rage beneath the Middle East cauldron, the expanded employment of cyber operations is preventing the region from boiling over. 

US Cyber Command's covert cyber operation against Iran, in response to the September attacks on oil facilities in Saudi Arabia, underscores the inclination of states to use cyber operations instead of armed force and points to broader strategic implications in the region. 

Conventional wisdom would suggest that scaled-up capabilities, growing competition, and the proliferation of malware across cyberspace presents a legitimate risk of escalation in state conflict, transcending the cyber domain toward the kinetic. However, recent history has shown that states have more often availed themselves of their offensive cyber arsenals to achieve surprisingly de-escalatory effects, according to the Atlantic Council think-tank.

Offensive cyber operations sit low on the escalation ladder, the figurative scale ranging from diplomatic engagement to all-out nuclear war, and provide states with means of signaling adversaries without using force, and potentially even deescalating tense or provocative situations.

 Through this lens, there is a case to be made for the responsible diffusion of malware as a tool of diplomacy and statecraft to de-escalate regional conflict. 

Cyber operations have served this exact de-escalatory purpose throughout recent tensions in the Persian Gulf. 
When a US Navy Carrier Strike Group was sent to the Persian Gulf in May  an Iranian threat to US assets was detected in the area, Washington signaled that it was prepared to meet potential Iranian aggression with airstrikes. 

US President tweeted that the United States was “locked & loaded,” alluding to a kinetic response option, but instead, the US deployed malware to neutralise the Iranian threat, while demonstrating that Tehran’s provocations would not go unchecked. 

The decision to prioritise cyber response options underscores Washington’s desire to cool things down and reassert its control by utilizing short-of-war tactics. A similar strategy is playing out on the eastern shores of the Mediterranean. While remaining largely out of the fray, Israel is closely monitoring tensions in the Persian Gulf. Israel, like the United States, remains chiefly concerned with breaking Tehran’s spreading influence and power in the region, but does not want to bear the risk of doing so alone. 

Israel’s Ministry of Defense recently reported to hav eased export control rules on certain malwareto allow Israeli companies to more quickly obtain exemptions for marketing to more countries than previously possible. Under the newly relaxed regulations, not only has the approval process been shortened to as few as four months, but also the Defense Ministry has indicated that the group of allowable buyers has expanded. Indications that Israeli spyware, software that enables users to surreptitiously reap information from another user’s hard drive, and other forms of malware are destined for purchase by Saudi Arabia and the United Arab Emirates have raised eyebrows amongst rights advocacy groups. 

While these human rights concerns over these malware exports are justifiable, the de-escalatory and even ethical role of offensive cyber operations cannot be ignored.

While kinetic options could escalate conflict and draw the ire of the international community, cyber operations can provide de-escalatory alternatives under challenging operational circumstances. Concerns over potential misuse of cyber tools to quash internal dissent and suppress democratic values are legitimate and should be taken seriously. So, too, should the ethical case for the responsible utilisation of these tools.

The de-escalatory and diplomatic effects offensive cyber operations can bring to bear make them legitimate tools of statecraft in navigating regional conflict. 

Atantic Council

You Might Also Read: 

Shockwave - A Global Transformation In Warfare:

 

« Fraud And The Dark Side Of AI
Hacking Skills Can Qualify You For A Top Cybersecurity Job »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clifford Chance

Clifford Chance

Clifford Chance are one of the world's pre-eminent law firms with resources across five continents. Practice areas include Cyber Security & Information Protection

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

SAST

SAST

SAST provide Static Application Security Testing as a service based on SAST Tools.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Cyber Defence Solutions (CDS)

Cyber Defence Solutions (CDS)

Cyber Defence Solutions is a cyber and privacy Consultancy with extensive experience in the development and implementation of cyber and data security solutions to your assets.

Phished

Phished

Phished is an AI-driven platform that focuses on the human side of cybersecurity. By combining fully automated training software with personalised, realistic simulations of cyberattacks.

OnSecurity

OnSecurity

OnSecurity replaces the overhead of traditional penetration testing firms with a simple online interface, making it easy to book tests as and when needed.

Accedian

Accedian

Accedian is a leader in performance analytics and end user experience solutions, dedicated to providing our customers with the ability to assure their digital infrastructure.

Creative ITC

Creative ITC

Creative ITC is a leading infrastructure and cloud enablement company. We design and deliver exceptional managed services and cloud solutions.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

Hackurity.io

Hackurity.io

Hackurity.io is a high energy IT security start-up founded in 2021 out of the frustration that IT Security is highly fragmented and reactive.

Ermes

Ermes

Ermes – Intelligent Web Protection provides companies with a solution that effectively secures them against web threats.

Cypheria

Cypheria

Cypheria harness the expertise of elite military units and combine it with extensive digital combat experience to deliver unparalleled security solutions for organizations.