Strategic Intelligence For The 21st Century.

As the analysis reaches deeper behind the recent Paris attacks, it has become clear that terrorism today is a widening series of global alliances often assisted and connected via cyber social media, and electronic propaganda.

Cyberspace is now becoming home to a digital revolution, where different types of computers are the new brainchild of our cognitive culture. Just as the mechanization of agriculture and production took over the muscles and bodies of our workers, so the computer has begun to replace our brains, machinery, and infrastructures.

These new electronic networks leave ‘exhaust’ data of the social activities and commercial transactions of network traders, political, and business collaborators. This data tells us much forensically about what happened with the data’s use.

Electronic data is increasingly becoming an open door to insecurity. In the early years of cyber we traded off these disadvantages, but for the last decade we have reached the cyber borders where we can assume that security constantly applies and requires a sophisticated and continual audit process. These systems require far more senior management understanding and involvement, and should not be left solely to the technologists.

Until Edward J. Snowden began leaking classified documents, billions of people relied on a more common type of security called Transport Layer Security or Secure Sockets Layer (SSL) technology to protect the transmission of sensitive data like passwords, financial details, intellectual property and personal information. That technology is familiar to many Web users through the ‘https’ and padlock symbol at the beginning of encrypted web addresses.

However, Snowden’s leaked NSA documents make it clear that the intelligence agencies are recording high volumes of encrypted Internet traffic and using it for analysis. More recently it has become clear to Western Intelligence – even outside the Five Eyes (United States, Canada, UK, Australia and New Zealand) – that this also occurs in countries such as Iran, North Korea, South Africa, Russia, China and Saudi Arabia,  all of whom store and monitor vast amounts of Internet traffic.

Recent analysis suggests that ninety percent of small and medium businesses in the United States and European Union do not have adequate cyber security protection.

If we look at how aspects of the cyber world have affected law enforcement and police response to cyber crime the results for many government police forces is not very positive. Indeed, in 2014 only three out of forty-three police forces in England and Wales had a comprehensive plan to deal with cyber crime, and less than 1% of cyber crime was investigated.

We can look at the history of our seas, which developed – albeit a couple of thousand years ago – in a similar way to the expansion of the Internet and our interaction with it. Just as the oceans and seas, were increasingly used for trade and fishing, so too is cyberspace a modern-day platform for commerce and social networking. However, criminal activity, such as piracy, quickly proliferated in both areas.

Piracy was also employed by government’s and commerce in the fifteenth and sixteenth centuries as part of their own operations. Pirates were covertly employed to attack and commandeer other government’s trading vessels, and the privateering government would simply duck responsibility as they had no visible association with pirates.

Commercial organisations of all types are now enduring an erratic series of cyber-attacks. Recently some have become headline news, with breaches at Sony, the International Monetary Fund, JP Morgan Chase and Symantec. Recent analysis suggests that ninety percent of small and medium businesses in the United States and European Union do not have adequate cyber security protection.

What about the rest of the world?
China’s electronic cyber capabilities are very well developed and they are more advanced than most in the cyber arena. Indeed, China has further increased its electronic and cyber effectiveness by collaborating with North Korea and Russia, signing a cyber-security agreement with the latter in May 2015 in which the two nations agreed not to launch cyber-attacks against the other. China has also recently attempted a similar agreement with the US.

Russia has also made use of cyber pirates and privateering methods. They have quietly engaged with cyber hackers and criminal groups while simultaneously denying their involvement in the attacks. Russia has also actively revealed its cyber-attack ability in relation to Georgia, the Ukraine, the United States, and Estonia.
As the Internet continues to expand and electronic infrastructures become more interconnected, links into the Dark Web, cyber-attacks, and electronic terrorism will also increase, becoming more complex and interdependent. Once again we may draw parallels with piracy (in its earliest form), where the attempts to control it only began with the Treaty of Paris agreement in 1856, almost a thousand ears after the act of piracy first became evident.

For terrorists, electronic threats and attacks have distinct advantages over traditional crime and physical war as they can be controlled economically, secretly, and at a distance. Cyber-attacks do not require large financing of weapons and recruits, and the effects can be global, immediate, and devastating. However, agencies created to combat cyber crime are evolving in parallel to cyber terrorism, and efforts to safeguard information are rapidly becoming more sophisticated and efficient.

OUP: http://bit.ly/1Q4LdeM

Alfred Rolington is the author of Strategic Intelligence for the 21st Century: The Mosaic Method published by Oxford University Press

« FBI's War On Encryption Is Unnecessary
Energy Utilities Highly Vulnerable To Cyber Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Foundation for Strategic Research (FRS)

Foundation for Strategic Research (FRS)

The Foundation for Strategic Research is France's main independent think tank on strategic, defense and security issues. Cyber security is covered as part of the study areas.

National Cyber Security Centre Finland (NCSC-FI)

National Cyber Security Centre Finland (NCSC-FI)

The NCSC-FI develops and monitors the operational reliability and security of communications networks and services in Finland.

American International Group (AIG)

American International Group (AIG)

AIG, is an American multinational insurance corporation. Commercial services include cyber risk insurance.

Beachhead Solutions

Beachhead Solutions

Beachhead's SimplySecure is a configurable, web-based management tool allowing you to remotely secure vulnerable mobile devices in your organization.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

RUSCADASEC

RUSCADASEC

RUSCADASEC is an independent non-profit initiative on developing the open Russian-speaking international community of industrial cyber security/ICS/SCADA cyber security professionals.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

Censys

Censys

Our customers rely on Censys data to get the global visibility they need of their attack surfaces in order to proactively prevent nation-state attacks and emerging threats.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

NANDoff Data Recovery

NANDoff Data Recovery

NANDoff is a flat rate data recovery service. We serve the electronics industry around the globe 24/7.

Protos Labs

Protos Labs

Protos Labs enables insurers & enterprises to make better cyber risk decisions through holistic, real-time risk management tools.

Averlon

Averlon

Averlon offers organizations peerless cloud security through Panoptic Cloud Visibility, Predictive Attack Intelligence and Rapid Remediation.