There Are No Civilians In Cyber Warfare

Uploaded on 2017-08-14 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

At the conclusion of his authoritataive 2016 book Cyberspace in Peace and War, US Naval Academy cyber-security expert Martin Libicki takes a scolding tone toward rag-tag hackers who liked to demonstrate “their intelligence if not their maturity”.

He told his readers that cybersecurity was a three-star problem that was “hyped into a four-star problem, a standing that it never deserved.”

It was an odd conclusion even in 2016, after all, in 2015 there'd been an enormous coordinated cyber-attack on Ukraine's power system, in which a quarter of a million Ukrainians were deprived of power in the middle of winter.

And from the vantage point of 2017, after the world watched in appalled horror at the 2016 US presidential election and its aftermath, in which Russian state agencies hacked US election rolls and perhaps did much more, Libicki's complacent conclusion seems downright naïve.

New Read

Updating the picture is Alexander Klimburg's quietly horrifying new book The Darkening Web: The War for Cyberspace, which opens with a brutally sobering declaration about the kind and extent of damage that cyber warfare could inflict.

“In reality,” Klimburg writes, “pretty much any form of destruction is achievable through cyber means; for those with the resources, the only limitation is their own creativity.”

With gut-clenching efficiency, Klimburg imagines plenty: power grids not only shut down but physically damaged, transportation networks disrupted or closed (80 percent of Americans live in cities, dependent on food supplies that would only last a day if stopped), telecommunications warped or terminated, financial information deleted.

And of course he discusses the stereotypical nightmare scenario, which involves nuclear weapons, tens of thousands of which have command-and-control sequences that are now “cyber-enabled”, and therefore hackable.

Planes fly, and land safely, guided not by human hands but entirely by software. Thousands of pieces of everyday technology are now interconnected in an elaborate ongoing electronic conversation with each other, the much-touted “Internet of things”, and all of those conversations can be not only interrupted but co-opted.

The implication throughout the book couldn't be clearer: logging off Facebook or keeping a backyard garden is a fool's consolation. In cyber warfare, there are no civilians.

Naturally enough, the Russians figure prominently throughout "The Darkening Web."

“The extreme level of Russian involvement in the 2016 US presidential election is, at the time of finishing this book, just reaching fever pitch,” Klimburg writes. “One June 2016 article clearly outlines how the Kremlin's troll army was being used to support the candidacy of Donald Trump, with a number of known trolls migrating their accounts to fake conservative personas.”

Klimburg traces the long history of Russia's electronic espionage, including the entire generation of siloviki, former members of the Soviet security services, who've been put to new and nefarious uses in Putin's Russia.

But the story also extends to the rise of state-sponsored hacking campaigns all around the world, from major actors like China and North Korea to tiny four-person cabals in Eastern Europe unleashing vast clouds of malicious bots for reasons of their own.

All these actors combine to form a vast crowd of opportunists creating millions of strains of malware, splicing and re-combining into “zombie armies” called botnets, which can form cybernetic terrains all their own.
 
“Botnets are highly useful for those seeking to perpetrate cyber-crime or even engage in state-affiliated cyber espionage,” Klimburg writes. “Botnets can be used by hackers for a variety of tasks: they are truly the Swiss army knives of cyber-attacks.”

And alongside malicious human actors there's also the added danger of inhuman actors: malware communicating with malware, bots adapting themselves to other bots, often simulating the kind of artificial intelligence (AI) that no less an authority than Stephen Hawking warned might spell the end of humankind.

Whether its author intends it or not, "The Darkening Web" eventually accumulates the picture of an impending apocalypse, an utterly unwinnable war in which the world's few good guys, in this account, the liberal democracies that are interested in social freedom and the uncensored flow of information, are outgunned, outspent, and outmaneuvered at every stage of what Klimburg refers to as the great cyber game.

The vending machine in your office's cafeteria communicates electronically, automatically and without supervision, with its stocking company when it's running low on snacks; the company's stocking software communicates, again, unsupervised, with the software of its distant suppliers.

Those suppliers have software that communicates with various government regulatory agencies. All of it happens every day, and all of it is hackable. Multiply that a million fold and you have the world of the darkening web.

“This is an Armageddon that all of us in liberal democracies have the power to avert,” Klimburg writes, reminding his readers that “humanity has come together to deal with existential challenges before.”

In the wake of a presidential election hacked by an enemy power, with massive random ware viruses making the news by attacking dozens of countries simultaneously, the note of defiant optimism, however unrealistic, is desperately appreciated.

CS Monitor

You Might Also Read:

Modern Fiction: A Novel  Is Required Reading At The Pentagon:

Dark Territory: The Secret History of Cyber War:

 

« US Police Make Widespread Use Of Facial Recognition Software
Cyber Warfare Opens A New Front Against Civilians »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ISO Quality Services Ltd

ISO Quality Services Ltd

ISO Quality Services is an independent organisation that specialises in the implementation, certification and continued auditing of ISO and BS EN Management Standards including ISO 27001..

Octopus Cybercrime Community

Octopus Cybercrime Community

The Octopus Community is a platform for information sharing and cooperation on cybercrime and electronic evidence.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

Checksum Consultancy

Checksum Consultancy

Checksum Consultancy specializes in Information security, Risk management, and IT governance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Montreal International

Montreal International

You’re an entrepreneur planning to launch a company in an innovative sector such as AI, cybersecurity, 'deeptech' or fintech? You’ve found the right place!

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

NodeSource

NodeSource

NodeSource helps organizations run production-ready Node.js applications with greater visibility into resource usage and enhanced awareness around application performance and security.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

IoTeX

IoTeX

Building the connected world. IoTeX is a fast, secure, and decentralized platform that connects real world devices/data to the blockchain.

HALOCK Security Labs

HALOCK Security Labs

HALOCK is an information security consultancy providing both strategic and technical security offerings.

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

Opkalla

Opkalla

We started Opkalla because we believe IT professionals deserve better. We help our clients navigate the confusion in the marketplace and choose the solution that is right for your business.

Karthik Consulting (KC)

Karthik Consulting (KC)

Karthik Consulting is a technology service provider specializing in IT services for the U.S. federal government.