There Are No Civilians In Cyber Warfare

Uploaded on 2017-08-14 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

At the conclusion of his authoritataive 2016 book Cyberspace in Peace and War, US Naval Academy cyber-security expert Martin Libicki takes a scolding tone toward rag-tag hackers who liked to demonstrate “their intelligence if not their maturity”.

He told his readers that cybersecurity was a three-star problem that was “hyped into a four-star problem, a standing that it never deserved.”

It was an odd conclusion even in 2016, after all, in 2015 there'd been an enormous coordinated cyber-attack on Ukraine's power system, in which a quarter of a million Ukrainians were deprived of power in the middle of winter.

And from the vantage point of 2017, after the world watched in appalled horror at the 2016 US presidential election and its aftermath, in which Russian state agencies hacked US election rolls and perhaps did much more, Libicki's complacent conclusion seems downright naïve.

New Read

Updating the picture is Alexander Klimburg's quietly horrifying new book The Darkening Web: The War for Cyberspace, which opens with a brutally sobering declaration about the kind and extent of damage that cyber warfare could inflict.

“In reality,” Klimburg writes, “pretty much any form of destruction is achievable through cyber means; for those with the resources, the only limitation is their own creativity.”

With gut-clenching efficiency, Klimburg imagines plenty: power grids not only shut down but physically damaged, transportation networks disrupted or closed (80 percent of Americans live in cities, dependent on food supplies that would only last a day if stopped), telecommunications warped or terminated, financial information deleted.

And of course he discusses the stereotypical nightmare scenario, which involves nuclear weapons, tens of thousands of which have command-and-control sequences that are now “cyber-enabled”, and therefore hackable.

Planes fly, and land safely, guided not by human hands but entirely by software. Thousands of pieces of everyday technology are now interconnected in an elaborate ongoing electronic conversation with each other, the much-touted “Internet of things”, and all of those conversations can be not only interrupted but co-opted.

The implication throughout the book couldn't be clearer: logging off Facebook or keeping a backyard garden is a fool's consolation. In cyber warfare, there are no civilians.

Naturally enough, the Russians figure prominently throughout "The Darkening Web."

“The extreme level of Russian involvement in the 2016 US presidential election is, at the time of finishing this book, just reaching fever pitch,” Klimburg writes. “One June 2016 article clearly outlines how the Kremlin's troll army was being used to support the candidacy of Donald Trump, with a number of known trolls migrating their accounts to fake conservative personas.”

Klimburg traces the long history of Russia's electronic espionage, including the entire generation of siloviki, former members of the Soviet security services, who've been put to new and nefarious uses in Putin's Russia.

But the story also extends to the rise of state-sponsored hacking campaigns all around the world, from major actors like China and North Korea to tiny four-person cabals in Eastern Europe unleashing vast clouds of malicious bots for reasons of their own.

All these actors combine to form a vast crowd of opportunists creating millions of strains of malware, splicing and re-combining into “zombie armies” called botnets, which can form cybernetic terrains all their own.
 
“Botnets are highly useful for those seeking to perpetrate cyber-crime or even engage in state-affiliated cyber espionage,” Klimburg writes. “Botnets can be used by hackers for a variety of tasks: they are truly the Swiss army knives of cyber-attacks.”

And alongside malicious human actors there's also the added danger of inhuman actors: malware communicating with malware, bots adapting themselves to other bots, often simulating the kind of artificial intelligence (AI) that no less an authority than Stephen Hawking warned might spell the end of humankind.

Whether its author intends it or not, "The Darkening Web" eventually accumulates the picture of an impending apocalypse, an utterly unwinnable war in which the world's few good guys, in this account, the liberal democracies that are interested in social freedom and the uncensored flow of information, are outgunned, outspent, and outmaneuvered at every stage of what Klimburg refers to as the great cyber game.

The vending machine in your office's cafeteria communicates electronically, automatically and without supervision, with its stocking company when it's running low on snacks; the company's stocking software communicates, again, unsupervised, with the software of its distant suppliers.

Those suppliers have software that communicates with various government regulatory agencies. All of it happens every day, and all of it is hackable. Multiply that a million fold and you have the world of the darkening web.

“This is an Armageddon that all of us in liberal democracies have the power to avert,” Klimburg writes, reminding his readers that “humanity has come together to deal with existential challenges before.”

In the wake of a presidential election hacked by an enemy power, with massive random ware viruses making the news by attacking dozens of countries simultaneously, the note of defiant optimism, however unrealistic, is desperately appreciated.

CS Monitor

You Might Also Read:

Modern Fiction: A Novel  Is Required Reading At The Pentagon:

Dark Territory: The Secret History of Cyber War:

 

« US Police Make Widespread Use Of Facial Recognition Software
Cyber Warfare Opens A New Front Against Civilians »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Consult Hyperion

Consult Hyperion

Consult Hyperion is an independent strategic and technical consultancy specialising in digital identity and secure electronic transactions.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

Identify Security Software

Identify Security Software

Our mission is to bring in a new age of autonomous human authentication in the security and identity space.

Nexusguard

Nexusguard

Nexusguard is at the forefront of the fight against malicious Internet attacks, protecting organizations worldwide from threats to their websites, services, and reputations.

OpenText

OpenText

OpenText is a leader in Enterprise Information Management software and a portfolio of related solutions for Information Governance, Compliance, Information Security and Privacy.

National Cyber Security Agency (NACSA) - Malaysia

National Cyber Security Agency (NACSA) - Malaysia

NACSA is the leading government agency in Malaysia responsible for the development and implementation of national cyber security management policie and strategies.

T-REX

T-REX

T-REX is a coworking space, technology incubator, and entrepreneur resource center for technology startups.

Digitale Gründerinitiative Oberpfalz (DGO)

Digitale Gründerinitiative Oberpfalz (DGO)

Digital Founder Initiative Oberpfalz's goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

Aite-Novarica Group

Aite-Novarica Group

Aite-Novarica's Cybersecurity practice provides ongoing research and advisory services to chief information security officers focused on protecting their companies’ assets.

Stryve

Stryve

Stryve is a leading carbon-neutral provider of specialist cloud and cybersecurity services in Europe.

Regtank Technology

Regtank Technology

Regtank is a one-stop compliance solution for fintechs, navigating compliance, security and risk management.

Archer Technologies

Archer Technologies

Archer helps organizations manage risk in the digital era—uniting stakeholders, integrating technologies and transforming risk into reward.

Amplix

Amplix

In the race to create value for your enterprise, Amplix is your best asset for making technology decisions and optimizing your IT infrastructure, cloud usage, and security posture.

Acuvity

Acuvity

Acuvity is the most comprehensive AI security and governance platform for your employees and applications. Secure your GenAI adoption with confidence.

Seezo

Seezo

Seezo leverages Gen AI to make world-class AppSec accessible to every engineering team.