![]() This is the rhetoric we hear from many of the world’s leaders: the problem is cyberwar and we are all fighting one right now. If every attack is potentially an act of war perpetrated by a foreign military, then the logical assumption is that the military needs to be in charge of all cyberdefence, and military problems beg for military solutions. The obvious tendency is to assume the worst. ![]() ![]() This makes defence and national cyberdefence policy difficult. It is not that everything can be defined as cyberwar it is that we are increasingly seeing warlike tactics used in broader cyberconflicts. Unfortunately, when you are being attacked in cyberspace, the two things you often do not know are who is attacking you and why. The legal regime in which any defence operates depends on two things: who is attacking you and why. Depending on the situation, all of these are reasonable choices. Or we can defend ourselves with a variety of commercial products and services. We can call on our national anti-terrorist agency and our corporate lawyers. As members of society, we have several different types of organizations that can defend us from an attack. They all probe cyberdefences and do their best to cover their tracks.ĭespite this, knowing the attacker is vitally important. They all engage in denial-of-service attacks. They are all exploiting the same vulnerabilities, using the same sort of hacking tools, engaging in the same attack tactics, and leaving the same traces behind. In cyberspace, technology is broadly spreading its capability, and everyone is using the same weaponry: hackers, criminals, politically motivated hacktivists, national spies, militaries, even the potential cyberterrorist. When you saw a tank driving down your street, you knew the military was involved because only the military could afford tanks. Ordinarily, you could determine who the attacker was by the weaponry. Further investigative reporting pointed to the United States and Israel as designers and deployers of the worm, although neither country has officially taken credit for it. Subsequent analysis of the worm indicated that it was a well-designed and well-executed cyberweapon, requiring an engineering effort that implied a nation-state sponsor. In Iran, in 2010, the Stuxnet computer worm severely damaged, and possibly destroyed, centrifuge machines in the Natanz uranium enrichment facility, in an effort to set back the Iranian nuclear programme. It was also unclear whether this network was run by an organization of the Chinese Government, or by Chinese nationals for either profit or nationalist reasons. China was the presumed origin of this surveillance network, although the evidence was circumstantial. Called GhostNet, further research found the same network had infiltrated political, economic and media targets in 103 countries. In Dharamsala, India, in 2009, security researchers uncovered a sophisticated surveillance system in the Dalai Lama’s computer network. An ethnic Russian living in Tallinn, who was upset by Estonia’s actions and who had been acting alone, was convicted in an Estonian court for his part in these attacks. Though Russia was blamed for these attacks based on circumstantial evidence, the Russian Government never admitted its involvement. In Estonia, in 2007, during a period of political tensions between the Russian Federation and Estonia, there were a series of denial-of-service cyberattacks against many Estonian websites, including those run by the Estonian Parliament, government ministries, banks, newspapers and television stations. We need to dampen our cyberwar rhetoric, even as we adopt stronger law enforcement policies towards cybersecurity, and work to demilitarize cyberspace. This perturbs national policy and fuels a cyberwar arms race, resulting in more instability and less security for everyone. As a result, nations are classifying all serious cyberattacks as cyberwar. Unfortunately, it is very difficult to identify attackers and their motivations in cyberspace. Whether the examples are called acts of cyberwar, cyberespionage, hacktivism, or cyberterrorism, they all affect national interest, and there is a corresponding call for some sort of national cyberdefence. ![]() Whenever national cybersecurity policy is discussed, the same stories come up again and again.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |