Cyber Security is now recognized as a high risk priority by governments

Visit the front pageVisit your profilePublish a blog post

 Cyber Security is now recognized as a high risk priority by governments across the globe. This is supported by the fact that the UK Government’s Strategic Defense Spending Review which diverted key funds away from traditional areas of spending to the protection of the UK’s critical national infrastructure from the cyber threat.

 

There is no winner in Cyber warfare

The importance of this shift to a greater focus on Cyber Security was given highlighted by the discovery of STUXNET, the first example of a ‘cyber weapon’ designed to attack an aspect of a nation’s critical national infrastructure.


Strategies

The discussion started with the NATO strategies issue, it was about which options does a country have when it is under attack by a force? 

This was a very delicate issue because what is Cyber warfare is? Well we speak of Cyber warfare at the moment that a country has declared war to the country. So when a country or a force attacks another country without a declaration of warfare it is not Cyber warfare. 

The act of attacking without a declaration of war is classified as Cybercrime. This makes it hard to retaliate because there is no war declared. The next issue that comes along is the fact that even if we do reply with an attack, we could take down an hospital and then we are speaking of collateral damage. Because the aggressor used the hospital network to attack, we retaliate against the hospital.

We will need a global understanding & perspective about the Cyber war attacks. 

Cybercrime is like a paradox. There is no hierarchical system

 

Nightmare of all problems

After an attack (Stuxnet) there are certain points that need to be checked and controlled. You will have to look after : 

  • How did they penetrate the systems

  • You will have to clean the systems

  • The disruption it caused

  • Exploits ? 

  • The mental stress it causes.

 

Regulate

The cyberspace needs to be regulated, but how do you want to regulate the internet while it can't be regulated by a single regulator. Because when we look to the internet we see it as no man’s land (law of the sea), but in fact it is somebody's property, it could be from the government, companies or from civilians.

Transparency

So the world has to agree for transparency. If we need help or information regarding Cyber security the countries should provide them. 

But at the moment there is no transparency, think of the Estonia and Russian conflict.

A Finnish expert, told the Helsingin Sanomat newspaper that it would be difficult to prove the Russian state's responsibility, and that the Kremlin could inflict much more serious cyber-damage if it chose to.

source


 

Open issues

  • The internet traffic regarding Cybercrime has increased rapidly.

  • How can a behavior code be created to use the internet legitimate.

  • If there is an attack going on, and you want to retaliate how will you get the attribution of proof ? 

  • How can we make retaliation possible? 

  • Who is responsible ? 

  • What can we do against sponsored cyber attacks?

  • How can we prevent extremists from recruiting people from the internet? 

  • At a certain point defense will catch up with offensive behavior

  • Creating a global cyber war response team 

If i would shutdown a honey pot because there is a "cyber war" going on, it could affect over 500 servers. And that is the reason why you can't retaliate, because you don't know were the bodies will show up.

 

 

 

Published by:

Reza Rafati's picture

Name
Reza Rafati

Information
Hi, I'm the founder of Cyberwarzone and i'm here to collect and share a lot of information. So stay tuned!

Country
The Netherlands

My website
www.cyberwarzone.com

Twitter:
http://twitter.com/#!/rezarafati