Cyberwarfare: the danger and potential answers

Following comments by, Nick Carter, Chief of the Defence Staff, the most senior uniformed military adviser to the Secretary of State for Defence and the Prime Minister, Information Age quizzed experts on the threat of cyberwarfare and what we can do about it: Cyberwarfare:  the danger and potential answers image

What is cyberwarfare? “A true act of cyberwar would be a wider targeting of critical infrastructure but also incorporate attacks on military infrastructure. For example, the Russian attacks during the Russo-Georgian war over South Ossetia. We have seen and will continue to see cyber-attacks on a nation state level towards other nations to test capabilities impacting infrastructure, industries and government operations. Some recent examples include infecting accounting software with ransomware, taking out power grid operations and impacting national healthcare organisations. The lines are blurred today as attribution is not always clear and detection often takes months if not years in some cases. Cyber is not always timely or immediately visible like a direct hit in traditional attacks like 911 or suicide bombings at cafes or train stations.”
Tom Clare, Sr. manager, product marketing at Fidelis Cybersecurity 

 

“The noble institutions that we created for noble reasons in 1945, were not necessarily created to deal with some of these challenges,” said Nick Carter while talking about the threat of cyberwarfare on the Andrew Marr show. He continued “if you want to protect that multilateral system, that has really secured our security system, stability and prosperity, we need to make sure that it is fit for purpose, for the modern world.”

Is he right about the threat of cyberwarfare?

He was “absolutely right to point out the need for stronger cybersecurity regulations,” said Oz Alashe MBE.  He should know a thing of two about cyberwarfare and its potential threat, he is  a former Lieutenant Colonel in the British Army and UK Special Forces and is now CEO of cybersecurity training software platform, CybSafe.

“What we are seeing is that attackers continue to demonstrate their ability to penetrate the perimeter, steal sensitive data and intellectual property, and disrupt operations. Their attacks are widespread and exacerbated by an unpredictable political climate,” said Kieran O’Driscoll, Defence Business Lead at CyberArk.

We are already seeing “attacks against critical national infrastructure on a daily basis…The National Cyber Security Centre (NCSC)  has said that there may be a level 1 attack hitting the UK, and meddling with elections, this is happening everywhere,” said Max Heinemeyer, Director of Threat Hunting, Darktrace.

When “it comes to acts of cyberwar, organisations and government agencies are facing a well-funded, tenacious, technically able, and highly motivated adversary,” warned Ian Pratt, co-founder and president, Bromium.

“Adversaries have already tried to manipulate elections and target critical infrastructure in Europe and US through cyberattacks. Escalating hostilities – whether by nations or criminals – is one of the most basic rules of human history. The UK is vulnerable to cyberwarfare because many organisations – both in the public and private sectors – are simply bad at doing the basics right,” said Kevin Bocek, VP threat intelligence at Venafi.

What about regulation, do we need a re-boot?

Mike Gillespie – Managing Director and co-founder of Advent IM Ltd, vice president of the The Centre for Strategic Cyberspace + Security Science (CSCSS), warned that:  “The current legislative framework hasn’t been fit for purpose for some time.” He added: “The rate of change in technology is outstripping legislation by a huge margin.”

 

US government hacked again: experts say it’s time for them to take the offensive in the global cyber war imageUS government hacked again: experts say it’s time for them to take the offensive in the global cyber war

State cyber attacks are getting bigger and bolder

“Now that the pitfalls of the cyber world are becoming fully realised,” commented Oz Alashe, “legislation hasn’t caught up.” The former  Lieutenant Colonel said: “There is no recognised legal entity for ‘cyberwar’ [or cyberwarfare].  The international community readily understands and manages physical conflicts, but digital wars don’t merit the same level of attention, even though they can sometimes be just as damaging. Little collaboration takes place on an international level, and consequently, legal enforcement is weak. The cyber world we see today probably isn’t so far removed from the old American wild west; state-sponsored hackers are the modern gunslingers and outlaws.”

“Cybersecurity discussion should be much more prominent at a global level. Only when the effort is internationally concerted can the cyber espionage threat be properly dealt with.”

How should institutions prepare?

“What institutions, of all kinds, need to do is to proactively prepare for attacks,” said Cyberark’s  O’Driscoll, “not adopt a wait-and-see approach. The pace of technological change is expanding the attack surface, making it easier for the persistent attacker to find a way into the network. Privileged access is everywhere, from deep within IT infrastructure, right through to the endpoint. We must focus less on the ‘who’ but the ‘how’ in order to protect this privileged access from exposure.”

Ian Pratt, from Bromium said: “The cybersecurity industry must play an active role in defending against these adversaries. During peacetime, these actors will focus on staying hidden and taking time to obtain state secrets and insert backdoors, ensuring long-term access. During times of cyberwarfare, actors will attempt to destroy or corrupt data in lightning fast fashion, giving no chance to react.

“Security teams need to hunt for threats in the system to reduce the time hackers have access to unauthorised systems and limit the damage from a breach. However, if the industry is to help win this game of cat and mouse, we need to get better at spotting the clues. Government agencies and organisations boast millions of employees across the globe, offering a large and porous attack surface to exploit. Providing protection in this environment is challenging, because despite collecting data from monitoring tools, security teams often can’t see the big picture. This is because these tools work in isolation, meaning that security teams focus on putting out fires instead of proactively hunting for threats in the network.

“Defeating cyberwarfare attacks requires the ability to isolate any potential threat. If we’re ever going to be able to defend against acts of cyberwarfare, the industry needs to help security teams to combine best of breed security solutions into one harmonised, layered stack that utilises application isolation and containment. This approach prevents damage to the real system, capturing threats within a VM, allowing security teams to see how it behaves, what actions it tries to execute and the data it wants to compromise. This real-time threat intelligence gives a clearer picture of intent and can identify systems that have been compromised and must be remediated, retrofitting protection to other systems. By turning a traditional weakness (the user) into an intelligence-gathering strength, security teams can hunt and prevent threats.”

The good guys are losing the cyber war but is the tide changing? imageThe good guys are losing the cyber war but is the tide changing?

The majority of CIOs believe they are losing the battle against cyber crime, according to a Bromium study

Tom Clare, product marketing at Fidelis Cybersecurity,  says that industry “will have a critical role in a defence capacity.”  He explained:  “We know that in the event of conflict, that private industry will be targeted. It goes beyond the Defence Industrial Base. Critical infrastructure will be targeted. Financial services will be targeted. Healthcare will be targeted. We would see more information influence campaigns. These are private industries. However, the professionals working security in these industries are extremely good at what they do. They see a large majority of the attack types and work diligently at safeguarding their infrastructure and data held within.”

The AI weapon of attack and defence

“With increasing developments in automation, machine learning and AI, cyber tools are becoming the new WMDs; able to strike not just one nation but many and often and with machine learning, we should all be concerned that nation states, both hostile and our own, appear to view offensive cyber as a legitimate weapon. A weapon that none of the established conventions on war ever considered. Cyber should be now viewed alongside germ and chemical warfare as abhorrent and unacceptable and the international security community needs to act to address this deficiency in existing international controls,” said Advent IM’s Gillespie.

Darktrace’s Heinemeyer, sees AI as a potential solution to cyberwarfare, he said: “If you think about how you secure yourself with a global problem becoming a nationwide problem, while we have this skills shortage, you can’t just throw more and more people at it, it doesn’t scale, it’s too big a topic. That is why we fundamentally believe at Darktrace that we have to leverage machine learning and artificial intelligence…to do the heavy lifting for us.”

 

Phishing attacks — can AI help people provide a fix? imagePhishing attacks — can AI help people provide a fix?

AI isn’t quite like having a cyber security expert on your shoulder, but it could be the next best thing, Paul Chapman, co-founder of Cybershield, told us.

A potential lull

Then again, Stephen Gailey, Solutions Architect at Exabeam, sees a potential lull. He explained: “One of the features of recent years has been attacks launched by nation states. An easy prediction might be that these will increase, but for the first time in a very long time, we may actually see a lull in nation state attacks.

“The West and NATO’s change in policy went from refusing to comment – for fear that their techniques and intelligence sources might be compromised – to actually calling out and naming names, seems to be having an effect. Russia finds itself severely impacted by this new approach, particularly with the support it is getting from crowd sourced investigators who have then exposed large portions of the GRU’s staff.

“Longer term, however, the use of cyber-warfare does seem to be a tempting weapon to use given its effectiveness, particularly against the more open West. The first half of 2019 will see a decline in nation state sponsored attacks, with a probable increase towards the end of the year, as Russia regroups and China and other states retrench their operations.

Back to AI

Gailey also sees a key role for AI. He said: “Analytics, machine learning and AI will play an important part in defending against these threats. These tools are already available, though their take up has often been delayed by a failure to match these new capabilities with appropriate new workflows and SOC practices. Next year should see some of the pretenders – those claiming to use these techniques but actually using last generation’s correlation and alert techniques in disguise – fall away, allowing the real innovators in this field to begin to dominate. This is likely to lead to some acquisitions, as the large incumbents, who have struggled to develop this technology, seek to buy it instead.”

On the potentially offensive capacity of the cybersecurity industry in a cyberwarfare scenario

Tom Clare said: “Offensive capabilities should be leveraged only by those charged with that mission. However, collaboration is possible, and is happening. There is a relationship between military cyber operations and venture capital to fund and develop new cybersecurity solutions.  A prime example is deception defences with many individuals from the IDF 8200 unit (Israeli Intelligence) in key leadership roles at start-ups developing deception defences for commercial and federal use.  Most cyber defence solutions can be transformed into a cyber defence or offence with a small effort of creative thinking.”

Machine Identities

Kevin Bocek said “Defences that most organisations have in place are useless against a whole set of attacks involving machines and their use of encryption. Last year around 40% of attacks came through encrypted traffic, a figure that would be unthinkable if organisations had a proper grip of whether the identities of these machines communicating via encryption should be trusted or not.

“With security teams being pulled from pillar to post by constant attacks, they don’t have the time to take care of a number of key precautions. And it’s precisely these oversights which can let attackers in! Nick Carter’s comments should serve as a reminder for all organisations to get a handle on their machine identities immediately – otherwise they are simply laying out a welcome mat for those who want to do us harm.”

The elephant in the living room of the future

It is clear that the the threat of cyberwarfare is growing.  But what none of our experts referred to, maybe because it is more theoretical at the moment, is what might happen when quantum computing becomes a reality, with the prospect of it being able to hack into any computer system in the world within seconds. The only solution might be quantum computers designed to resist quantum computers and so the cyberwarfare arms race is ratched up, and we are all poorer as a result.

 

 

 

 

 

 

 

 

 

Latest news

divider
Technology
Taking stock of the turbulent tech markets

Taking stock of the turbulent tech markets

14 December 2018 / There is one simple measurement for how ubiquitous technology has become in recent years. Today, [...]

divider
Blockchain
Blockchain and Facebook could be near, but what are the benefits?

Blockchain and Facebook could be near, but what are the benefits?

13 December 2018 / Mark Zuckerberg never did actually say Facebook was adopting blockchain. But he did say that [...]

divider
Telecoms
Top 3 telecom trends for 2019

Top 3 telecom trends for 2019

13 December 2018 / Consumer-driven data consumption, fuelled by the mobile and broadband services in IoT devices, which have [...]

divider
AI & Machine Learning
AI and investing: The artificial intelligence analytical revolution

AI and investing: The artificial intelligence analytical revolution

13 December 2018 / Over the past 20 years, investment management has undergone an aggregation revolution, where advances in [...]

divider
Data Protection & Privacy
We risk a digital crisis in 2019 akin to the 2008 banking crisis, warns data privacy lawyer

We risk a digital crisis in 2019 akin to the 2008 banking crisis, warns data privacy lawyer

13 December 2018 / A divergence is opening up in data privacy: on the one hand, you have the [...]

divider
People Moves
Avon appoints chief financial officer

Avon appoints chief financial officer

13 December 2018 / Gustavo Arnal has been appointed as executive vice president and chief financial officer of Avon, [...]

divider
Digital Transformation
Is digital disruption an opportunity or a hindrance?

Is digital disruption an opportunity or a hindrance?

13 December 2018 / There’s no denying that technology has been the most significant disruptive force in business across [...]

divider
Business Skills
How to develop a data culture within your organisation

How to develop a data culture within your organisation

13 December 2018 / The CDO’s leadership challenge CDOs — or anyone with a CDO mandate — are normally [...]

divider
Diversity
Nominations open for the inaugural Women in IT Awards Asia 2019!

Nominations open for the inaugural Women in IT Awards Asia 2019!

13 December 2018 / As part of the Women in IT Awards Series, we are today announcing that nominations [...]

Do NOT follow this link or you will be banned from the site!
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
modal close image
modal header

Top five trends for harnessing data in 2019

Day 1 of our tech advent calendar – From data storytelling to using data for good, James Eiloart from Tableau gives his take on the top trends in harnessing data as we head into 2019.

default

modal header

Top five business analytics intelligence trends for 2019

From explainable AI to natural language humanising data analytics, James Eiloart from Tableau gives his take on the top trends in business analytics intelligence as we head into 2019

 

Download

default

modal header

Recruitment trends in tech for 2019: Machine learning, AI and predictive analytics

 

Major changes are occurring in the ways human resources and other related professionals find the right people for open positions. Kayla Matthews looks at recruitment trends in tech.

 

 

default

modal header

2018 tech predictions: what we got right (and wrong)

Ben Rafferty, Global Solutions Director at Semafone looks at what technology predictions we got right this year, and what ones we got wrong.

 

modal header

Will 2019 see the automation of automation and push up salaries of data scientists? 

2019 will see the start of two dramatic changes applying to data scientists: and in an interview, Jeremy Achin, CEO of DataRobot told Information Age more.

default

modal header

The top 5 data centre trends for 2019: Edge will drive change

Vertiv experts anticipate self-sufficient, self-healing edge in service of IoT and the emergence of 5G, as some of then top trends for data centres in 2019.

modal header

The top 10 infrastructure and operations trends for 2019, according to Gartner

Serverless computing, AI, network agility, edge computing, the death of the data centre, new roles, SaaS denial, talent management and global infrastructure drive the Gartner top 10 infrastructure and operations trends for 2019.

modal header

Seven existential threats to your organisation’s cyber defences in 2019

Hackers are getting smarter, meaning that businesses need to get smarter with cyber defences. Jumio\\\’s Labhesh Patel outlines seven threats

 

Download

modal header

The continuing rise of mobile edge computing, 5G and IoT security, hot topics for 2019

IoT a new cyber battleground, the rise of mobile edge computing and the arrival of 5G, Nick Offin from Toshiba gazes into his crystal ball with predictions for 2019

default

modal header

Tech predictions from The Economist in 2019: Facial recognition to AI regulation

In this exclusive for Information Age, a team of editors from The Economist\’s World In 2019 provide tech predictions for 2019. Read here

 

default

modal header
modal header

Online security predictions for 2019: From cryptojacking to MiTB attacks

Pedro Fortuna, CTO and founder of Jscrambler, provides his online security predictions for 2019 — can it get any worse? Read here

modal header

We risk a digital crisis in 2019 akin to the 2008 banking crisis, warns data privacy lawyer

The 2019 digital crisis, data privacy charlatans and the good guys with an ethical approach: data privacy will diverge in 2019 says privacy lawyer.

default

modal header

Xmas is coming!

We wanna celebrate with you that xmas is almost here and so we are offering you this special gift. Go and download it!

Download

Nominations are now open for Women in IT Awards Asia

 

The Women in IT Awards Series  is the technology world’s most prominent and influential diversity program.

 

On 29 May 2019, the awards will come to Asia for the first time ever, taking place in Singapore. Nominations are now open for these prestigious awards.

 

Click here to nominate
yourself, a colleague or peer!
 

You have Successfully Subscribed!

Pin It on Pinterest