Tag Archives: cyberwar

We Must Stop The Race to Attribution After Each Cyberattack

Summary: Cybersecurity expert Emilio Iasiello discusses one of the key issues in cybersecurity — how do we determine who attacked us? Each attack brings forth rapid declarations by the government that the attacker is one of their favorite foes. Should we believe them?

businessman working with new modern computer show social network structure

The Race to Attribution Needs to Stop

By Emilio Iasiello
Posted at Dead Drop (of the LookingGlass Cyber Threat Intelligence Group)
30 March 2016. Posted with his gracious permission.

It has become almost systemic for people to immediately question, “Who did it?” when a major breach occurs in the public and/or private sectors. Understandably, the victimized have a keen interest in identifying their faceless attackers especially when they have been publicly exposed. There is also a competitive aspect, as the first person to make attribution can add credibility to his or her name. However, while providing information for public consumption is important, it’s equally as important to provide accurate information.

In the cyber security industry, a commonly heard mantra is that attribution in cyberspace is difficult. Cyber security experts and organizations, and even some government officials, have emphasized this point. If most agree that attribution is difficult and time consuming, why is there invariably a need to immediately attribute hostile activity that may end up being incorrect and misleading?

This is perplexing especially when one considers that some state actors are considered to be sophisticated and stealthy, yet once their operations are exposed, attribution appears relatively easy to assign. This contradicts the general premise of the attribution challenges that cyberspace presents and discounts the anonymization and obfuscation techniques employed by savvy actors to avoid those very identification efforts. Furthermore, reliance on technical evidence as indicators of attribution may become less important as actors may alter timestamps, use different keyboard languages, and change compile times to point blame in a different direction.

Continue reading

About Anonymous – an emerging cyberpower

Summary: Our defense experts obsess over obsolete weapons while non-state groups perfect 4GW and cyberwar, one reason their forecasts for our wars are so often wrong. Unlike supercarriers and stealth fighters, these new forces will shape the 21st century. This post by cybersecurity expert Emilio Iasiello looks at Anonymous, a growing cyber-power.

Anonymous

“Anonymous” –
Balancing Social Consciousness with Civil Disobedience

By Emilio Iasiello
Posted at Dead Drop (of the LookingGlass Cyber Threat Intelligence Group)
28 January 2015. Posted with his gracious permission.

The decentralized hacking enclave “Anonymous” is known for undertaking numerous campaigns that target perceived injustice, as well as cause general digital civil disobedience.  Regardless, the group’s extensive membership is varied and widespread, gaining global attention for its various activities.  The diversity of their campaigns adds to their mystique and further complicates public perception of their motives.

While Anonymous has received significant press from its recent efforts against the Islamic State of Iraq and Syria (ISIS) via the now-splintered offshoot the Ghost Security Group, there are several other campaigns that have slipped under the media’s radar.  A recent article has surfaced highlighting some of these efforts that span across a variety of social issues.  While some of their activities are not looked favorably upon by some, the enigmatic group’s recent engagements potentially demonstrate a maturing evolution into an issues-orientated movement that both thinks and acts globally.

The attention garnered by Anonymous has been important in drawing attention to those issues that may escape the public spotlight.  Some of these include but are not limited to…

Continue reading

Prepare for cyberwar: today’s are small compared to what’s coming

Summary: Here’s a brief look at the state of cyber-conflicts. The first ones have run their course; from them we can guess at the outlines of the larger ones to come. As with nukes and drones, America has laid a path for others to follow. We’ve been bold and innovative, but lawless. We might regret this when others imitate us.  {2nd of 2 posts.}

Cyberspace: a global dynamic environment created by interlocking networks linking people and computers for communication, control, and trade. Like other human domains, it consists of multiple levels — from purely conceptual (e.g., laws, designs) down to the hardware and people that are its material substrate. The term coined by William Gibson in his 1982 story “Burning Chrome“.

cyber war

Contents

  1. Battlefields of the future.
  2. The first cyber conflict.
  3. Playing defense.
  4. Are we beleaguered in cyberspace?
  5. For More Information.

(1)  Battlefields of the future

We have entered a transitional period in the art of war much like that between WWI and WWII, when a new form of war (the 3rd generation) slowly emerged, but military institutions kept their eyes turned to the past. Many armies were slow to develop innovative tactics for their new internal combustion driven engines. Their cavalry units were symbols of this retrovision. Navies lavished their greatest attention on battleships, not the submarines, escorts, and carrier-borne aircraft that would dominate WWII (e.g., aircraft were the “eyes of the fleet”, not its teeth). Communications technology rapidly improved, but the senior officers paid relatively little attention to cryptography and signals intelligence.

Today war-as-usual continues in the emerging nations, but in the developed world it has moved into new realms — with the cutting edge in cyberspace. It’s the age of 4th generation war, waged among state and non-state actors in shifting coalitions, taking many forms…

  • Hacking: probes and parries by people exploring the nature and uses of cyberspace, rapidly expanding in scale, sophistication, and consequences.
  • Raids: the Sony hack and Stuxnet.
  • Conflicts for control: Pirate Bay and the Silk Road.

Continue reading

A clarion call to prepare for cyberwar. But what’s the threat?

Summary:  American professionals writing about national defense are intelligent and well-educated, usually with distinguished careers. But their writings should be datelined “from Oz”. Today we examine another example, about the law of cyberwar.  {1st of 2 posts today.}

CyberCrime

 

Preparing for Cyber War: A Clarion Call

By Michael Schmitt (bio here).
Posted at Just Security, 23 March 2015.

Excerpt:

In every War College in the world, two core principles of military planning are that “hope is not a plan” and “the enemy gets a vote.” Any plan developed without sensitivity to these two maxims is doomed to fail. They apply irrespective of the mode in which the conflict is fought, the nature of the enemy, or the weapons system employed. Unfortunately, some states seem to be disregarding the maxims with respect to cyber operations. They include certain allies and friends around the world, states that the United States will fight alongside during future conflicts. The consequences could prove calamitous, especially in terms of crafting complementary strategies and ensuring interoperability in the battlespace.

… Many states have no position, confidential or public, on when the right of individual or collective self-defense provided for in Article 51 of the UN Charter and customary law applies. Some have yet to maturely grapple with the question of whether international humanitarian law (IHL) applies to cyber operations at all, and for those that have, important questions remain unanswered. These include whether civilian data qualifies as a civilian object enjoying IHL {international humanitarian law} protections, when a cyber operation is an attack in the context of IHL’s assorted targeting rules, and under what circumstances civilians who engage in cyber operations lose their IHL protections from — and during — attacks. Very few states have even considered whether and when a cyber only conflict qualifies as an “armed conflict,” international or non-international, such that IHL applies. This actuality is problematic, since a failure to understand how international law limits or allows cyber operations is a bit like playing football without knowing the rules.

This is sad to read, like so much writing by Americans about geopolitics. It’s not even wrong.

The US (probably with Israel and perhaps other allies) has already made a first strike cyberattack in an undeclared war, on a civilian target (albeit, like so many industrial targets, with dual-use capability). The author ignores this recent history, giving the article an air of unreality — like discussing “how many angels can dance on the head of a pin” .

Continue reading