…The truth is that the target surface is potentially so great, with our inter-tangled and complex supply chains and economic ecosystems, that full spectrum defense is almost impossible – like catching rainwater in a sieve.
Offensive capabilities on all sides will advance so quickly, with defense and security already struggling to keep pace, that escalation will be the most likely outcome. Let he who is free of vulnerabilities cast the first exploit. Or to put it another way, you shouldn’t be throwing stones when you are sitting in a greenhouse. This rule will apply to some more than others – after all, who is going to take punitive measures against one of the superpowers if they catch them with their fingers in the digital cookie jar?
It is precisely because of the ambiguities and problems of definition and categorization that an International Agreement on acceptable and agreed cyber operations is the wisest and safest course of action.
The real dangers lie in starting a pointless arms race that may tie up useful resources and know-how where no one can really hope to be the real winners, leading to the escalation to economic and eventually physical confrontation. It must be clear to everyone that strong offensive cyberwar capabilities will not be of any benefit, if you are unable to sufficiently secure or defend your own assets as well. Although nuclear arms and cyberweapons have little in common, without international agreement one could lead to the other.
23/12-12 On a editors personal note!: If you wish to read the whole article (you really should!). Which is in my book brilliant articulated questions, where the concluding arguments came from. I highly recommend, that you read the entire, thought-provoking and perhaps ‘debat kick-in-the-back-take-off‘, that we IMHO really need to have ASAP! Please click here for the entire Securityweek ‘memorandum’, on this for some reason to most highly “Toxic” subject/question.
The issue an avalanche, that grows stronger and more volatile every day we waist trying to avoid it! There is however a few important additional issues, the article for me disappointingly do not mention? The presence of a number of ‘non state’/rouge, criminal & generally not likely to neither sign or respect internationally binding agreements players. Who I think are missing in the articles picture/puzzle. They should IMHO also be among one of the pieces in this complex puzzle.
They are unpredictable, ruthless, often young ‘big ego’/short fuse types, living fast and on the edge. And many prone to engage in virtual warfare & international ‘pain in the necks’ politics with a sizeable amount of resources. Some might remember a Baltic nation suffered severe DDoS attack inflicted Inet-outages, lasting for weeks- All this a response from these ‘hot-heads’. Caused by, as I recall it, a emotional decision re. a removal of a Russian soilders statue from a ‘significant to a few ‘ big square’ in a city. to a remote location. If we are to believe the explanation of the baddys being, overly emotional large bot-net owners from ‘you know where’!?. That was the explanation we got & some accepted, from various media-outlets ‘back then’!?
Then we have in fact quite big challenges ahead of us, strengthening the defences, improving _a lot_, on the tracking, confirming enemy id and ASAP eliminate ‘front’. And big giant step on the international co-operation front. And exactly whom, and how are one to deal with them when necessary? And that day will come, in fact it already came and left again. It happened in the recent ‘never ending, quite annoying’ Israel/Palestinian conflict. We saw for the first ever the entry of a rouge 3′rd player. A completely, multi-geo-fragmented, leaderless, with no location to pulverise when wanted/needed, the ‘non-state and virtual’ digital potent dissident army(s).
Although Israel come through the ‘debut’ quite well. It is well worth mentioning they have a long & much experience & much solid know-how on the Cyber-war front. Many equally sized nations, would not have come out that experience, so fairly undamaged. Other smaller and more fragile nations, would perhaps get some really big problems when the ‘red-dot’ comes for them one day, anytime?
Please discuss..
The Active Defense Folly: Exploring The Cyberwar Doctrine Debate! Must read!
Ingen kommentarer:
Send en kommentar