This lack of clarity is troubling. "We're nowhere near where our policy makers believe we are or want us to think we are," says Anup Ghosh, a research professor and chief scientist at George Mason University's Center for Secure Information Systems in Fairfax, Va. "Internet Protocol (IP) was never designed with strong attribution properties. There's no connection between an IP address and an individual."
In cyberspace, it is easy to masquerade as someone else. "As naked as we are in security, so is China," says Ghosh, also co-founder and CEO of cybersecurity technology maker Invincea. "Their security might even be worse than ours, which is pretty sad. It wouldn't be hard to use China as a jumping-off point if you're in organized crime or another nation state looking to cause some saber rattling between China and the U.S."
Much of the U.S.'s current tension with China comes from Google's claims that recent hacker attempts to steal Gmail user passwords appeared to have originated from China. "Google is a very secure company, so when they are attacked we should stand up and take notice," says O. Sami Saydjari, a former Pentagon cyber expert who now runs a consultancy called Cyber Defense Agency. At the national level, however, "clearly you want to be able to attribute an attack with a degree of certainty before you respond with military action," he adds.
Internet agencies such as the Internet Corporation for Assigned Names and Numbers (ICANN) might be a reasonable place to start when trying to improve cybersecurity and avoid international cyberconflicts, but essentially this is a problem requiring input from the U.S. State Department and international policy makers and perhaps even something along the lines of an Internet Geneva Convention, Saydjari says. "One option is to make countries [that are] unwilling to trace the source of cyberattacks coming from within their borders accountable for the results of those attacks," he adds. "We also need more think tanks in this space such [as] we had during the cold war, where analysts discussed the consequences of nuclear weapons and mutually assured destruction."
If the U.S. chooses to enter a new war with another country within the next decade, there will be cyberweapons deployed under the guidance of cyberdoctrine to scramble communications and otherwise disrupt the enemy, Bronk says. "I would assume that the cyberattacks that we would consider as acts of warfare would be clandestine in nature, with Stuxnet being an example of how this might happen," he adds, referring to the highly sophisticated Microsoft Windows computer worm that made headlines last year when it attacked targets in Iran, leading to speculation that it was developed by the U.S. or Israel.
The threat of cyberwar "is like any great security problem; the key is not to either overreact or underreact but [to] have a calibrated response based on the knowledge we hold," Bronk says. "The problem is our knowledge is very, very limited. This is the infancy of this issue."
Subscription Center
See what we're tweeting about
4 Comments
Add CommentI basically agree with the views somebody expressed here (http://www.whitehousevoice.com/Kazmarek/Proposals/Security-Communities-Program-States-vs-Government-1133) saying it was much more realistic to develop a policy to counter non-state actors attacks than to focus on the response to frontal attacks from other countries. I agree its a priority to update and develop strategy against cyber-attacks, but do it according to the real threats today. What are the threats today? Well, lets see, we have Wikileaks, Anonymous and so on. Are they backed by another country? Maybe. Is there enough evidence to call that country out and declare it an "act of war"? No, and i donĀ“t think any country will be foolish enough to leave their tracks.....
Reply | Report Abuse | Link to thisWITH REGARDS TO THE CYBERWARS WHOSE ARSENAL IS BEING PREPARED IN EVERY BIG NATION WE NEED TO CONSIDER A MAJOR POINT WHICH IS HIGHLIGHTED IN THE PARA THAT IT IS PRACTICALLY VERY DIFFICULT TO TRACK THE POINT OF ATTACK AS VARIOUS IPS ARE BEING USED AS COVER.SO, PRIOR TO PREPARING FOR THE CYBERATTACK ONE NEEDS TO SEE IF ONE CAN OUTTHINK THE CYBERCRIMINALS.
Reply | Report Abuse | Link to thisThe real danger about preparing for state-sponsored cyber war is in not being ready. Once a state-actor wishes to launch an attack, it is woefully too late to act.
Reply | Report Abuse | Link to thisPearl Harbor anyone? 9/11?
It's vigilance or death. Your choice. Enjoy your peace and tranquility and someday; "I'm sorry Dave, I can't do that."
A network guy once put it quite simply to me: "cut the cable to the ip address the attack is coming from". I have no idea how feasible that is but it would obviously work.
Reply | Report Abuse | Link to this