Cyber war: Modern warfare 2.0
This is no game. Call it Modern Warfare 2.0 or call it cyber war, the reality is that everyone is talking about it. But what is cyber war, are we fighting one and how can businesses best protect themselves from the fallout?
Anyone with an interest in technology and politics would need to be living in a cave not to have noticed an alarming increase in cyber war rhetoric of late.
On one hand we have the House of Lords claiming the 'electronic defences' of the UK would survive a cyber attack, and on the other Baroness Neville-Jones, Shadow Security Minister and National Security Adviser to David Cameron, telling us "neither the government nor the private sector can completely control or protect the country's information infrastructure".
And things are just as confused in America where Michael McConnell, a former Director of National Intelligence reckons that the US is engaged in a cyber war it's losing while President Obama's new cyber security csar, Howard Schmidt, insists there's no cyber war and what's more it's a terrible concept to begin with.
No wonder the man on the street is confused if even the people who are supposedly closest to the front line cannot agree on anything.
Let's see if the experts can agree, at least, on the definition of cyber war.
The Bipartisan Policy Centre simulated a full of cyber attack recently under the name of 'Cyber Shockwave' and as a result of that simulation some security experts have been calling on the government to establish firm definitions of cyber war so that a legally justifiable response can be considered.
Dr Prescott Winter, former chief technology officer (CTO) of the National Security Agency (NSA) and currently CTO for Public Sector at ArcSight, told us that cyber war has been extremely difficult to define, confiding that the US government has been wrestling with the problem for some time "without coming to a clear answer".
The problem, according to Dr Winter, is one of determining the ultimate origin of the hostile actions or their intent, of establishing unambiguous attribution.
"This is because an attack can be launched from computers other than those of the attacker, often with multiple levels of concealment," he explains, concluding that it makes it very difficult to determine if an act is criminal, espionage related or one of warfare.
Neil Fisher, vice president of global security solutions at Unisys and with a British Army background as well as having previously worked for a defence research organisation, goes further and argues that the term "cyber war" is nonsense from a legal perspective.
"To be in a legal state of war," Fisher told IT PRO "you must formally declare war."
A more accurate term would be cyber conflict perhaps, which is governed by the rule of law, not the law of war.
"Cyber conflict," Fisher continues, "is essentially the ability to affect the information flowing through the information infrastructure to cause damage to your adversary."
In This Article
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now