Slashdot Mirror
The Global Struggle To Prevent Cyberwar
blottsie writes: What constitutes war in the 21st century? In an age of almost constant cyberattacks against major corporations and world governments, the consensus among international-law experts is clear: Nobody knows. This sweeping Daily Dot investigation explores the ongoing struggle to define "cyberwar," the increasing geopolitical aggression in cyberspace, and the major players now attempting to write the rules of online battlefields before it's too late.
"Technical experts and legal scholars repeatedly stress that the idea of a 'cyber Pearl Harbor'—a devastating sneak attack on U.S. infrastructure by a powerful state actor that launched a sustained international conflict—is wildly overblown. Right now, Watts said, 'states bite at one another’s ankles in a way to impede progress or to harass them,' but 'as for the likelihood of a major cyber war, I would rate it pretty low.'
Cyber armageddon may be extremely unlikely, but the many attacks below the level of formal armed conflict have still extracted a staggering price, in both economic and political terms. ... For starters, cyber-arms control is effectively hopeless. There’s no point, experts say, in trying to contain the spread of offensive cyber technology. Instead, the best hope for international law is to focus on reducing the incentives for malicious behavior."
"Technical experts and legal scholars repeatedly stress that the idea of a 'cyber Pearl Harbor'—a devastating sneak attack on U.S. infrastructure by a powerful state actor that launched a sustained international conflict—is wildly overblown. Right now, Watts said, 'states bite at one another’s ankles in a way to impede progress or to harass them,' but 'as for the likelihood of a major cyber war, I would rate it pretty low.'
Cyber armageddon may be extremely unlikely, but the many attacks below the level of formal armed conflict have still extracted a staggering price, in both economic and political terms. ... For starters, cyber-arms control is effectively hopeless. There’s no point, experts say, in trying to contain the spread of offensive cyber technology. Instead, the best hope for international law is to focus on reducing the incentives for malicious behavior."
The nature of mankind is conflict. When we had rocks, we threw rocks. When we had bombs, we dropped bombs. When we had nuclear weapons we stepped back a bit, continued with the rocks and bombs and added computers.
May you live in interesting times.
Faster! Faster! Faster would be better!
Prevent? No, the cyberwar has long since started, and I fear the forces of good are steadily losing.
We continue to fight the good fight, straining endlessly against the sea of foes in the cyberwar - against politicians, government staff, corporate drones, PHBs, and even the tech journalists that have betrayed us. Standing with us, but a few ragged, weary veterans of the IT industry - the programmers, the sysadmins, the network engineers, struggling valiantly in our constant fight to get people to stop putting the prefix "cyber" in front of anything and everything.
Sounds like the Mr. Robot conspiracy.
I've read and heard policy makers making suggestions that locking down Internet borders in similar fashion to China. Doing this would be like taking 10 steps back from globalization. I would argue that it's a bad thing while others would encourage it.
I'm not a cross continent internet connectivity expert but I would assume traffic source can easily be identified. If a country is known for causing havoc, their connectivity should be limited to none or at least regulated. I know this doesn't stop all perpetrators but it complicates the process hence removing some of the culprits.
We host an IIS server and we have put "honey pots" that hackers have been hitting regularly. 90% of the traffic comes from China and Iran with the other 10% being local (which could be proxies for all we know)
Will we ever see "internet sanctions" where nations have their Internet access to the US limited or blocked?
Building a wall to keep out your enemies didn't work with the Picts or the Manchus. It won't work here either. Most security threats are domestic, and many compromises are internal. Snowden didn't penetrate the NSA. He worked for them. The solution is more pervasive encryption (something the US opposes), better compartmentalization, better endpoint security, better penetration testing of both software and human factors, and taking critical information offline. The emergence of "ransomware" also helps, because it gives more people a motivation to improve their habits and demand more secure systems.
We've become way too dependent on the internet and the idea that it will always be there and can always be relied on and trusted. Cyberwar, for all its negative outcomes, might at least teach a lot of industries, government agencies, systems engineers, etc. that there should ALWAYS BE A BACKUP OFF THE NETWORK and that there should always be a plan to isolate any system from the grid. No important system should be utterly dependent and totally on the internet or even an internal network.
I'm not saying we have to go all William Adama and forgo the internet altogether. But we should definitely end this idea that the internet (or any network) infrastructure is always reliable and always friendly.
SJW's don't eliminate discrimination. They just expropriate it for themselves.