[Dailydave] More Tallinn excitement.

dave aitel dave at immunityinc.com
Thu Jun 9 11:36:05 EDT 2016 

Ok, so I wanted to point out another hilarious example where people in
the policy space, as they always do, start off by stating that YES, they
are still relevant even in the "Cyber" age. :) Of course, I love his
summary directly contradicting the keynote, which had more strategic
depth than you can normally expect. The Estonian President, as you might
expect, has the kind of deep thinking on cyber that you get from staring
down the barrel of  Russian teams for a number of years.

-dave


06 June 2016


  Cyber in Tallinn

Edward Lucas <http://cepa.org/experts/edward-lucas> via
http://cepa.org/Cyber-in-Tallinn

“Cyber” implies a world apart—like outer space—in which normal rules
don’t apply. In fact, the reverse is true. Every bit of real life—from
the criminal justice system to social norms, via military force and
political activism—impinges on the way computers and networks operate.
And computers and networks increasingly affect them too.
For this reason, CyCon, the annual conference organized by the NATO
Cooperative Cyber Defence Centre of Excellence in Tallinn, is
particularly interesting. It attracts technical experts, but also
lawyers, business people, spymasters, academics and journalists, all of
whom have a stake in the way in which the rules of the internet are
made, and how they are applied.

My panel was about the lessons learned from past cyber-conflicts. One
message was that thinking about dividing lines is a mistake.
“Cyber-attacks” sit on a spectrum. At one end is a “pure” cyber-attack:
one that never becomes public, and has no “kinetic” effect: it doesn’t
break things or blow them up. I gave the fanciful but pleasing example
of a bug in Vladimir Putin’s nuclear “football” – the portable command
system which launches Russia’s nuclear weapons. If that top-secret
device could be made to play the “Star Spangled Banner” at random
intervals, the Kremlin would assume that its nuclear deterrent was
unusable in a crisis. But nobody would ever know.

Sometimes the aim is to spread information: computers and networks can
be an essential part of propaganda attacks, as the NATO Centre in
Tallinn has highlighted, in an excellent book on Russia’s war in
Ukraine. Conceivable, but still for now in the realm of fiction, are
attacks on critical national infrastructure that make the lights go out,
or sewage systems run backwards.

It is easy to focus too much on the technical details. The main point I
tried to get across at CyCon was that “cyber” is a vector—a direction of
attack—but not the attack itself. The most mind-clearing way to look at
events involving computers and networks is to ask who is the
perpetrator, who is the victim, and what is the objective.

Take for example the crude swamping attack mounted by Russian hackers on
Estonia in 2007. This was effective in the short term—the country had
briefly to cut itself off from the outside internet in order to maintain
public services. Many outside observers count that as an example of
successful cyber-warfare. But Russia’s tactical triumph belies a
strategic defeat. If the aim of the attack was to force Estonia’s
government to back down, it failed: the Soviet war memorial at the
center of the dispute stayed in the military cemetery to which it had
been moved. If the aim of the attack was to display intimidatory
capabilities, that failed too: the Estonian internet rapidly returned to
normal and Estonia gained plaudits for its resilience. Thereafter
expertise in dealing with swamping attacks (DDoS in geek-speak) mushroomed.

It can be hard to know if an attack is taking place. My co-panellist,
the British expert Keir Giles, highlighted mysterious events in Sweden
in recent days, affecting emergency communications systems, air-traffic
control, the rail travel booking system, banking and payment systems, as
well as DDoS attacks on the media, and sabotage to the national
communications infrastructure. Some Swedes in the audience insisted:
these are all unrelated. Perhaps they are.

Either way, the damage is done. It’s enough for people to believe that
the system is vulnerable and that Russia’s hidden hand is at work—even
if it isn’t. As Giles pointed out: the effect “in terms of loss of
security confidence and trust is pretty much the same.”

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20160609/402e8509/attachment.html>

More information about the Dailydave mailing list