After a quick read about the most recently reported cyberattacks in a Microsoft blog (link below) and I have to say that the analysis looks quite sobering truly in terms of our abilities to defend against these attacks; this 4 years on from U.S. & French election meddling and of course not to forget our special BREXIT cracker that saw the same level of crackers . This indeed is an area of policy that needs to take top priority but unlike other policy areas this needs a level of sophistication & coordination unlike any other to be successful. That said any such strategy begins with fixing/strengthening our own national laws in terms of developing clear/firm/consistent regulations to help root out any form of support – passive or active – to these forms of attack. This also needs to be backed with stronger prosecutorial powers to go after companies & individuals who are engaged in such activities at any level or who seek to undermine – actively or passively – our security however up the political chain they happen to be because this amounts to treason pure/simple. In other words if we are unwilling to take measures to uphold/promote our national security internally no level of coordination with allies can work; political reform/accountability is a big part of the story here. The other part of the story has to be our defensive/offensive strategies which in my opinion lack consistency/equilibrium; economic and political sanctions have to be doubled because we cannot allow a business as usual approach in dealing with states involved in such activity under any pretext (insignificant diplomatic sanctions is nothing but a joke). What is needed is a technological / economic pressure-cooker of quarantine that is effective and can be applied defensively and offensively where required. Anyway this is quite a complicated topic and there is plenty of expertise out there to guide us through establishing an effective strategy to deal with this; we just need to give them both the space and the right setting to do their work far away from any political distortions.
The fact of the matter is that the Information Age that gave us plenty of Pride/Expectation for a better more promising future is under threat from becoming the Disinformation / Hacking Age that is mostly about conflict/disruption. We really need to STOP just taking notice & BEGIN taking effective action through Strategy NOT Reaction.
Extracts from the Report
- The attack unfortunately represents a broad and successful espionage-based assault on both the confidential information of the U.S. Government and the tech tools used by firms to protect them.
- This is not “espionage as usual,” even in the digital age. Instead, it represents an act of recklessness that created a serious technological vulnerability for the United States and the world.
- Opportunity to augment human capabilities with artificial intelligence (AI): One of the more chilling developments this year has been what appears to be new steps to use AI to weaponize large stolen datasets about individuals and spread targeted disinformation using text messages and encrypted messaging apps.
- NSO Group, based in Israel and now involved in U.S. litigation. NSO created and sold to governments an app called Pegasus. NSO represents the increasing confluence between sophisticated private-sector technology and nation-state attackers. Its argument is that it is immune from U.S. law because it is acting on behalf of a foreign government customer and hence shares that government’s legal immunity. (to me this is absolutely mind boggling that this situation is allowed to occur-given a pass)
- Intersection between cyberattacks and COVID-19 itself: Cyberattackers took aim at hospitals and public health authorities, from local governments to the World Health Organization (WHO).
- In a world where authoritarian countries are launching cyberattacks against the world’s democracies, it is more important than ever for democratic governments to work together – sharing information and best practices, and coordinating not just on cybersecurity protection but on defensive measures and responses.
- Cybersecurity threats also require a unique level of collaboration between the public and private sectors. Today’s technology infrastructure, from data centers to fiberoptic cables, is most often owned and operated by private companies.
- We need to take a major step forward in the sharing and analysis of threat intelligence; “unifying strategic intelligence” and moving from the “need to know” to the “need to share.” Instead of encouraging a “need to share,” what we see are regulations that turn information sharing into a breach of contract.
- Cybersecurity threat intelligence exists in even more disconnected silos than more traditional information about national security threats.
- While there needs to be important safeguards to protect government secrets and private citizens’ privacy, the time has come for a more systemic and innovative approach to the sharing and analysis of threat intelligence with those best positioned to act.
- We need to strengthen international rules to put reckless nation-state behavior out of bounds and ensure that domestic laws thwart the rise of the cyberattack ecosystem.
- U.S. government and its allies need to make crystal clear their views that this type of supply chain attack falls outside the bounds of international law.
- We need stronger steps to hold nation-states accountable for cyberattacks.
- Coalition of more than 145 global technology companies have signed on to the Cybersecurity Tech Accord – committing themselves to upholding four principles of responsible behavior to promote peace and security online. (self-regulation is useful/important piece of the puzzle but not enough)
Related Article
A moment of reckoning: the need for a strong and global cybersecurity response