Cybersecurity is a very weird area, mostly out of sight yet potentially very deadly. Anonymous groups can turn off traffic lights, telecom infrastructure, power grids, or disrupt weapons labs, as the US and Israel allegedly did when it used a cyber-weapon to cripple Iranian nuclear facilities in 2010.
Bank regulators have to now consult with top military leaders about whether deposit insurance covers incidents where hackers destroy all bank records, and what that would mean operationally. It’s not obvious whether this stuff is cyberwar, cyberespionage or something else, but everyone knows that the next war will be comprised of new tactics based on hacking the systems of one’s adversary even using code placed in those systems during peacetime!
And that makes the SolarWinds hack last December quite scary, even if we don’t see the full effects right now. While political leaders have considered reprisals against Russia, it’s likely they will not engage in much retaliation we can see on the surface. There is a lot of finger-pointing still going on in the US government and in cybersecurity circles about what happened and why.
There are all of the standard questions that military and cyber lawyers love, like whether this hack is cyberwar, cyberespionage, or something legally ambiguous. The most interesting part of the cybersecurity problem is that it isn’t purely about government capacity at all; private-sector corporations maintain and control critical infrastructure that is in this new “battlespace.”
I’m talking about telecommunications, energy and high tech companies. Private firms like Microsoft, in particular, are being heavily scrutinised because of the prevalence of its Windows OS in many corporate and government offices.
The question remains – why don’t these large firms manage their security problems particularly well? And yet these companies have no a ..
Support the originator by clicking the read the rest link below.
