zveloBLOG™ - alerts, discussions, studies, articles, white papers about the latest malware, spam, phishing scams, and other Web threats researched or detected by zveloLABS™.

zveloBLOG

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
Posted by on in Web Security
  • Font size: Larger Smaller
  • Hits: 6760
  • 0 Comments

Playing with Fire: The State of Cyber Attacks and Cyber Warfare

Following reports of cyber-attacks targeting the New York Times in January of 2013, a secretive legal review of the powers available to the president of the United States has brought to light the option of launching preventive cyber-attacks should credible evidence indicating an impending threat against the United States surface. In this context the United States reserves the right to use cyber weaponry with or without an existing state of war. While rhetoric concerning the growth of cyber threats has grown more prominent in the last three years, this is the first instance that a state has been reported to view cyber-instruments as a “preventive” or “deterrent” option. Though heavy investments have been made in the past years, there is no empirical evidence that demonstrates that the United States intends to utilize its cyber-capabilities as announced.

Granted that the reaction seen from officials may be timely, though somewhat exaggerated, owing to the growing number of high profile security incidents, it should be made clear that there is to date no incident within cyberspace that can be defined unequivocally as war or warfare. Most have been confined to the realm of espionage or vandalism. The few cases that displayed “war-like” characteristics, such as Israel’s presumed use of cyber weapons to disable Syrian air defenses in 2007, should not be counted given that the violent outcome was the result of conventional weapons. Similarly, while Stuxnet had the potential of causing significant damage to both equipment and human life, no reports of the latter taking place have surfaced. Consequently, claims from pundits that cyber war is upon us and that this merits such a strong response remains, at this point in time, baseless. In its place, what can clearly be seen is the abject lack of norms and regulations that define permissible behavior of states within cyberspace.

Subsequently, this situation gives rise to cases wherein states continue to act solely by their own accord. Disparate legislation and standards between states coupled with a lack of understanding of this new domain poses serious challenges in regulating and defining what is acceptable. Consequently, this gives rise to widespread cases of cyber-espionage attributed to China, DDoS cyber-attacks from North Korea towards South Korean, and the like. While it is unlikely that the United States would act unilaterally to mitigate an imminent threat in cyberspace as described in the report, the fact of the matter is that there are no mechanisms in place to prevent it from acting as stated should it wish to.

Tagged in: Internet web security

Miguel Alberto Gomez is a contributing writer to zveloBLOG and is an instructor and researcher with the College of Computer Studies at the De La Salle University, Manila, Philippines.

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest 24 Apr 2014