The Business-Technology Weave

Feb 6 2013   9:24AM GMT

Cyberwar: A consideration for business protections?



Posted by: David Scott
Tags:
cyber attack
cyber awareness
cyber crime
cyber espionage
cyber monday
cyber security
cyber security and government
cyber terror
cyber terrorism
cyber threat
cyber training
cyber war
cyber warfare
cyber-cop
cyber-spying
cybercop
cybercrime
cybersecurity
cyberspying
cyberterror
cyberwar
cyberwarfare

Hey, don’t blame me; no fan of war, I.  But people are actually speculating on the nature of the next big war.

Of course, there’s the nuclear component, and concomitant fear.  But hopefully the MAD policy still provides some measure of protection:  Mutually Assured Destruction.  In MAD, the theory is that if the U.S. or any country and its allies find that their forward-sensing intelligence probes have noted a missile launch, they could then launch their own volley toward the aggressor – each’s missiles traversing and crossing to their respective destinations and  -

BOOM! –  both countries would lose – so why start?

But things aren’t quite so clear with cyberwarfare.  Malware can wreak its destructive vengeance, and then clean up after itself! – hiding its originating trail.  Removed is a certain MAD component, opening the way for all sorts of attacks – perhaps… and it’s not just peril from large-scale wars between countries:  Let’s not forget or discount another cyberwar possibility:  In the future, who’s to say that simple business competitors might not unleash a cyberattack against companies in their market?  It is foolish to discount this possibility.  It may already have happened.

Let’s also consider a recent event:  One minute you’re enjoying a game, the next, half the stadium is dark.  Ok, I’m not a conspiracy theorist, but I couldn’t resist a poke at the recent Super Bowl lighting problem.  Now that many of us have thought about it, though, it well could have been a (relatively harmless) test-hack performed by a country.  For that matter, it could have been a kid in his bedroom.   Nah.  Still…

Here in America over the past couple decades, the Pentagon and a few intelligence agencies have shared power in deploying cyberweapons.  I believe the actual “trigger” for this deployment required Presidential authorization.  The highest profile cyber attack was, perhaps, the strike on Iran’s computer systems that run their nuclear enrichment facilities.  However, we ain’t seen nothin’ yet as far as cyberwarfare’s actual potential.  Potentials of cyberwarfare cannot be ignored – countries not only must safeguard against it; they must envision their use of it (sadly), in staying competitive on the modern, virtual, battlefield – in tandem with the physical one.  And, cyberwar’s yield is hardly just virtual:  For example, removing any measure of a country’s electrical grid would yield catastrophic “real-world” results -

Imagine:  disrupting computers controlling train travel; resultant derailments, to include not only direct crash-related deaths, but the release of toxic chemicals due to crashes.  Attacks on water treatment plants, causing illness and death.  Crashing of the power grid; homes and businesses without power; rotting food, lack of potable water.  Entire industries idle.  Disruption of major media, and critical denial of wartime information, and what to do in terms of safety.  Removal of power would also inhibit basic 911-type emergency response –prioritizations of emergency activity would revert to “line of sight.”   The list can go on and on…

Let this be a call to government and private sector/innovator alike:  We need hardening of critical key infrastructure, and the securing of all electronic enablements.  We must begin building to “cyberproof” standards… or at least, make the best attempt.

In the coming days, we’ll examine what the emerging responsibilities are for organizations:  Your “local” scope of responsibilities and duties is fairly clear, and hopefully covered in your Security, Acceptable Use, and related policies and plans…

So, vis-a-vis cyberwarfare:

Outside:  What are the modern organization’s possible contributions to surrounding public enablements and related security there?

Inside:  What are your new requirements concerning internal controls and security measures?  Stay tuned…

NPGerry Mulligan Meets Stan Getz, original LP, Verve, MG V – 8249

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: