Story image

Cyberwar exposed

17 Nov 09

Today I read an article in the National Journal concerning cyberwarfare. You can read the article at http://www.nationaljournal.com/njmagazine/cs_20091114_3145.php.


I think people have some misconceptions about “cyberwar”. There isn’t going to be a war, at least anytime soon which is fought with only computers. Computers are simply being used as a weapon in conjunction with traditional warfare.
The article discusses the digital attack against cell phones. Jamming the cell phones using computers is essentially a denial of service attack. Depending upon how the technology was used to spread misinformation it may have been much the same as a man in the middle attack.


Fundamentally the difference between cybercrime and cyberwarfare lies in the objectives and that in the country where the attacks are being carried out, the attackers operate with legal authority.


Sometimes the terms cybercrime and cyberwarfare are used indiscriminately. As an example, I recently returned from Malaysia where I found that for the past year or so Malaysian websites have been under attack from computers that are in Indonesia. Malaysia and Indonesia are not at war and the attacks appear to have nothing to do with war at all. This is an example of cybercrime. Now if the countries were at war, such attacks might be deployed in order to disrupt the government, spread propaganda, or otherwise gain a tactical advantage. Still, without a physical conflict it would not be a war… at least not one that would be won.


From a defensive perspective, much is the same as it is when defending against cybercrime. You patch vulnerabilities in your software, you use defence in depth, such as antimalware, firewalls, intrusion detection, intrusion prevention, and auditing software. You also use a lot of education.


For national defense this is a huge project because you not only have to protect the military computers, but the critical infrastructure and a large array of private computers belonging to civilian suppliers. That’s why the Department of Homeland Security (DHS) is collaborating with the private sector to help increase cybersecurity across the board.


For more information on what DHS is doing to protect the federal network check out http://www.dhs.gov/files/programs/gc_1234200709381.shtm.
If you have any general security questions, feel free to email at askeset@eset.com

Kiwis make waves in IoT World Cup
A New Zealand company, KotahiNet, has been named as a finalist in the IoT World Cup for its River Pollution Monitoring solution.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
How SMBs can use data to drive business outcomes
With the right technology, companies can capture consumer, sales, and expense data, and use it to evaluate and construct future plans.
Survey shows that IoT is RoI across Asia Pacific
A recent Frost & Sullivan survey across Australia, Hong Kong and Singapore shows that IoT deployment improves business metrics by around 12%.
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.