named as responsible for the Stuxnet attack on the
Iranian nuclear enrichment facilities discovered in 2010.
And in the last two years, we have seen significant
influence operations enabled by cyber intrusions
launched against Western elections.
What can be done to stop this out-of-control escalation?
Effective solutions require action from both governments
and the private sector to stem further conflict.
Governments must begin work on holding cyber
adversaries to account. In the absence of effective
deterrence in this field, governments are in effect
encouraging more innovation and boldness on the part
of our enemies. The good news is that attribution –
identifying who is responsible - is now largely a solved
problem. Capabilities of both governments and private
sector have improved; both are now competent at the
swift identification of perpetrators of most intrusions, as
evidenced by the fact that nearly every significant cyber
attack in recent years has been attributed.
Now, however, we need to move to the second critical
part of the solution, which is to establish reliable punitive
measures against identified threat actors to make it clear
that such behavior is not acceptable and will have
serious consequences. Punishment, however, should not
be limited to cyber retaliation – in fact, cyber retaliation
will often be the least productive response. Instead, all
toolkits of national power – from law enforcement,
diplomacy, economic sanctions, and military solutions
should be on the table to pressure rogue regimes into
compliance with acceptable norms of cyber behavior.
On the private sector side, companies and individuals
need to evolve their security strategies to be
commensurate with the threat they face. A primary point
of departure is the acknowledgment that it is an
impossibility to stop every attacker from being able to
enter target networks. Numerous vulnerabilities that can
be exploited shall always exist alongside users who will
err by clicking on nefarious links and emails. Instead of
focusing solely on total perimeter rejection, our security
model needs to change to that of speed and agility to
react within networks, that is, hunting for attackers on our
networks and discovering and ejecting them quickly
before they can do any harm. Technologies such as
cloud and artificial intelligence are revolutionary to
making this approach efficient and effective.
It is imperative that governments and companies start
taking on these important actions before we find
ourselves in the fourth generation of cyber conflict, which
history tells us is unlikely to make the world any safer.
A version of this article appeared on The CipherBrief
This article was taken from here