Defence talks to forge EU cyberwar strategy
What are we defending against exactly?
European defence ministers met last week to develop NATO's future cyber defence strategy, defence minister Nick Harvey told Parliament on Monday.
Defence Secretary Liam Fox met his counterparts across Europe to help formulate future cyber defence policy, Harvey said in response to questions in the House from former defence secretary Bob Ainsworth. The diplomatic reply (extract below) suggests discussions are still at a fairly preliminary stage involving establishing bilateral links and sharing best practice on combating hacking attacks or malware outbreaks that threaten key national infrastructure components. Nothing was said about the possibility of developing offensive capabilities, a topic that must surely be on the agenda.
Over 10 and 11 of March 2011, the Secretary of State for Defence discussed the NATO Cyber Defence Concept with his ministerial counterparts in Brussels. This will set the parameters for NATO's future cyber defence policy.
We have already signed a Cyber Defence Memorandum of Understanding with NATO that allows us to share information and hope to sign further bilateral agreements with countries whose capabilities are complementary to our own. The FCO and Home Office will lead on engagements with the EU and UN, with the Cabinet Office co-ordinating our overall international engagement strategy.
Discussion on cyber-sabotage and other potential acts of war carried out in cyberspace has shifted higher on the agenda after the infamous Stuxnet worm infiltrated industrial control systems in Iran, sabotaging high-speed centrifuges at controversial Iranian nuclear facilities in the process. The sophisticated malware has been described in some circles as the world's first cyber-weapon.
Politicians are also fearful that denial of service attacks that blasted denial Estonia off the web might be turned on their countries as well as state sponsored cyber-espionage style attacks against key private-sector firms along the lines of the Operation Aurora assaults against Google or more recently publicised spear-phishing and custom malware-based attacks against oil exploration conglomerates.
The UK government has allocated £650m over the next four years to tackle cyber threats, newly defined as Tier One threats against the UK – equalled only by international terrorism, as part of its Strategic Defence and Security Review. A total of £63m from this fund was recently earmarked for fighting cyber-crime. Harvey said the government was looking to work with the information security industry as well as international partners in tackling cyber threats. "The government cannot and should not attempt to tackle this issue by itself," Harvey said.
Ghost in the Wire
Last week, during an earlier question and answer session in the House of Commons, Harvey told MPs that the UK's new "global operations and security control centre" is up and running. "We have commissioned a new monitoring system to detect cyber-attacks against our defence systems," he said.
Subsequent questions by MPs showed that specific concerns about cyberthreats are miles apart from the hack disabling national grids or banking systems scenarios often conjured up by talk of cyber-war.
Robert Halfon pointedly asked whether the use by BT of equipment supplied by Chinese telecoms equipment manufacturer Huawei, which was founded by a Red Army officer, might pose a security risk. Hack attacks against government or private sector firms are routinely blamed on China. Whether or not China is actually behind such attacks is difficult to say because it's equally possible that compromised systems in China might be used by elite hackers working for somebody entirely different to hide their track.
Attribution for cyber attacks is a matter of informed guesswork and circumstantial evidence (at best) without examining the compromised systems and figuring out what happened. Harvey said the government was in discussion with BT and others about the "benefits and risks" of using Huawei as a supplier. Aside from Huawei, only Juniper and Cisco can supply the high-end kit BT needs to run its network, so the former public sector telco is not exactly spoiled for choice.
Separately, Chris Bryant asked about a threat rather closer to home, tabloid hacks from the News of the World. A recent Panaroma documentary suggested that hacks hacked into "mobile phones and computers used by the Army in Northern Ireland". Harvey acknowledged that Bryant had raised the valid concern that security threats might come from newspapers as well as agents of a hostile power. "We will do everything we can to ensure the maximum security of all our communication methods," the minister said. ®
"We will do everything we can to ensure the maximum security of all our communication methods,"
Apart from prosecute BT and their Russian friends Phorm, TalkTalk and their Chinese friends Huawei, and Vodafone and their American buddies Bluecoat... all of whom have illegally and covertly compromised the security of UK telecommunications.
It seems to me the politicians may be suffering from some confusion over terminology. In physical world, "defense" is just a nice way of saying weapons, whether used for that purpose or not. In a digital context, defense, usually really does mean defense, and I think they're having a hard time grasping this.
You don't defend your network by trashing the other guy's network first. You don't fight viruses with bigger meaner viruses. You can defend with boring measures like building redundant network connections and making sure your software is up to date. As such #1 the military aren't the people who should be running this, and #2 they really need to stop conflating it with war.
ITs Great Game ...... is a Great Game Play with Astute Non State Actors in Leading AIRoles?
"Defence talks to forge EU cyberwar strategy ... What are we defending against exactly?" ..... John Leyden
An interesting question, John, with systems doomed to catastrophic failure and resources liable to non-availability, if the kettling and suppression of emerging truths and novel alternative methodologies are considered a defence priority for maintenance of status quo positions.
Fortunately though, ...... although one imagines that those who would prefer to play in the shadows because of the error of their ways which if known would be universally considered unacceptable and even criminal, may consider it a gross and unfortunate inconvenience ...... does any action, to be effective in cyberspace, require wwwide and transparently clear publication/dissemination/sharing.
Secretive, traditional Special Ops type operations are virtually counter-productive against what are effectively Active Entities Invisibly Operating Universally in Imaginative Terrain and Really SMART Head Spaces.
One wonders whether any political paygrade comes anywhere close to entertaining anyone enabled to counter and assist in the proliferation of programs spilling the beans on spinning tales which have entangled star spangled two bit actors in pits of their own making and mounting despair. But hope springs eternal and one is always so pleased to be pleasantly surprised, and proved wrong with a shining example of what is to be done to put matters right.