This year marks the 50th anniversary of the Moscow-Washington nuclear hotline. A remainder of the Cold War, the hotline provided – and still provides – a direct line of communication between the leaders of the US and Russia. Following the Cuban Missile Crisis, the two nations realized how crucial a quick, clear and direct mode of communication between their leaders was.
Eerily, nearly 50 years to the day later, it was announced from the G8 Summit that the nuclear hotline originally set up during the Cold War would serve an additional purpose. Having revised their national security policies to recognize the emerging political-military and criminal threats coming from cyber space, the new hotline will enable the US and Russia to share information on hacking incidents and other cyber-attacks seen in their countries.
This move is a direct reflection of the very real shift in threats we are facing today, and shows that the real ‘ammunition’ to cause damage to the world’s critical national infrastructure is now virtual as opposed to physical. Without doubt, a nuclear attack would cause widespread destruction. Yet the ease and speed at which hackers could potentially take down a power station, for example, is truly sinister – and typically happens with no warning. Cyber-attacks have undoubtedly emerged as one of most serious national and international security challenges we face in the 21st century, and have become the modern-day Cold War weaponry to which governments and militaries need to react, rapidly.
There are now numerous instances of cyber-attacks causing real damage to the well-being of nation-states. Consider the 2007 cyber attacks on Estonia in which the websites of prominent Estonian organizations such as ministries, the media and banks were suspended or defaced by extended denial-of-service attacks via ping floods and botnets. There were the attacks on US government or private business websites, attributed by the US government to foreign powers under the ‘Titian Rain’ label; or the attacks during the South Ossetia war of 2008 that disabled a number of Georgian, Russian, Ossetian and Azeri websites.
The line between physical and virtual defense has almost completely blurred, and this has been reflected in the past few years with radical changes in the defense industry. It was announced earlier this year that the UK’s Territorial Army (TA) will retrain its reservists to become specialists in cybersecurity. Other reservists would also specialize in chemical-biological warfare and intelligence, demonstrating that the threat of war is no longer just one dimensional. With the advent of cyber espionage and a recent rise in the number of attacks that threaten the security of critical national infrastructure, the need for a holistic approach to security is long overdue, and the TA is taking its share of responsibility for this alongside its traditional physical defense remit.
In addition, and just as importantly, this move will help enormously in positioning public sector cybersecurity as an attractive career prospect for the next generation. The need for cybersecurity experts across the globe far exceeds our pool of qualified personnel, creating a widespread cyber skills shortage. This shortage in turn raises the minimum starting salary package for cyber experts, which present many challenges for firms, particularly public sector organizations that struggle to compete with the compensation packages offered by the private sector.
This is another example of the UK’s Ministry of Defence (MoD) doing a great job in advertising their cybersecurity positions, giving applicants potentially more rewarding work to do than private sector counterparts. Cyber employees at the MoD really are at the forefront of cyber warfare: protecting the UK from malicious attacks from criminal gangs and other nations.
Countries are taking the threat of cyber warfare much more seriously of late, with some seeking out their nearest allies to strengthen their own cyber defenses. In September this year, Argentine Defence Minister Agustín Rossi and his Brazilian counterpart Celso Amorim issued a joint statement stating that they were to form a cyber-defense alliance against potential cyber-espionage, in response to the NSA PRISM revelations. The countries have agreed that, starting in 2014, Brazil will provide cyber-warfare training to Argentine officers, echoing what the UK’s MoD is doing with the Territorial Army. Rossi said in the statement that the combined efforts will allow Brazil and Argentina to “diminish situations of vulnerability.”
However, governments cannot be held solely responsible for protecting us in the cyber Cold War. KPMG revealed this summer that British FTSE 350 firms are failing to keep their networks safe, and as a result are putting the economy and the nation’s international security under threat due to simple flaws in web security. It’s imperative that businesses – especially large firms such as these – take their cybersecurity seriously. Cybersecurity is a business issue – not just an IT issue; many organizations fail to realize this. In fact, the consequences of cyber-attacks are now so severe that cyber-defense has become a boardroom discussion where companies explore what measures need to be put into place to ensure they are acting proactively, not just reactively.
To do this, organizations should ensure they’re taking a holistic approach to security, tightly integrating cyber-defenses with processes, people and physical measures. A cybersecurity model that can provide a useful indication of the resilience of defenses and areas of vulnerability as an important guide through balancing between price, safety and security is crucial. Best-practice cyber-maturity should always focus on continuous policy evaluation and adaptation to protect against the latest evolution of threat and attack vectors.
As well as paying due diligence in assessing their own cyber-maturity, organizations should also assess that of their suppliers. As organizations have invested in strengthening their own cyber-defenses, cybercriminals have started attacking the supply chain instead of targeting organizations directly. Dyson is a prime example of a company that suffered a supply chain security breach due to a lack of protection. Late last year the bag-less vacuum cleaner pioneers accused Bosch of hiring an industrial spy to work for one of its China-based manufacturing plants to steal design specifications, which lead to the German company losing a number of patents relating to its own innovation and unique designs. If this is the fall-out that can happen as a result of patents, how serious could the implications be of an attack on critical national infrastructure?
Despite cyber-warfare being a very real, prevalent problem, its promising to see nation-states taking serious steps toward tackling the issue. Provided that security challenges are addressed effectively, we can rest assured that the imminent threats to our critical national infrastructure are under control and we can continue to be in command of the modern-day cyber Cold War
Ross Parsell has an extensive background in devising guidelines for private, public and defense security strategies, with more than 16 years of experience in the security industry. As director of cyber strategy, Parsell serves as the cybersecurity voice and strategy evangelist for Thales UK. He also sits on a number of governing bodies that decide the UK National Cyber Security Strategy.