It must be budget-making season someplace, because the cyberwar pundits are banging the drum of impending doom,...
writes Marcus Ranum, chief security officer at Tenable Network Security.
This time, they have case studies they can point to: the attack on the Estonian government, and a video of a power generator tearing itself apart in a carefully rigged demonstration. These incidents were illustrations of cyberwarfare's ability to be annoying or eye-catching, but what have we learned?
We have learned nothing very surprising. Namely, that some organisations will continue to connect mission-critical systems to untrustworthy networks because they are security-illiterate, have left security out of their basic design, or the attractiveness of perceived cost-savings overrules security concerns.
None of this is new, and I see no reason why the trend will not continue. For example, anyone who has ever heard of a denial-of-service attack should understand that a sufficiently motivated attacker will always be able to degrade or interrupt service. That means that the internet cannot be the only channel for delivering services to customers.
The internet battlefield
Anyone who puts a service on the internet without taking into account the potential for downtime due to attacks is taking a calculated risk. I am not blaming the victim, but robustness against hostile action has to be a design point in any system. Security is just another aspect of system reliability.
What did the rigged demo with the generator teach us? What leaps to my mind is that it is a demonstration of how much we appreciate style over substance. Based on that demonstration a great deal of money will be spent on improving the security of electronic infrastructure control systems.
Really, though, the simple answer is to identify the crucial control systems that are potentially exposed to the internet and unplug them again. Then, set some rational standards and requirements and hook them back up when you are able to do so safely.
Threat of a cyberwar
In the meantime, we are left with the important question: is a cyberwar possible? Of course it is. That is the easy question. The questions that come after are not so straightforward, namely: Is cyberwar practical? Would a successful cyber-attack provoke a real-world response from a superpower? Could the origin of a cyberattack be hidden or plausibly denied? Are regular covert operations more effective?
It seems clear that technologically sophisticated nations have probably exposed themselves more than was wise in their rush to computerise crucial systems and provide online citizen access. They need to address the problem in terms of reliability, good design, and failure-safety.
We have already seen what damage can be done when nation states leap into action over the threat of potential attacks or non-existent weapons. Let's keep our wits about us on this particular topic.