Cyber attacks are becoming the first weapon of choice for countries in conflict, according to ViaSat UK, security and communications supplier to military forces and governments.
“This is shown by the fact that Russia’s alleged cyber attack against Germany is supposedly in response to its continued support of the Ukrainian government,” said ViaSat UK chief Chris McIntosh.
In the latest development, Ukraine's prime minister has blamed Russian intelligence for the cyber attack against German government websites on 7 January, according to Reuters.
The accusation comes despite a pro-Russian group claiming responsibility for the attack shortly before Ukrainian prime minister Arseny Yatseniuk held talks in Berlin with German chancellor Angela Merkel.
“I strongly recommend that the Russian secret services stop spending taxpayer money on cyber attacks against the Bundestag and chancellor Merkel's office,” Yatseniuk told ZDF TV.
Several government sites were unreachable after being targeted by distributed denial of service (DDoS) attacks, according to a German government spokesman.
READ MORE ON CYBER SECURITY
- Expert institute to offer innovative solutions to cyber threats
- BSI urges UK businesses to bolster cyber security
- Cyber security failing in execution, says ex-US cyber czar
- Nato and business join forces to tackle cyber security threats
- Cyber attack hallmarks identified in cross-industry report
- Business needs to take cyber crime seriously, says top EU cyber cop Troels Oerting
The attack was reportedly the first successful prolonged attack on German government websites, which face about 3,000 such assaults daily according to intelligence agencies.
North Korea, in turn, has blamed the US for internet outages that hit the country soon after, which McIntosh said is further proof that cyber attacks are becoming a popular weapon.
“The lines between private, public and military targets are blurring, and cyber attacks are now being looked to as an effective way of influencing other countries’ foreign policy,” he said.
In this new landscape of threats, McIntosh said organisations in all sectors will need to be vigilant against a wider range of threats, not only from countries with significant resources at their disposal and the incentives to use them, but also from other actors acting in hostile nations’ interests.
“Institutions – from governments to film studios to banks – need to analyse all potential weak points with the assumption that their systems have already been compromised, and work back from this assumption to ensure that a breach cannot result in serious damage.
“This includes actions such as encrypting data and ensuring that critical systems can be quickly isolated if they are infected. Only an all-inclusive and pessimistic approach will protect against increasingly sophisticated and numerous attacks,” he said.
Cyber attacks are now being looked to as an effective way of influencing other countries’ foreign policy
Chris McIntosh, ViaSat UK
Veteran cyber security expert Bruce Schneier also referred to the increasing blurring of lines in cyber space between individual actors and national governments in an article for The Atlantic.
“It’s a strange future we live in when we can’t tell the difference between random hackers and major governments, or when those same random hackers can credibly threaten international military organisations,” he wrote.
According to Schneier, the cyber attack on Sony is important because he predicts the world is going to see an even greater blurring of traditional lines between police, military and private actions as technology broadly distributes attack capabilities across a variety of actors.
He believes the cyber attack on Sony should raise questions around who is in charge of the response and under what legal system they should operate when it is not clear who is launching an attack or why.
“We need national guidelines to determine when the military should get involved and when it’s a police matter, as well as what sorts of proportional responses are available in each instance. We need international agreements defining what counts as cyber war and what does not,” he wrote.