“State actors”, usually a synonym for the usual suspects, Russia, proxy North Korea and China, are alleged to have carried out massive attacks using state resources to obtain information and disrupt corporate and government systems, some critical. Third party actors are also a major problem around the world, some possibly working as additional proxies for states. This situation is no longer tolerable.
In a notable departure from the heedless Trump “administration’s” total lack of interest in cyberwarfare, Biden’s administration is now looking long and hard at the issues. The findings are grim.
The Microsoft Exchange debacle is one of the classic examples of opening the floodgates to cyberattacks. The sheer scale of compromised systems, malware attacks, etc. is an all-time benchmark for all the problems in one place.
The range of vulnerabilities, however, is long:
• Critical infrastructure.
• Security of information.
• Risk to major global systems for finance, commerce, basic daily needs, etc.
The Microsoft Exchange issue, irritatingly enough, is also a sort of map of what can go wrong. The vulnerabilities are pretty much anything and everything, at least in basic theory.
Hack back? Better than nothing, possible major benefits.
In a term which will get a cynical groan out of cyber-people who’ve been talking about it for decades, retaliatory hacking is one of the options. Microsoft came up with a benign worm about a decade ago which was designed to fit into systems as an active agent against hacking and malware.
The current situation is that there’s no real deterrent against these attacks. The attackers aren’t taking any risks that anyone’s prepared to talk about, at the very least. The attackers have it all their own way. If there’s a denial of service attack, it’s met with a shutdown and restart, not a counterattack. That’s certainly not going to discourage attacks.
Counterattacks could:
• Disrupt sources of hacks.
• Actively sabotage hacking systems.
• Identify corrupt servers and shut them down. (Some protocols involved.)
• Isolate state actors. (Major task, but doable.)
• Do severe damage to proxy attackers.
• Feed false information into cyberespionage.
I’d like to take a second to explain “feed false information”. British intelligence strung along a state actor feeding them information for years until the state actor found out they’d hacked a recipe for cupcakes. This rather humiliating experience should have been an object lesson.
Something like that could also derail the mega-techno-nuts advocating and managing state-sponsored attacks. Credibility means a lot in the intelligence community. Feed enough total crap into an intelligence system, and when it’s found to be crap, you’re dead. If the credibility is gone, so are the nutters.
Let’s get this straight – You can be as secure as you are prepared to get off your butt and be. AI can manage multiple protocols, redirect servers, and similar stuff, with backups and countermeasures built-in. That’s the baseline level of possible security, not the really advanced level. This sort of security happens at top speed, too; very hard to manage if your cyberattack bounces off and comes back at you with a few additions.
The irony here is that the most advanced, efficient, communications in history are being sabotaged by morons. To hell with the New Cold War and other whimsical garbage; humanity needs to move on from this prehistoric drivel, right now. Retaliate until that message is received.
Data servers. - © AFP