[ISN] The Fog of Cyberwar

From: InfoSec News <alerts_at_private>
Date: Mon, 20 Apr 2009 01:34:01 -0500 (CDT)
http://www.newsweek.com/id/194605

By Evgeny Morozov
NEWSWEEK
April 18, 2009
 From the magazine issue 
dated Apr 27, 2009

Ghostnet sounds like something John le Carré would invent. This vast 
cyber-espionage operation spanned 1,295 computers worldwide, a third of 
them located in ministries of foreign affairs, embassies, international 
organizations and news media, some holding classified data. According to 
a report by three Canadian security think tanks in March, it included at 
least one unclassified computer at NATO headquarters in Mons, Belgium. 
Although the culprit is unidentified, some experts suspect China. 
Whether it exploited any of the data is hard to say. That it could 
obtain it so easily has raised eyebrows in the world's mightiest 
military alliance.

NATO is only just beginning to recognize that the Internet has become a 
new battleground, and that it requires a military strategy. As economic 
life relies more and more on the Internet, the potential for small bands 
of hackers to launch devastating attacks on the world economy is 
growing. To counter such threats, a group of NATO members, including the 
U.S. and Germany, last year established a kind of internal cybersecurity 
think tank, based in a former government building in Tallinn, Estonia. 
The 30 staffers at the Cooperative Cyber Defense Centre of Excellence 
analyze emerging viruses and other threats, and pass on alerts to 
sponsoring NATO governments. They are also working to bring the allies 
together on the elusive issues that deepen the fog of cyberwar.

Experts with backgrounds in the military, technology, law and science 
are wrestling with such questions as: What qualifies as a cyber "attack" 
on a NATO member, and so triggers the obligation of alliance members to 
rush to its defense? And how can the alliance defend itself in 
cyberspace? Already, the debate is producing strikingly different 
answers: as Washington moves to create a new "cybersecurity czar" and 
new funds for cyberdefenses, Estonia is moving much of the job into 
civilian hands, aiming to create a nation of citizens alert and wise to 
online threats.

The choice of Estonia as the home to NATO's new cyberwar brain trust is 
not accidental. In 2007 Estonia was in a public squabble with Russia 
over the fate of a Soviet-era monument when it suddenly found itself 
under a wave of cyberattacks. Among the targets were two of Estonia's 
biggest banks, whose online systems were severely degraded for several 
hours. The scale of the economic damage is still classified as a state 
secret, but the fact that this happened in "E-stonia," a proud digital 
society where even parking meters take payment via text messages, was 
eye-opening. Although the decentralized nature of cyberattacks made it 
hard to know whether the Kremlin ordered the attacks, clues led Estonia 
to a Russian suspect, whom the Kremlin refused to extradite.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Sun Apr 19 2009 - 23:34:01 PDT

This archive was generated by hypermail 2.2.0 : Sun Apr 19 2009 - 23:47:45 PDT