North Korea, Syria, And Iran — Asymmetric Warfare Is Here To Stay
John Dunn, writing in the December 23, 2014 edition of Techworld.com, writes that “small nations have been attacking [through cyber hacking] the U.S. for years; and asks, “why hasn’t anyone noticed till now?” Until the Sony hack, Mr. Dunn contends, “few beyond a handful of security vendors, and an occasional article in the New York Times — paid much attention to small nations with big cyber-ambitions. Suddenly, seemingly out of nowhere, one of these, the Democratic People’s Republic of North Korea (DPRK) is accused by the U.S. Government of launching a no-holds barred cyber attack on a major Hollywood firm; and, there is an amazement, and a not a little skepticism.”
“Is this wariness justified, or is there something else at work here?,” Mr. Dunn asks.
“When major cyber breaches or attacks occur, it’s normal for a dozen of more security firms to offer up spokespeople, or experts from in-house experts, but the moment of major, but major unreported 2013 attacks on South Korea was very different. Seemingly struck dumb, few firms said anything. This was a local issue, and nobody could see an angle that interested them, a curious contrast to the attack on Sony, which has taken over some newsfeeds…to an almost hysterical level.”
“More recently, came Operation Cleaver, an alarmingly complex cyber-campaign directed mainly at U.S. energy firms, again attributed to Iran by the FBI in a sort of reverse Stuxnet few would have once thought possible from such a deprived state — in the midst of economic sanctions,” Mr. Dunn wrote.
“Ditto,” he adds, “a series of increasingly serious nuisance attacks since 2011 claimed by the Syrian Electronic Army(SEA), that country’s centrally-directed, but geographically dispersed (Turkey, Lebanon, and Jordan) campaign to keep the country’s regime in the news. People downplay these attacks as little more than buzzing insects — but, try telling that to the hundreds of major brands that only weeks ago noticed their pages redirecting to landing page promoting the SEA — after a cunning, redirection attack,” Mr. Dunn writes.
“But, what simply matters,” Mr. Dunn argues, “is not simply whether North Korea had a connection to the attack, but, why people find it so hard to believe such a thing is possible. North Korea is a primitive, Stalinist hold-out, a joke regime that kills its own people; but, would it really bring a large, U.S.-based company to its knees?”
“Frankly, it’s time for people to grasp that such a thing is possible, not only by North Korea, but, if they choose such a thing — other countries as well,” Mr. Dunn notes. “This should not be surprising,” he adds. “Unlike the military world of stealth — with $70M a pop for a stealth fighter, remote controlled drones, and cruise missiles, cyber space is a much more level, ‘asymmetric battlefield.’ “Even the smallest nation, or group can cause trouble in cyber space — with a small team of skilled hackers, and there’s no simple way of reliably attributing attacks…let alone stopping them.”
“For now,”Mr. Dunn concludes, ‘it wasn’t us’ is a plausible defense against what few mechanisms of retaliation exist such as sanctions, arrest warrants, and the beginning of fists on tables behind closed doors. Proving an attack’s origin beyond doubt is incredibly difficult, — not helped by suspicion over the U.S.’s motives in an era where the NSA is supposedly punching all the buttons.”
“People need to acclimatize the fact that the Sony attack is only the beginning, and future attacks will surely take in other countries and organizations unless nations hurry up with some kind of code of behavior and protocol for resolving disputes. This is already being discussed; and, will eventually, arrive in some form — because the alternative is a free-for-all.”
“Until then, buckle up,” Mr. Dunn urges, “because the list of victims could turn out to be as surprising as it will be dangerously de-stabilizing.”
Digital Forensics Is Becoming A Huge Issue
Whether talking about digital forensics conducted by law enforcement or a corporate security department, the simple fact is that forensics is difficult — especially at the endpoint,” writes Craig Carpenter, on the December 24,2014 website, Dark Reading. Challenges include “accessibility of the data systems and, the data on them, (e.g., cellphones), latency when pulling data from a system remotely, erroneously tipping off a user that a system is being accessed, myriad formats and devices, languages, and synthesizing data from multiple sources just to name a few.”
It is a constant cat-and mouse-game that is full of a digital wilderness of mirrors.” V/R, RCP