The Daunting Challenge Of Reporting On Cyber War; Cyber Forensic Attribution, And Cyber Dust
David Lee, Technology Reporter for the BBC, had an interesting, and thought-provoking article, with the title above, in the January 19, 2015 edition of their website. As the editors of Big Think, note, “the crux of his article revolves around the innate challenges of reporting a conflict you can’t see. It’s this concept of invisibility — that cyber war exists…not in the public eye…but, in the shadows — that’s imperative to grapple and understand.”
“Think about how traditional war is conducted, promoted, and sold,” Big Think editors say. From Leni Riefenstahl’s Nazi propaganda film, Triumph of Will, to Frank Capra’s Why We Fight. to the modern-day personification of evil — the Islamic State and their online propaganda campaign, — “war is as much about optics, as it is about tactics,” and strategy. “Every conflict needs to be sold to an audience,” the publication noted. “One thing is for certain,” Mr. Lee writes, “the nature of war is changing; and, with it — so too must the journalists,” who cover them. “Where a traditional reporter in the war zone wouldn’t leave home without wearing a trusty flak jacket — the war reporters of the imminent future may well be more concerned with a hardy firewall. But, there’s a problem,” Mr. Lee contends. “How do you report on a war, you can’t see happening? How do you hold aggressors to account, if you don’t who, or where they are?”
U.S./U.K. Cyber War Games To Test Vulnerabilities Of Weapons Systems, Critical Infrastructure, Among Other Things
“The best way to test the resilience of a computer system,” Mr. Lee writes. “is to try and emulate the various ways hackers could break in. That’s why the U.S. and the U.K. are working together on cyber war games — and, essentially try and hack each other to see where the weaknesses lie. The first war game will involve the Bank of England, and commercial banks, targeting the City of London and Wall Street; and, will be followed by “further exercises to test critical national infrastructure,” Downing Street said.
Finding The Source: Forensic Attribution In The Cyber Domain
Charles Authur, who was The Guardian’s Chief technology writer for nine years, told Mr. Lee, “I’ve been writing about hackers and hacking for twenty years; and, what I’ve noticed is that is has become increasingly difficult to verify claims. The ability to obfuscate the source of an attack now means you can’t be certain of anything you’re told.” “In cyber war, you often can’t see the signs,” Mr. Lee notes. “There are no planes to count in and out, no soldiers to grab and ask, “who are you fighting for?” “We’re reporting on a war where the fog never clears; and the participants aren’t visible. Which is why , years on, we still don’t know for sure if the U.S. (with Israel’s help) was behind Stuxnet, a cyber attack that caused physical damage to Iran’s nuclear infrastructure,” Mr. Authur said. “We don’t know if the U.K. was responsible for a serious hack on Belgacom, a Belgian telecommunications firm; nor who was behind the [cyber] tampering of blast furnaces in Germany last month.”
“Cyber attacks occur in a manner that is unverifiable,” Mr. Lee wrote, “often leaving its perpetrators unaccountable.” As the Big Think editors note, “there’s a real possibility that we wouldn’t realize the first shot of a major cyber war had occurred — until our systems had already failed us.”
“When the enemy becomes invisible. your best strategy is to make yourself invisible, or get as close to it as you can,” Big Think concluded.
The common tactic among more savvy cyber hackers, is to disguise the point of origin of the hack — by routing their destructive malware through a number of different countries. Using third-party cutout, Internet cafes, and the proliferation of encrypted software are all complicating what was already, a very difficult task.
Cyber Dust — Gone Within Seconds
Alexa Futterweit, writing last year on the website, The Odyssey, notes that Cyber Dust, is a new app that offers users something unique — cyber dust allows its users to send both log texts, and pics, that will disappear within seconds — just after the recipient opens them. Cyber dust deletes digital footprints.
Cyber forensic attribution is indeed a gnarly and difficult issue — especially when the adversary is cyber savvy. I have attached a paper by W. Earl Boebert, Sandia National Labs (retired), “A Survey Of Challenges In [Cyber] Attribution.” The paper was done on 2010; but, a lot of his observations about the difficulties and challenges in the cyber world — have actually gotten harder — not easier. V/R, RCP