![\"\"](\"\/\/www.iser-br.com\/Themes\/Release\/images\/responsive\/ettelecom-default.jpg\")
Now tensions are soaring over Ukraine with Western officials warning about the danger of Russia launching damaging cyberattacks against Ukraine's NATO allies. While no one is suggesting that could lead to a full-blown war between nuclear-armed rivals, the risk of escalation is serious.
The danger is in the uncertainty about what crosses a digital red line. Cyberattacks, including those that cripple critical infrastructure with ransomware<\/a>, have been on the rise for years and often go unpunished. It's unclear how grave a malicious cyber operation by a state actor would have to be to cross the threshold to an act of war.
\"The rules are fuzzy,\" said Max Smeets, director of the European Cyber Conflict Research Initiative. \"It's not clear what is allowed, what isn't allowed.\"
The United States and other NATO members have threatened crippling sanctions against Russia if it sends troops into Ukraine. Less clear is whether such sanctions, whose secondary effects could also hurt Europe, would be imposed if Russia were to seriously damage Ukrainian critical infrastructure - power, telecommunications, finance, railways - with cyberattacks in lieu of invading.
And if the West were to respond harshly to Russian aggression, Moscow could retaliate against NATO nations in cyberspace with an intensity and on a scale previously unseen. A major cyberattack on U.S. targets would almost certainly unleash a muscular response. But what of lesser cyberattacks? Or if Russian President Vladimir Putin restricted them to a NATO member in Europe?
Under Article 5 of the organization's treaty, an attack on any of its 30 members is considered an attack on all. But unclear is what it would take to unleash full-scale cyber retaliation. Or how bad an attack would have to be to trigger retaliation from NATO's most potent cyber military forces, led by the U.S. and Britain.
Cyberspace is exceptionally unruly. No arms control treaties exist to put guard rails on state-backed hacking, which is often shielded by plausible deniability as it's often difficult to quickly attribute cyberattacks and intelligence-gathering intrusions. The technology is cheap and criminals can act as proxies, further muddying attribution. Freelancers and hacktivists compound the problem.
In 2015, the major powers and others agreed on a set of 11 voluntary norms of international cyber behavior at the United Nations. But they are routinely ignored. Russia helped craft them only to knock Ukraine's power grid offline that winter and set in motion its hack-and-leak operation to interfere in the 2016 U.S. presidential election.
Hacking is now a core component of great power conflict. In 2016, NATO formally designated cyberspace a \"domain\" of conflict, alongside land, sea and air.
Nowhere has the militarization of cyberspace been more clear than in Putin's bid to return Ukraine to Moscow's orbit.
To Serhii Demediuk, the No. 2 official on Ukraine's National Security and Defense Council, a noisy cyberattack last month was \"part of a full-scale Russian operation directed at destabilizing the situation in Ukraine, aimed at exploding our Euro-Atlantic integration and seizing power.\"
The attack damaged servers at the State Emergency Service and at the Motor Transport Insurance Bureau with a malicious \"wiper\" cloaked as ransomware. The damage proved minimal, but a message posted simultaneously on dozens of defaced government websites said: \"Be afraid and expect the worst.\"
Such attacks are apt to continue as Putin tries to \"degrade\" and \"delegitimize\" trust in Ukrainian institutions, the cybersecurity<\/a> firm CrowdStrike said in a blog on Russian military cyber wreckage in the former Soviet republic: Winter attacks on the power grid in 2015 and 2016 were followed by NotPetya, which exacted more than $10 billion in damage globally.
Michele Markoff, the U.S. State Department's deputy coordinator for cyber issues, thinks \"muscular diplomacy\" is the only way to end such \"immoral, unethical and destabilizing behavior.\"
But how? Unlike nuclear arms, cyberweapons can't easily be quantified, verified and limited in treaties. Nor are violators apt to be held accountable in the United Nations, not with Russia and China wielding veto power on its Security Council.
\"We've wallowed kind of in a quagmire for years now on making transgressors accountable,\" said Duncan Hollis, a Temple Law professor and former State Department legal adviser.
Members endorsed in May an update to the 2015 U.N. norm s that further delineates what should be out of bounds: including hospitals, energy, water and sanitation, education and financial services. That has hardly deterred Russian-speaking ransomware crooks, who are at the very least tolerated by the Kremlin. Nor have U.S. indictments of Russian and Chinese state hackers and the blacklisting of tech companies accused of aiding them helped much.
Under a new policy NATO adopted last year after U.S lobbying, an accumulation of lower-level cyberattacks - far below, say, blacking out the U.S. East Coast - could be enough to trigger Article 5. But NATO is vague on what a tipping point might be.
NATO's doctrinal shift followed a pair of seismic cyberespionage shocks - the highly targeted 2020 SolarWinds supply chain hack by Russia that badly rattled Washington and the reckless March 2021 Microsoft Exchange hack attributed to Chinese state security that set off a criminal hacking free-for-all.
A cluster of wholesale data pilfering in the mid-2010s attributed to China - from the U.S. Office of Personnel Management, United Airlines, Marriott hotels and the health insurer Anthem - inflicted a deep national security wound. And U.S. officials have worried for more than a decade about rivals - Russia especially - quietly \"pre-positioning\" enough malware in U.S. critical infrastructure including the energy sector to cause considerable chaos in an armed conflict.
In response, U.S. Cyber Command developed a strategy in 2018 it calls \"persistent engagement\" to counter rivals who \"operate continuously below the threshold of armed conflict to weaken institutions and gain strategic advantages.\"
The aim: deny foes the chance to breach U.S. systems by operating \"across the interconnected battlespace, globally, as close as possible to adversaries,\" Cybercom commander Gen. Paul Nakasone wrote.
That has sometimes meant penetrating not just adversaries' networks but also those of allies - without asking permission, said Smeets, the European cyber conflict analyst.
Disinformation campaigns have also muddied the definition of a \"cyber threat.\" No longer do they merely encompass malware like NotPetya or the the Stuxnet virus that wrecked Iranian nuclear centrifuges, an operation widely attributed to the U.S. and Israel and discovered in 2010.
During the 2018 U.S. midterm elections, Cybercom temporarily knocked offline a key Russian disinformation mill.
Most major powers have the equivalent of a U.S. Cyber Command for both offense and defense.
Also active are terrorists, criminals working as state proxies, begrudged freelancers and hacktivists like the Cyber Partisans of Belarus.
Hollis compares the current messy cyber moment to the early 19th century when U.S. and European navies were so small they often relied on privateers - we know them now as pirates- for high-seas dirty work.
The U.S. and other NATO partners are, meantime, helping Ukraine stand up a separate cyber military unit, said Demediuk, the Ukrainian security official. Since Russia seized Crimea in 2014, NATO has closely and systematically coordinating cyber actions with Ukraine, including joint missions, he said.
In November, Ukraine exposed an eight-year espionage operation by agents of Russia's FSB in Crimea involving more than 5,000 attempted hacks. The main goal: to gain control over critical infrastructure, including power plants, heating and water supply systems, Ukraine's state news agency said.
This month, Microsoft said the operation, dubbed Armageddon, persists with attempts to penetrate Ukraine's military, judiciary and law enforcement. Microsoft detected no damage, but that doesn't mean Russian cyber operators haven't gained undetected footholds.
That's where hackers hide until they are ready to pounce.
<\/body>","next_sibling":[{"msid":89569515,"title":"Foxconn, Vedanta to form joint venture to manufacture semiconductors in India","entity_type":"ARTICLE","link":"\/news\/foxconn-vedanta-to-form-joint-venture-to-manufacture-semiconductors-in-india\/89569515","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":89570377,"entity_type":"ARTICLE","title":"Tripwire for real war? Cyber's fuzzy rules of engagement","synopsis":"Now tensions are soaring over Ukraine with Western officials warning about the danger of Russia launching damaging cyberattacks against Ukraine's NATO allies. While no one is suggesting that could lead to a full-blown war between nuclear-armed rivals, the risk of escalation is serious.","titleseo":"telecomnews\/tripwire-for-real-war-cybers-fuzzy-rules-of-engagement","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":112,"shares":0,"engagementtimems":538000},"Alttitle":{"minfo":""},"artag":"AP","artdate":"2022-02-14 18:24:06","lastupd":"2022-02-14 18:29:45","breadcrumbTags":["cyberattacks","cybersecurity","Tripwire","internet","ransomware","cyber news"],"secinfo":{"seolocation":"telecomnews\/tripwire-for-real-war-cybers-fuzzy-rules-of-engagement"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-02-14" data-index="article_1">
- Telecom乐动扑克News
- 7分钟阅读
Tripwire真正的战争吗?网络参与的模糊规则
现在紧张飙升在乌克兰和西方官员警告俄罗斯发射破坏性的危险网络攻击对乌克兰的北约盟国。虽然没有人提议,可能导致核武器的竞争对手之间的全面战争,升级的风险严重。
读到
现在紧张飙升在乌克兰和西方官员警告俄罗斯发射破坏性的危险网络攻击对乌克兰的北约盟国。虽然没有人提议,可能导致核武器的竞争对手之间的全面战争,升级的风险严重。
不确定性的危险是横跨数码红线。网络攻击,包括那些削弱关键基础设施ransomware,多年来一直在上升,往往可以逍遥法外。目前尚不清楚如何严重的恶意网络运行状态的演员必须穿过阈值一种战争行为。
“规则是模糊的,”马克斯·史密兹说,欧洲网络冲突研究项目的主任。“目前还不清楚什么是允许的,什么是不允许的。”
美国和其他北约成员国已经严重威胁制裁俄罗斯如果派军队进入乌克兰。不清楚是否这些制裁,其副作用也可能损害欧洲,如果俄罗斯将会受到严重损害乌克兰关键的基础设施——电力、电信、金融、铁路——网络攻击的入侵。
如果西方严厉应对俄罗斯侵略,莫斯科可能报复北约国家在网络空间的强度和规模前所未有的。重大网络攻击美国的目标几乎肯定会引发肌肉反应。但是,较低的网络攻击?如果俄罗斯总统弗拉基米尔•普京(Vladimir Putin)限制他们北约成员国在欧洲?
根据第五条组织的条约,对其30个成员国的攻击被认为是对所有的攻击。但不清楚是要发动全面的网络报复。或多糟糕的攻击会引发报复北约最强有力的网络军队,由美国和英国。
网络空间非常不守规矩的。不存在军控条约来给国家支持的黑客栏杆,这通常是屏蔽,当通常很难快速情报收集属性网络攻击和入侵。这项技术是廉价和罪犯可以作为代理,进一步使得归因。自由职业者和黑客活动分子复合问题。
2015年,大国和其他人达成一组11自愿联合国国际网络行为规范。但是他们基本上被忽略了。只把乌克兰的俄罗斯帮助工艺电网离线,冬季和启动hack-and-leak操作干预2016年美国总统大选。
黑客现在大国冲突的一个核心组成部分。2016年,北约正式指定的网络冲突的“域”,与陆地、海洋和空气。
地方军事化的网络比普京为了更清楚乌克兰回到莫斯科的轨道。
对Serhii Demediuk,二号人物在乌克兰的国家安全与防务委员会上个月嘈杂的网络攻击是“全面的一部分俄罗斯乌克兰操作针对不稳定局势,针对爆炸我们的欧洲-大西洋集成和夺取政权。”
攻击破坏服务器在国家应急服务和汽车运输保险局恶意“雨刷”ransomware隐匿。损失最小,但消息发布数十名丑化政府网站上同时说:“害怕和期待最糟糕的。”
等攻击倾向于继续普京试图“降低”和“非法”相信乌克兰的机构网络安全公司CrowdStrike称在俄罗斯军事博客网络残骸在这个前苏联加盟共和国:冬天袭击在2015年和2016年电网NotPetya紧随其后,这让全球超过100亿美元的损失。
米歇尔•马尔可夫链,美国国务院的副协调员网络问题,认为“肌肉外交”是唯一的方式结束这种“不道德的,不道德的和不稳定的行为”。
但如何?与核武器,网络武器不能容易量化,验证和有限的条约。违规者也不容易被追究责任在联合国,不与俄罗斯和中国在安理会行使否决权。
“我们耽溺在泥潭多年来做出的违约责任,”邓肯·霍利斯说,圣殿法学教授、前国务院法律顾问。
成员支持联合国2015年5月的更新规范年代,进一步说明应该如何的范围:包括医院、能源、水和卫生、教育和金融服务。,几乎没有阻止说俄语的ransomware骗子被克里姆林宫至少容忍。也没有美国指控俄罗斯和中国国家的黑名单黑客和科技公司被指控协助他们帮助。
按照去年通过北约新政策后。游说,低层网络攻击的积累——远低于说,禁止在美国东海岸,足以引发第五条。但北约是模糊的一个转折点。
北约的教义转变之后的一对地震网络间谍的冲击——2020 SolarWinds供应链具有高度针对性的攻击俄罗斯,严重令华盛顿和不计后果的2021年3月Microsoft Exchange黑客归因于中国国家安全,引发了一场刑事黑客混战。
集群的大规模数据偷窃在2010年代中期归因于中国——从美国人事管理办公室,美国联合航空公司、万豪酒店、医疗保险国歌——国家安全造成严重创伤。和美国官员担心了十多年的竞争对手——俄罗斯特别是悄悄地“预置”足够的恶意软件在美国关键基础设施包括能源行业在武装冲突导致相当大的混乱。
作为回应,美国网络司令部发达2018年它所称的“持久的接触”战略来应对竞争对手谁”操作持续低于阈值的武装冲突削弱机构和获得战略优势。”
目的:否认敌人机会违反美国由操作系统“在相互联系的战场,在全球范围内,尽可能接近对手,”美国网络司令部总司令保罗曾经写道。
有时这意味着不仅穿透对手的网络还未经许可的盟友——,史密兹说,欧洲网络冲突分析。
假情报活动的定义也使“网络威胁。”No longer do they merely encompass malware like NotPetya or the the Stuxnet virus that wrecked Iranian nuclear centrifuges, an operation widely attributed to the U.S. and Israel and discovered in 2010.
在2018年美国中期选举,美国网络司令部暂时离线俄罗斯造谣轧机的关键。
大多数大国都相当于一个美国网络司令部防御和进攻的双重角色。
还活跃的恐怖分子,罪犯作为国家代理,是嫉妒的自由职业者和黑客活动分子的网络游击队白俄罗斯。
霍利斯比较当前混乱的网络时间19世纪早期在美国和欧洲海军太小他们经常依靠海盗船长们——现在我们知道他们——公海肮脏的工作。
与此同时,美国和其他北约伙伴帮助乌克兰站起来一个单独的网络军事单位,Demediuk乌克兰安全官员说。自2014年俄罗斯占领了克里米亚,北约已经紧密地和系统地协调网络行为与乌克兰,包括联合任务,他说。
去年11月,乌克兰暴露了八年被俄罗斯在克里米亚的FSB特工间谍行动涉及超过5000黑客未遂。主要目标:控制关键基础设施,包括电厂、供热和供水系统,乌克兰的国家通讯社说。乐动扑克
这个月,微软说,这次行动,被称为世界末日,坚持试图穿透乌克兰的军事、司法和执法。微软发现没有损伤,但这并不意味着俄罗斯网络运营商没有未被发现的立足点。
这就是黑客隐藏,直到他们准备好突袭。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动