This is something that has intrigued me since I first started investigating the concept of cyberwar, how exactly does a cyberwar start and more importantly (as with all wars), how does it end?
|SEATTLE: Cyber attacks such as Duqu, Stuxnet and Flame will inevitably hurt private companies and innocent people as well as governments, according to Microsoft Trustworthy Computing (TwC) corporate vice president Scott Charney.|
by Alastair Stevenson, 19 Jun 2012
Charney claimed that the very nature of the internet makes it difficult for governments to contain and reasonably react to cyber attacks.
"You see a lot of cyber espionage at the moment: Stuxnet, Duqu, Flame," said Charney.
"It's hard to tease apart military and civilian. In the real world it's easy to separate, but on the internet it's more difficult. Who's attacking and why are two things you don't know online."
Charney also warned that so-called cyber war looks set to escalate in the near future.
"Cyber is following the path of other domains like land and sea," said Charney.
"When people built ships and went to the sea, countries looked to conquer the sea to stop people attacking them, the same paradigm is true of space, the same paradigm is true of cyber."
Charney warned that the lack of division between the private and government sectors online could have disastrous consequences.
Specifically Charney noted that while large firms have increased attention and investment in security, industry as a whole is not prepared to handle co-ordinated attacks from government agencies.
The Microsoft TwC boss also highlighted the dangers faced by several private companies that manage key public services like power grids and water plants, where successful attacks could have real world consequences.
Looking to the future, Charney suggested that companies and governments should begin investing in automated computer detection systems capable of using big data to learn to detect network anomalies.
The vice president claimed such systems would help companies and governments counteract persistent and determined adversaries - commonly known as advanced persistent threats (APT).
F-Secure security chief Mikko Hypponen issued a similar warning during a press briefing about Flame in Helsinki earlier in June.
During his speech Hypponen went so far as to suggest that once the cyber war starts, a real world war will likely follow unless governments implement a new coherent cyber policy.