The London Stock Exchange for meetings with the Commander of the United States Cyber Command 15. 07. 2015 |
by Kudakwashe Kanhutu
I have often wondered if it is possible, no, I have often hoped that it is possible to have enough information about the principles of a particular field that you no longer need to add to your stock and can, on the basis of this stock, cogently discuss any new permutations in the field. I am going to test this hope (empirically) by, without looking at a book, webpage, journal, video or audio clip, write all I currently know about the Cyber (Security) Domain; then, tomorrow, after meeting the National Security Agency (NSA) Director and Commander of the United States Cyber Command, I will write, for want of a better word, a de-briefing of the current state of the field. I will then measure the distance between what I thought I knew and what I will have learnt from tomorrow's discussion. If the distance is too vast then I must conclude, in despair, that we are all in exactly the same situation as Sisyphus.
The State of the Cyber Environment
Wherever human beings live and operate, challenges and opportunities exist. I have no charts or graphs to show you here but, because human beings live on land, land warfare (a challenge) is the most predominant form of warfare. The benefits (opportunities) of land to humans need not be listed - it's our natural habitat. Adjunct environments such as Sea, Air and Space are then used either to support the waging of (land) warfare, or enjoying the benefits of our habitat. To these natural environments - Sea, Land, Air and Space - human ingenuity has added another one - Cyber!
The Cyber environment, properly conceived, is just an adjunct that helps humans perform their tasks better: I am communicating my ideas to you from the comfort of my bed when previously I would have gone to a library, typed my thoughts, printed them, then snail mailed them to the national paper, wait to see if they may be published and, even then, if you did not buy the paper that day, you would have still missed all this I am writing right now (which would probably not have been necessarily a tragedy!). The point is, the cyber domain makes a lot of things easier. This convenience, however, comes with potent challenges. As the (physical) Critical Infrastructure Network (CNI) - health system, roads, national grids, railways, aviation, military command and control - all now rely on the cyber environment for their smooth operation, a potent vulnerability thus exists.
The oft quoted possibility is that of a hacker being able to disrupt Air Traffic Control to the extent that aircraft will collide into each other. For busy airports like Heathrow, where planes land every 3 minutes, this will be a nightmare of epic proportions with, in addition to the loss of life, serious knock on effects to the economy. The same scenario would have the most negligible effects on an airport in Swaziland where under 10 aircraft land on a busy day. This is also very pertinent to the cyber security environment - with greater interconnectivity comes greater threats and disruptions. Another (remote) possibility is that a hacker could launch a country's missiles against a nuclear armed state and thus hasten Armageddon. The essence is that, activity in the Cyber Domain now has real world consequences, to the extent that if cyber assets of Country A are damaged by Country B, the understanding is that Country B reserves the right to strike back with all its Land, Sea, Air and Space Forces.
What is still notoriously elusive in the Cyber Domain is the ability to attribute a cyber attack to the right culprit.
No comments:
Post a Comment