A quick survey of recent cyber news . . .
***
The New York Times had an interesting set of articles in its Room for Debate section. I’ve broken them out below:
Anup Ghosh opened with an article titled Trade War Versus Cyberwar, arguing that we must be careful to not conflate pervasive cyberexploitation (which he acknowledges is an “unprecedented campaign of state sanctioned trade warfare”) with cyberwarfare (or a destructive cyber component of real war).
Jody Westby believes that we need to adjust the LOAC framework for cyberwar.
Candace Yu argues that we should preserve flexibility and prescribe thresholds for action so that the president does not have to approve all cyber-offensive operations.
Chris Bronk writes on how hacking isn’t cyberwar, for now.
Finally, Martin Libicki writes on the subtleties of calling a cyberattack an act of war.
***
Aliya Sternstein reported for Nextgov regarding sequestration’s impact on CyberComm:
[T]he Pentagon will be devoting less attention and fewer staff to network security under spending cuts . . . Mandatory, across-the-board decreases in funding will spare the salaries of uniformed Cyber Command members, but many of those personnel will be focused on sequester planning rather than operations.
***
Extremely disturbing story from CBSNews and relayed via CNet: apparently an American engineer may have been murdered when he refused to deliver sensitive technology to the Chinese.
***
Foreign Policy’s Dam Blumenthal wrote on how to win a cyberwar with China. Something I was previously unaware of (from Blumenthal’s article, of course):
The U.S. Justice Department, in creating the National Security Cyber Specialists’ Network (NSCS) last year, recognizes the need for such an approach. The NSCS — consisting of almost 100 prosecutors from U.S. attorneys’ offices working in partnership with cyber-experts from the Justice Department’s National Security Division and the Criminal Division’s Computer Crime and Intellectual Property Section — is tasked with “exploring investigations and prosecutions as viable options for deterrence and disruption” of cyberattacks, including indictments of governments or individuals working on the government’s behalf.
There’s much more to the article, and I would recommend checking it out.
***
Joseph Menn & Jim Finkle report for Reuters on efforts to jump start talks on cybersecurity legislation. Notably, Rep. Rogers said that “negotiations with the White House on a new cybersecurity bill have resumed, and the two sides are not ‘that far apart.'”
Along similar lines, Computerworld’s Jaikuma Vijayan considers whether the return of CISPA is a cybersecurity boon or privacy threat.
Dave Frymier argues for Wired that the cybersecurity executive order is not enough.
***
Not really news, but Dan Vergano writes for USA Today on the link between Chinese cyberexploitation and China’s universities.
***
Finally, infosecurity takes a very interesting look at how Crowdstrike demonstrated its active defense technology by manipulating the Kelihos botnet.
Leave a Reply