|By Bob Gourley||
|January 1, 2013 10:50 PM EST||
I can already hear the chuckling. “Cyber warfare? Balanced? And I’d like partisanship in Washington to end, a double date with Mila Kunis and Scarlett Johansson, and some fries with that!” Yes, my desire is utopian, but the fact that I would have to qualify it with a self-deprecating remark suggests the distance that we have yet to travel before we can get more value out of our present conversation on the topic of cyber warfare.
First, let’s start with the unfortunate fact that little is really new. As CTOVision head honcho Bob Gourley notes, we’ve had so many “cyber wake up calls” as to render the phrase meaningless. If these are wake-up calls, someone keeps hitting the snooze button. We know that our SCADA systems are vulnerable, and have been vulnerable for a while. We know that air-gapping will not protect our systems, and that our systems can be attacked through their subsystems. We also understand that espionage and covert operations pose a fundamental attribution problem worsened by the fact that investigation requires cooperation from governments with something to hide. Anonymous and other decentralized hacking collectives? Predicted and analyzed 20 years ago. Finally, we also (should) get that everything from vendors to human psychology provides a multitude of attack surfaces for a potential attacker. Clearly, we’ve had plenty of forewarning for the calamities we’re suffering and have yet to suffer.
But knowing is unfortunately not, as I learned from watching GI JOE cartoon shows, half the battle. On one hand, much cyber warfare conversation these days boils down to endless repetition of civilization-destroying “cyber-doom” scenarios involving genius hackers that never face intelligence, targeting, and weapon customization problems inherent in any kind of attack capable of causing meaningful kinetic damage. That might be what James Bond faces in Skyfall, but it’s not a realistic idea of the future threat. Cyberhype is endemic, and clouds meaningful assessment of dangers and the resources necessary to combat the problem. Much of what we know in other fields about the dynamics of coercion is completely overlooked in even sound technical assessments that neglect the motives and politics of potential attackers. Attribution, for example, is variable upon an actor’s desire to coerce vs. steal or damage. But while cyber-doom is not on the horizon, attention to the intersecting fields of cyber warfare, cyber conflict, and the broader issues of cyberpower yields some discomforting realizations.
For starters, the line between espionage and warfare is never clear to policymakers in practice. Solar Sunrise occurred in the middle of a standoff between the United States and Iraq, and policymakers faced uncertainty over whether the intrusion was part of the geopolitical drama. Long range cyber-reconnaissance can identify weak points. The ability to cause damage to civilian and military infrastructure may not coerce on its own but can cause cumulative damage when combined with other sources of national power. Zero-day markets and a vigorous underground may not challenge the dominance of custom-designed single shot weapons built by states but add an unstable element to the mix. Knowledge that one’s networks are vulnerable to other powers may help tilt the overall balance in larger peacetime strategic competitions. While no piece of malware has yet killed anyone, military cyberpower has helped states coordinate and employ fearsome conventional weapons.
Stuxnet, while unique, also is at times underrated. As Jason Healey noted, Stuxnet had features of autonomy and mirrors an environment in which computational agents are delegated increasingly broad cognitive powers. The way we make war often mirrors the way we make wealth, and future cyberweapons are being dreamt up in an environment characterized by the rise of a “Second Economy” built on a vast and increasingly automatic infrastructure. Cyberspace, once the humble child of the 19th century telegraphic revolution, is increasingly conquering almost every aspect of everyday life and even reaching inside the human body. It’s not surprising that many cybersecurity ideas are drawn from science fiction, even if they often mislead. Science fiction is, after all, a vehicle for commenting on destabilizing changes in the present.
The ground is shifting. DARPA’s Plan X heralds the rise of military-industrial cyber weapon complexes with streamlined cyberweapon acquisition and deployment, and potentially new kinds of cyber weapons that move beyond the network base of contemporary cyber offense and defense. Trends in computing may shift towards biological and analog computing, complicating current technical assumptions. Big data as a form of cyberpower can aid in uncovering patterns of vulnerability that targets may be entirely unaware of. New methods of password cracking challenge old assumptions about password strength and the user vector for targeting. Finally, if the operational repertoire of cyber warfare in and of itself is limited, cyberpower’s capacity to intersect with other operational environments and modify their features makes attack endlessly customizable.
The idea that the offense is dominant should be held to rigor. But so is the idea that eternal principles of cyber conflict and geopolitics can be derived from the study of an extremely limited set of cases. History is important, and is sadly overlooked in the information security and warfare fields. The Cyber Conflict Studies Association, thankfully, is seeking to remedy this. Certain essential aspects of security and war never change, and a disruption-focused tech industry ignores this at its own peril. But assumptions based on modern Internet Protocol technologies will fail to be of strategic value when attackers bypass them or the technologies change. Want an example? Take a gander at the vulnerabilities inherent in your own car. The answer is not an “everything is new” attitude, but a richer and more detailed effort to think about what precisely cyberspace is. A solid understanding of cyberspace, separate from the domination of any one kind of technology, can not only inform about the nature of cyberpower and cyber threat but also hedge against technological change. That conversation is far from finished, and hopefully 2013 will auger a more useful debate about war and other forms of conflict in cyberspace.
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Aug. 28, 2015 11:30 PM EDT Reads: 822
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of ...
Aug. 28, 2015 07:45 PM EDT Reads: 171
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
Aug. 28, 2015 06:00 PM EDT Reads: 311
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Trel...
Aug. 28, 2015 03:45 PM EDT Reads: 168
WSM International, the pioneer and leader in server migration services, has announced an agreement with WHOA.com, a leader in providing secure public, private and hybrid cloud computing services. Under terms of the agreement, WSM will provide migration services to WHOA.com customers to relocate some or all of their applications, digital assets, and other computing workloads to WHOA.com enterprise-class, secure cloud infrastructure. The migration services include detailed evaluation and planning...
Aug. 28, 2015 03:01 PM EDT
A producer of the first smartphones and tablets, presenter Lee M. Williams will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. In his session at @ThingsExpo, Lee Williams, COO of ETwater, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ET...
Aug. 28, 2015 02:00 PM EDT
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of tech...
Aug. 28, 2015 12:30 PM EDT Reads: 146
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
Aug. 28, 2015 12:00 PM EDT Reads: 195
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
Aug. 28, 2015 11:30 AM EDT
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and data out of the United States and away from prying (and spying) eyes. Its solution automatically builds you a clean, on-demand, virus free, new virtual cloud based PC outside of the United States, and wipes it clean...
Aug. 28, 2015 09:45 AM EDT Reads: 335
U.S. companies are desperately trying to recruit and hire skilled software engineers and developers, but there is simply not enough quality talent to go around. Tiempo Development is a nearshore software development company. Our headquarters are in AZ, but we are a pioneer and leader in outsourcing to Mexico, based on our three software development centers there. We have a proven process and we are experts at providing our customers with powerful solutions. We transform ideas into reality.
Aug. 28, 2015 04:45 AM EDT Reads: 438
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
Aug. 28, 2015 03:00 AM EDT Reads: 356
The Internet of Things (IoT) is about the digitization of physical assets including sensors, devices, machines, gateways, and the network. It creates possibilities for significant value creation and new revenue generating business models via data democratization and ubiquitous analytics across IoT networks. The explosion of data in all forms in IoT requires a more robust and broader lens in order to enable smarter timely actions and better outcomes. Business operations become the key driver of I...
Aug. 28, 2015 12:30 AM EDT Reads: 352
SmartBear Software has updated its API tools, ServiceV for API service virtualization and LoadUI NG for API load testing, to accelerate development and testing processes in Agile teams. Updates to ServiceV enable software teams to rapidly build advanced mocks from real-time API traffic and quickly switch between virtualized “mock” services and actual APIs during diagnostic, load or integration testing in the continuous delivery lifecycle.
Aug. 21, 2015 11:00 AM EDT Reads: 311
Learn how you can use the CoSN SEND II Decision Tree for Education Technology to make sure that your K–12 technology initiatives create a more engaging learning experience that empowers students, teachers, and administrators alike.
Aug. 14, 2015 04:15 PM EDT Reads: 534
The amount of data processed in the world doubles every three years and a global commitment to open source technology is the way to handle this growth. An open technology approach fosters innovation through massive community involvement and impedes expensive vendor lock-in. This benefits buyers as markets remain more competitive. In doing so, open standards and technologies also allow for market hypergrowth, and this is the key to handling the growth of data. A doubling every three years ...
Aug. 14, 2015 11:00 AM EDT
SYS-CON Events announced today that VividCortex, the monitoring solution for the modern data system, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The database is the heart of most applications, but it’s also the part that’s hardest to scale, monitor, and optimize even as it’s growing 50% year over year. VividCortex is the first unified suite of database monitoring tools specifically desi...
Aug. 12, 2015 02:30 PM EDT Reads: 414
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 17th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships at Com...
Aug. 12, 2015 12:00 PM EDT Reads: 416
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Aug. 11, 2015 10:17 AM EDT Reads: 492
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Aug. 3, 2015 11:00 PM EDT Reads: 886