Euan Birch, Security Operations Lead at Proact UK
Humans have been at war for 92% of the past 3,400 years. We have only been at peace for approximately 268 of those 3,400 years. That’s just 7 years out of 100. We define war as being a conflict with over 1,000 deaths, but now ‘war’ is surfacing in the digital arena, how do we describe it?
Cyber missiles are a game changer. Within the last 5 years Russia has used Ukraine as its cyber warfare test environment. And in 2015, 2016 and 2017 Russia was directly responsible for attacks on Ukraine’s electrical grids, elections and nuclear power plants. Attacks by Russia are offensive and state funded and they are ready for more.
The United States has also been linked with using allies and enemies as cyber test environments. They’ve been linked with attacks ranging from turning off Iran’s nuclear programme to disabling Iranian missile systems. Cyber command has a budget of $610 million with 5,000 military and civilian personnel employed to defend US interests in cyberspace.
From China to the Middle East, Russia to the US, and over to us in the UK, every country has taken an interest in offensive cyber security. Attacks between across country borders are now equivalent to spies during the cold war. This is the new frontier.
As a result the UN has reignited the debate on consequences for cyber acts of war. In 2013, the Tallinn Manual investigated this area and provided 154 rules to operate within current international law (but this was never legally binding). The UN hopes to change that. The Paris call for Trust and Security in Cyberspace aims to call together the states of the UN to set up those red lines and bring about cyber peace.
However, only 67 states signed the Paris call. The US, Russia and China chose not to. Cyber warfare is rife and every state is actively engaging in defensive measures (at the very least). They’re likely to take up offensive measures such as employing national citizens, military personnel or cyber mercenaries.
State actors may not be after you, but you are still as risk
Your organisation is not out of reach. The Proact SOC spots, investigates and responds to incidents from all over the world. We take proactive measures to help you understand your threat landscape and act on events and offer intelligence to help you secure your organisation against targeted attacks. We do this via our services including SIEMaaS, VAaaS and APaaS managed services.
Our experience in mitigating threats and attacks is the helping hand you need to secure your organisation.