Cyberwarfare and Aggressiveness in Cyberspace
-
Upload
jarno-limnell -
Category
Presentations & Public Speaking
-
view
474 -
download
1
Transcript of Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and aggressiveness in cyberspace
Jarno LimnéllProfessor, Cybersecurity, Aalto UniversityVP, Cybersecurity, Insta Group Ltd.Doctor of Military Science@JarnoLim
New Normal in Security:
Speed of ChangeUnpredictable Instability
Digital-Physical Complexity
Cyber is an element in all crisis and wars
Evolution – not revolution
Cybersabotage has begun to emerge in conflicts
“Cyberattack on German steel plant caused significant damage”
KINETIC CYBER
“A cyber attack on the French television network TV5 Monde”
FALSE FLAG ATTACKS
“The Dukes: 7 Years of Russian Cyber-Espionage”
STRATEGIC CYBER ESPIONAGE “Hackers breach the Warsaw Stock Exchange”
CRITICAL INFRASTRUCTURE
Russians (and others) are testing the boundaries of the cyberbattlefield.
Russia has a wide range of tools and resources, including the ability to carry out denial-of-service attacks, develop sophisticated malware and exploit previously unknown software vulnerabilities.
Russian cyber activities are focused mainly on intelligence gathering and military reconnaissance of critical infrastructure networks as advance work for a future conflict.”
Most worryingly, today’s intelligence operations enable tomorrow’s military actions.
according to new details from an extensive
investigation into the hack, they were
skilled and stealthy strategists who
carefully planned their assault over many
months, first doing reconnaissance to
study the networks and siphon operator
credentials, then launching a synchronized
assault in a well
Coordinated December 2015 attack on the Ukrainian electrical grid was clearly an attack on critical national infrastructure.
Motive?- Testing and research- Creating deterrence (send a public message)- Revenge (power outage earlier in Crimea)
OVERALL CYBER CAPABILITIES (scale 1-10 / offense, defense, dependence) *
State CyberOffense
CyberDefense
Cyber Dependence **
Total
Iran 4 3 5 12
Estonia 3 8 1 12
Great Britain 7 5 2 14
South Korea 6 5 3 14
North Korea 3 3 9 15
Germany 7 7 2 16
Israel 8 6 3 17
United States 10 5 2 17
China 8 5 4 17
Russia 8 8 3 19
* Analysis is based on information in different public sources* Dependence is a reverse score (more dependent means more vulnerable)
Jarno Limnéll
Kyberturvallisuuden kokonaisuus
9
9
Digital security integral part of today´s security:Dependence increases and
More sophisticated capabilities being developed.
The speed of cyber attacks and their sophistication has changed dramatically.
Cybersecurity =Protecting our societies, our
businesses and our way of life
“Russia and China are the most sophisticated nation-state actors in the new generation of cyberwarfare, and Russian hackers lead in terms of sophistication, programming power and inventiveness.”
Digital-PhysicalInteraction
States consider cyber capabilities as an integral part of operational military capability and are not afraid to
employ them.
How to integrate cyber capabilities to other capabilities
Innovation and people
Talented Individuals – Who will have and educate them in constantly changing security?
Most valuable skills for cybersecurity career in next years might not be a focus in
specific technology, but ability to understand big picture.
From Technology- and Control-centric to
Humancentric Cybersecurity
Future cyberwarfare is less hacking power grids and more "hacking minds" by
shaping environment in which political reality takes place.
Cyberpolitics
Trend:The world is moving towards a greater strategic use of cyber
capabilities to persuade adversaries to
change their behavior.
Beginning – End
Our side – Their side
Military – Civilian
Involved – Not-involved
Win – Lose
Violence – Non-violence
Dichotomies are blurring
SECURITY INSECURITY
The lines between cyber activists, criminals and state-paid hackers are becoming increasingly blurred.
1) Defend own networks – improving quality in all member states2) Increase education and training
3) Raise general cyber resilience to new level4) Mindset-change: J6 J3 (plans and operations)
5) Develop situational awareness and information sharing6) Strenghten Alliance´s cyber deterrence
7) Support cyber innovations (defence, intel, offense)8) Combine cyber and physical capabilities and operations
9) Rethink Article 510) Cyberpolitics – to response Russia´s aggressive behavior in cyber domain
Jarno Limnéll
Thank you
“It is not the strongest species that survive, nor the most intelligent, but the ones responsive to change.” - Charles Darwin