[BreachExchange] How do we stop cyber weapons from getting out of control?

Mon Dec 21 21:06:05 EST 2020

https://www.zdnet.com/article/how-do-we-stop-cyber-weapons-from-getting-out-of-control/

It's vital that all countries follow international rules and norms if
deploying cyber weapons, but some nation states aren't being responsible
when it comes to how they use cyber powers, some of the UK's top
intelligence and cyber chiefs have warned.

In a rare joint appearance in public at Chatham House, Jeremy Fleming,
director of GCHQ, the UK's intelligence and security organisation, and
General Sir Patrick Sanders, commander of UK Strategic Command, which leads
on the cyber domain for the military, detailed how cyberspace is becoming
an increasingly important area of military operations and international
relations.

The discussion involving the two intelligence officials came just weeks
after the UK announced the National Cyber Force, a new offensive unit to
take on and disrupt activity by cyber criminals and nation-state hacking
operations.

"The domain is changing very quickly and we need now as a nation to be
building out from our defensive posture to take advantage of all those
benefits that come from technology, but also be able to contest
cyberspace," said Fleming.

"To be a responsible cyber power, we need to defend the digital homeland,
we need to be able to disrupt and compete in cyberspace and we need to do
that in accordance with international law and internationally agreed
norms," he added.

Cyberattacks and hacking campaigns have become an increasingly common part
of how countries attempt to gather intelligence – and the discussion took
place just as it was revealed that Russian intelligence services were
behind a large hacking campaign that compromised departments across the US
government.

"The thing that's changed for me most is the intensity and the range and
the scale. And cyberspace is now not only the most contested domain that we
operate in but it's one where there's a state of permanent perpetual
confrontation," said Sanders.

"Cyberspace has become a domain of operations. And so we have to, when
we're thinking about military operations, be able to exploit cyberspace,
defend ourselves in cyberspace and crucially integrate effects of
cyberspace with what we do on land, air and sea – and in space," he added.

Both intelligence chiefs pointed out that while the use of cyber weapons is
increasingly on the agenda for the UK – and they've already been deployed –
it's important that they're used appropriately.

"When we apply force in cyberspace we're guided by the same principals as
when we use kinetic force; military necessity, proportionality,
discrimination and humanity," said Sanders.

"So the idea we'd construct some kind of a cyber weapon of mass
destruction... and use that indiscriminately is directly counter to
international law... but it's contrary to our values and it's
counter-productive. We're trying to establish norms in cyberspace."

The world has already seen the unintended consequences of what happens when
cyber weapons get out of control; May 2017's WannaCry ransomware attack
encrypted networks around the world and was followed just weeks afterwards
by NotPetya wiping networks of organisations around the world – both used
the same EternalBlue vulnerability that formed part of a leaked NSA hacking
tool.

North Korea was found to have launched WannaCry while the NotPetya attack
has been attributed to the Russian military. Both attacks were designed to
be self-perpetuating – and both are likely to have spread further out of
control than those behind them would've liked.

"In those consequences, what we saw were tools that self-proliferated in a
way that I am sure the states behind them had not intended. The question is
how do we stop that sort of thing happening?," said Fleming.

"The way in which we think about capability and the way in which we plan
operations, the legal and statutory and oversight behind us mean we have a
very different starting point to those states that have released those sort
of capabilities. I'm aware of no responsible state that is designing tools
that are self-proliferating in that way," he added.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20201221/9eb1d159/attachment.html>