- tl;dr sec
- Posts
- How to Start a Cyber War: Lessons from Brussels-EU Cyber Warfare Exercises
How to Start a Cyber War: Lessons from Brussels-EU Cyber Warfare Exercises
Chris describes her experiences running a workshop in Brussels with diplomats from various EU countries in which they collectively worked through a number of cyberwarfare-type scenarios.
This talk was a fascinating discussion of the interactions between technology, computer security, economics, and geopolitics.
Cyber War Scenarios
Scenarios discussed included:
A leak from an embassy staff family member
A breach from an intelligence agency mixed with a splash of extortion & tool leakage
Attacks against critical infrastructure across the EU and NATO members causing mass casualties
I highly recommend listening to these scenarios. They’re interesting, realistic, and demonstrate how intertwined technology, politics, and intra/international economies are. In security, we often focus on only the technical aspects. This talk is a great wake-up call to the broader implications of our field.
Elements of these scenarios are based on a combination of events that have actually happened as well as incidents that could feasibly occur.
For each scenario, attendees had to make tough decisions on how to respond. Should what occurred be considered “cyber warfare”? Should their country respond by doing nothing, rebuking the events, recalling or dismissing their diplomats from the responsible country, declare solidarity with the victims, hack back, declare war, deploy nukes, some combination of these, something else?
How It Worked
Teams were switched between each scenario and given a different team advisor.
One thing that scared Chris was that there was no scenario in which everyone was able to come to a unanimous consensus. When attendees were broken up into smaller teams, though, they generally could come to a consensus.
The key takeaway was the importance of preparation. Many of the attending member states hadn’t done much preparation for these types of scenarios and hadn’t thought through what domino effect could occur.
For example, attacks on gas infrastructure could cause gas shortages, which if severe enough, could lead to police or ambulances not being able to respond to emergencies when needed.
Now when I last visited NATO headquarters in Brussels, I warned them, that if they didn’t get their defense spending up to 2% of their GDP…
Now is the time for Europe to stand on its own two feet. American blood will not be spilled.
AI in Warfare
Many countries are investing heavily in machine learning and AI, which will likely have huge impacts on warfare in the future.
Image/facial recognition, natural language processing, sentiment analysis, and other areas all have military applications.
We may see a future in which algorithms created by algorithms are deciding between life and death.
Conclusions
These types of scenarios are already occurring. They have happened, and will happen again in the future.
Many times dealing with these types of events takes friends. Do you know who your friends are? One of the problmes in the EU right now is they’re unsure.
Making assumptions that other people will take care of security doesn’t work.
Assumptions are starting to kill people now.
Questions
The Q&A section was really interesting. Here are a few of the parts that stuck out to me.
Do you think cyber war in a conflict would be different than the low grade cyber war that happens every day?
Yes, in the way it would be executed, among other things.
About 6 months before any Russian boots were seen in the Crimean region, a researcher out of Ukraine found that a bunch of smart TV systems were being controlled by someone else, and channels were being switched to pro-Russian propaganda stations. They were trying to build support of Russia and specifically targeted the Crimean population.
On international jurisdiction
One challenge is that many EU nations disagree about jurisdiction during investigations or events that cross borders. Sometimes when you want to go after someone you can’t, which is a huge problem.
The EU actually leans heavily on the FBI to come out for major events.
The FBI assists with evidence collection, sorting out jurisdiction issues, helps with attorneys, puts pressure to try to extradite people, and is effective at getting proof/evidence from various countries. The FBI has significant valuable expertise.
The U.S. government shutdown has caused a problem for other countries, in that U.S. government agencies haven’t been able to help as they otherwise would.
How much of a problem will Brexit be?
A huge problem. Brexit is taking away the biggest military from the EU. If they also leave the Five Eyes, this will cause other member nations to lose valuable intelligence info.
We’re already seeing these effects now - they couldn’t come to an agreement on a border in Ireland so last week there was a car bomb.