Expert: Rogue States Haven't Been This Aggressive Since Pirates Roamed The Seas

Rogue states feel emboldened to take action against companies and countries in a way that hasn't been seen since pirates roamed the seas, one cybersecurity expert said.

Countries such as China, Russia and Iran have begun treating American multinational companies as though they were other nations subject to attack, according to Bryan Cunningham, executive director of UC Irvine's Cybersecurity Policy and Research Institute.

This is a prospect the world hasn't seen since the early 19th century, Cunningham said when nations were hiring pirates and turning them into privateers to attack the private shipping of other countries.

Specifically, Cunningham said rogue states feel like offensive cyber-activity is their right and part of the way they can compete with first-world military powers.

id
unit-1659132512259
type
Sponsored post

[Related: Black Hat 2018: 10 Execs On The Top Cybersecurity Threat America Faces Around The 2018 Midterm Elections]

"Bad stuff is coming, and a lot of the trends that lead to it are already under way, and probably at this point unstoppable," Cunningham said during XChange University: IT Security, hosted by CRN parent The Channel Company.

The situation is inflamed, Cunningham said, by an almost complete lack of rules in both national security law and international law as to what activities in cyberspace are or aren't permissible for countries to do to one another and to private companies. Without any commonly understood rules of the road, he said nations run the risk of having a misunderstanding around what activity is permissible lead to war.

Even smaller companies in sectors such as banking find themselves being threatened due to a lack of protection around critical infrastructure, according to Richard Duman, vice president of sales at Fort Lauderdale, Fla.-based Secnap Network Security.

Solution providers can help, Duman said, by hardening the network through activities such as assessments and patching. They need to ensure that their customers’ cybersecurity strategy goes beyond mere compliance and addresses critical areas such as keeping up with patching or vulnerability scanning, according to Duman.

"This resonates a lot with what we're doing," Duman said.

Nations that engage in offensive cyber-activity against the U.S. need to face consequences that are significant enough to serve as a deterrent going forward, Cunningham said.

"Our government has got to do something that tells Russia and China and Iran and others to quit messing with us," Cunningham said Wednesday at the JW Marriott Hill Country in San Antonio. "My sense is we haven't done anything to tell anyone including [Russian President Vladimir] Putin that we're not going to put up with it anymore."

The most immediate offensive cybersecurity threat facing the U.S. is the hacking of elections, although Cunningham cautioned that it would be close to impossible for a foreign government to come in and actually change enough votes electronically to influence an election.

Even though it's relatively easy to hack pretty much any voting machine, Cunningham said the lack of networking among election systems in the U.S. means that bad actors would need to, in advance, anticipate every precinct that's going to be decisive in an election and position human agents accordingly. This could be a serious threat in the future, but Cunningham doesn't see it as one today.

Bad actors, though, can and probably will break into state and county election board records and weaponize them to create chaos, Cunningham said. This could result in a situation where a person shows up to the voting booth and the manipulated records indicate either that they aren't registered to vote or that they've already voted, according to Cunningham.

In addition, Cunningham said DDoS attacks could interrupt the dissemination of election information from the various election boards into new reporting agencies, which he said could slow things down and sow frustration. In sum, Cunningham said the goal is to undermine confidence in the idea that the candidate most Americans voted for will actually be declared the winner of the election.

Even more dangerous, though, is the increased boldness of the Russians to harness the power of social media and news to try and conduct propaganda and disinformation campaigns, Cunningham said. Although Russia has attempted to disseminate propaganda for more than a century, Cunningham said its ability to weaponize the internet has made it far more powerful and far more successful.

Cunningham cautioned against modernizing the voting system too fast, pointing to the decision by the Netherlands to remove all of its electronic voting machines and go back to paper ballots as a possible course of action. Although paper ballots caused problems in the 2000 U.S. presidential election with hanging chads, Cunningham said they at least have the benefit of not being vulnerable to attack.

All told, Cunningham said the world hasn't faced a situation since the days of the pirates and privateers where so much of a nation's critical infrastructure is in the hands of the private sector.

"Collectively, if we don't protect our assets, that can become a national and economic security threat, because our assets can be taken over and used to launch DDoS and other attacks," Cunningham said.