【“反对与严惩”是抗击网络犯罪的关键】

【“反对与严惩”是抗击网络犯罪的关键】

近日,一些机构又遭遇了物联网僵尸网络病毒Mirai的攻击。联邦机构报告中显示,从2005至2015年,网络犯罪事件增长率竟高达1300%。网络攻击很难从根源上杜绝,但并不意味着可以被放任。网络专家呼吁应建立完备的网络安全法规,严惩网络犯罪者,同时提升自身的数据保护意识,开发0漏洞的产品。

【链接】http://www.dailymail.co.uk/sciencetech/article-4029802/Cyber-war-set-escalate-Experts-say-denial-punishment-key-battling-cybercrime-epidemic.html

Cyber war set to escalate: Experts say 'denial and punishment' are key to battling the cybercrime epidemic

  • There are two main principles of deterrence: denial and punishment
  • We must convince attackers they won't succeed and that there are punishments
  • To achieve these results, Dorothy Denning suggests three measures   
  • Improve cybersecurity, employ active defenses and instill norms of cyberspace

Cyberattackers pose many threats to a wide range of targets.

Russia, for example, was accused of hacking Democratic Party computers throughout the year, interfering with the U.S. presidential election.

Then there was the unknown attacker who, on a single October day, used thousands of internet-connected devices, such as digital video recorders and cameras compromised by Mirai malware, to take down several high-profile websites, including Twitter.

Scroll down for videos 

Deterrence focuses on making potential adversaries think twice about attacking, forcing them to consider the costs of doing so, as well as the consequences that might come from a counterattack

Deterrence focuses on making potential adversaries think twice about attacking, forcing them to consider the costs of doing so, as well as the consequences that might come from a counterattack

CYBER DETERRENTS  

There are two main principles of deterrence.

Denial involves convincing would-be attackers they won't succeed.

The second is punishment, which involves making sure these criminals know they will be severely punished for their crimes.

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defenses and establish international norms for cyberspace.

The first two will significantly improve our cyber defenses so that even if an attack is not deterred, it will not succeed.

Cybersecurity aids deterrence primarily through the principle of denial.

It stops attacks before they can achieve their goals.

This includes beefing up login security, encrypting data and communications, fighting viruses and other malware, and keeping software updated to patch weaknesses when they're found.

But even more important is developing products that have few if any security vulnerabilities when they are shipped and installed.

From 2005 to 2015, federal agencies reported a 1,300 percent jump in cybersecurity incidents.

Clearly, we need better ways of addressing this broad category of threats.

Some of us in the cybersecurity field are asking whether cyber deterrence might help.

Deterrence focuses on making potential adversaries think twice about attacking, forcing them to consider the costs of doing so, as well as the consequences that might come from a counterattack.

There are two main principles of deterrence.

The first, denial, involves convincing would-be attackers that they won't succeed, at least without enormous effort and cost beyond what they are willing to invest.

The second is punishment: Making sure the adversaries know there will be a strong response that might inflict more harm than they are willing to bear.

For decades, deterrence has effectively countered the threat of nuclear weapons.

Can we achieve similar results against cyber weapons?

Nuclear deterrence works because few countries have nuclear weapons or the significant resources needed to invest in them.

Those that do have them recognize that launching a first strike risks a devastating nuclear response.

Further, the international community has established institutions, such as the International Atomic Energy Agency, and agreements, such as the Treaty on the Non-Proliferation of Nuclear Weapons, to counter the catastrophic threat nuclear weapons pose.

Cyber weapons are nothing like nuclear ones.

They are readily developed and deployed by individuals and small groups as well as states.

They are easily replicated and distributed across networks, rendering impossible the hope of anything that might be called 'cyber nonproliferation.'

There are two main principles of deterrence. First convince hackers they will not succeed in their attacks and the second is letting them know they will be severely punished for their crimes when they are caught

There are two main principles of deterrence. First convince hackers they will not succeed in their attacks and the second is letting them know they will be severely punished for their crimes when they are caught

MASSIVE HACK TAKES DOWN HUNDREDS OF WEBSITES

A massive co-ordinated series of cyber attacks forced hundreds of major websites including Amazon and Twitter offline Friday - and some fear the security breach could be 'practice for election day'.

WikiLeaks believes its supporters were responsible and urged them to 'stop taking down the US internet', saying: 'Mr Assange is still alive and WikiLeaks is still publishing.'

The massive co-ordinated series of cyber attacks has forced hundreds of major websites from Amazon to Twitter offline across the globe - and WikiLeaks believes its supporters are to blame

 A hacker used thousands of internet-connected devices, such as digital video recorders and cameras compromised by Mirai malware, to take down several high-profile websites, including Twitter

It then tweeted: 'The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate.'

The Ecuadorian government switched off Assange's internet service in its UK embassy Sunday after he released another tranche of emails showing the contents of a speech given by Hillary Clinton to Goldman Sachs.

WikiLeaks accused John Kerry and the US Government of asking Ecuador to shut down Assange's internet connection, but the South American country denied it came under any pressure from the US or any other government.

The Department of Homeland Security has already launched an urgent investigation into Friday's crash, amid claims it could be a precursor to an attempt to disrupt the US Presidential election further.

The White House called the disruption malicious and a hacker group claimed responsibility, though its assertion couldn't be verified.

Cyber weapons are often deployed under a cloak of anonymity, making it difficult to figure out who is really responsible.

And cyberattacks can achieve a broad range of effects, most of which are disruptive and costly, but not catastrophic.

This does not mean cyber deterrence is doomed to failure.

The sheer scale of cyberattacks demands that we do better to defend against them.

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defenses and establish international norms for cyberspace.

The first two of these measures will significantly improve our cyber defenses so that even if an attack is not deterred, it will not succeed.

Cybersecurity aids deterrence primarily through the principle of denial.

It stops attacks before they can achieve their goals.

This includes beefing up login security, encrypting data and communications, fighting viruses and other malware, and keeping software updated to patch weaknesses when they're found.

But even more important is developing products that have few if any security vulnerabilities when they are shipped and installed.

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defenses and establish international norms for cyberspace. The first two of these measures will significantly improve our cyber defenses so that even if an attack is not deterred, it will not succeed

There are three things we can do to strengthen cyber deterrence: Improve cybersecurity, employ active defenses and establish international norms for cyberspace. The first two of these measures will significantly improve our cyber defenses so that even if an attack is not deterred, it will not succeed

The Mirai botnet, capable of generating massive data floods that overload internet servers, takes over devices that have gaping security holes, including default passwords hardcoded into firmware that users can't change.

While some companies such as Microsoft invest heavily in product security, others, including many Internet-of-Things vendors, do not.

Cybersecurity guru Bruce Schneier aptly characterizes the prevalence of insecure Internet-of-Things devices as a market failure akin to pollution.

Simply put, the market favors cheap insecure devices over ones that are more costly but secure.

His solution? Regulation, either by imposing basic security standards on manufacturers, or by holding them liable when their products are used in attacks.

When it comes to taking action against attackers, there are many ways to monitor, identify and counter adversary cyberattacks.

These active cyber defenses are similar to air defense systems that monitor the sky for hostile aircraft and shoot down incoming missiles.

Network monitors that watch for and block ('shoot down') hostile packets are one example, as are honeypots that attract or deflect adversary packets into safe areas.

'TENS OF MILLIONS' OF SMART HOME GADGETS IN BOTNET

Dyn, the firm at the center of the attack, said it believed tens of millions of IP addresses were being using at the attacks peak to disrupt its systems.

It described the events as a 'very sophisticated and complex attack.'

Dozens of different systems were believed to have been used.

One the the techniques used was a botnet powered by popular malware known as Mirai.

This was released by hackers just a few weeks ago, sparking fears it could lead to a major attack such as today's.

 

It is capable of using ‘internet of things’ (IoT) devices, such as the plethora of smart home gadgets, which can be used to bombard websites with requests, overloading them and effectively shutting them down.

In previous attacks using it,  security cameras and DVRs in homes and offices around the world have been used.

'We are seeing attacks coming from a number of different locations.

'We're seeing attacks coming from an Internet of Things botnet that we identified called Mirai, also involved in this attack,' Dale Drew, chief security officer at Level 3 Communications, said on a livestream on Friday afternoon.

There, they do not harm the targeted network, and can even be studied to reveal attackers' techniques.

Another set of active defenses involves collecting, analyzing and sharing information about potential threats so that network operators can respond to the latest developments.

For example, operators could regularly scan their systems looking for devices vulnerable to or compromised by the Mirai botnet or other malware.

If they found some, they could disconnect the devices from the network and alert the devices' owners to the danger.

 

Active cyber defense does more than just deny attackers opportunities.

It can often unmask the people behind them, leading to punishment.

Nongovernment attackers can be shut down, arrested and prosecuted; countries conducting or supporting cyberwarfare can be sanctioned by the international community.

Currently, however, the private sector is reluctant to employ many active defenses because of legal uncertainties.

The Center for Cyber and Homeland Security at George Washington University recommends several actions that the government and the private sector could take to enable more widespread use of active defenses, including clarifying regulations.

Finally, international norms for cyberspace can aid deterrence if national governments believe they would be named and shamed within the international community for conducting a cyberattack.

DID RUSSIAN HACK HILLARY’S EMAILS?

President Barack Obama took a slap at Donald Trump on Monday over his assertions that 'no one really knows' who hacked Democrats before the election or why.

The departing president smacked Trump for urging the Kremlin to 'hack Hillary's emails so that we can...confirm our conspiracy theories.'

He took aim at the public next, scolding voters for their 'obsession' with stolen emails Wikileaks put out in the final weeks of the presidential campaign that were obtained through a hack on a senior Clinton aide's personal account.

Earlier in the day Obama's spokesman let loose on Trump in his daily briefing. He also accused the president-elect of willful ignorance.

 

'He called on Russia to hack his opponent. He called on Russia to attack Secretary Clinton,' Josh Earnest said. 'So, he certainly had a pretty good sense of which side this activity was coming down on.'

Earnest and Obama were referring to Trump's plea at a July rally that the Kremlin look for Clinton's deleted emails next after it was revealed that top Democrats had been hacked, likely by Russia.

'Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing,' Trump said. 'I think you'll be rewarded mightily by our press!'

Democrats hit him for encouraging foreign espionage.

'The president-elect in some of his political events, specifically said to the Russians, "Hack Hillary’s emails so that we can finally find out what’s going on and confirm our conspiracy theories," ' Obama claimed in a Monday interview with the Daily Show's Trevor Noah.

The U.S. president said he still doesn't understand why illegally obtained emails from Democratic officials, released online just before the party's nominating convention, and a related hack on Clinton campaign chairman John Podesta's account received more attention than revelations that Russia ordered the intrusion.

The U.S. brought charges in 2014 against five Chinese military hackers for targeting American companies.

A year later, the U.S. and China agreed to not steal and exploit each other's corporate secrets for commercial advantage. In the wake of those events, cyber espionage from China plummeted.

Also in 2015, a U.N. group of experts recommended banning cyberattacks against critical infrastructure, including a country's computer emergency response teams.

And later that year, the G20 issued a statement opposing the theft of intellectual property to benefit commercial entities.

These norms might deter governments from conducting such attacks.

Cyberspace will never be immune to attack – no more than our streets will be immune to crime.

But with stronger cybersecurity, increased use of active cyber defenses, and international cyber norms, we can hope to at least keep a lid on the problem.

Dorothy Denning, Distinguished Professor of Defense Analysis, Naval Postgraduate School

This article was originally published on The Conversation.

 


Comments are closed.



无觅相关文章插件