The other day I started to ponder about what constitutes a fight in cyberspace. I find that it is fundamentally different from what could be termed conventional fighting (in a military sense) - tank engagements, infantry ambushes etc.
The issue is really about the asymmetry between attackers and defenders. A cyber attacker needs to find just one opening, while the defender needs to cover every conceivable (and inconceivable) weakness. This is a critical mismatch in terms of resources.
Another asymmetric aspect is the fact that in a "cyber battle", attackers rarely present a target themselves, because they are difficult to identify. Even if the attack can be attributed, there is little that can be done with a cyber retaliation. An attacker does not "own" critical technical infrastructure, which could be taken out. They just use the public communication infrastructure as a service provider and a "human shield".
In a potential two-way cyber engagement this works both ways. A practical example would be to use red teams to knock out critical infrastructure targets on the other side, while "ignoring" the attackers from the other side and relying on the quality of one's defence.
The issue is really about the asymmetry between attackers and defenders. A cyber attacker needs to find just one opening, while the defender needs to cover every conceivable (and inconceivable) weakness. This is a critical mismatch in terms of resources.
Another asymmetric aspect is the fact that in a "cyber battle", attackers rarely present a target themselves, because they are difficult to identify. Even if the attack can be attributed, there is little that can be done with a cyber retaliation. An attacker does not "own" critical technical infrastructure, which could be taken out. They just use the public communication infrastructure as a service provider and a "human shield".
In a potential two-way cyber engagement this works both ways. A practical example would be to use red teams to knock out critical infrastructure targets on the other side, while "ignoring" the attackers from the other side and relying on the quality of one's defence.
No comments:
Post a Comment