Tag Archive for: OpEd

Fortifying Our Digital Realm – OpEd – Eurasia Review

/in


Much like the physical world, there is a virtual/digital world which is also characterized by anarchy. Challenges and threats emanating from the cyber world are as serious and consequential as those of the “real” world of traditional security.

Today, the realm of world security is not only about “bullet vs. bullet,” it is also about “click vs. bullet.” The internet has changed the way we share information, interact, and develop on a global scale. It has had a significant impact, bringing about previously unheard-of breakthroughs in connectedness, equality, and human prosperity. But in addition to these astounding developments, the digital world often portrays more somber truths. It has developed into a haven for disinformation, cyber threats, data theft, and digital authoritarianism that jeopardizes peace and stability. 

In this age of lightning-fast technical development, everyone involved in the problem-solving process needs to share some of the blame. The digital ecosystem, which once offered almost endless possibilities, now necessitates group action to reduce the risks that come with it. It is critical to recognize the interdependence of people and technology and the significant influence they have on one another as we negotiate this challenging landscape. The need to counterbalance accountability in the digital domain is central to this subject matter. This means that the dynamics of the digital ecosystem will fundamentally change such that defenders will now have the upper hand against harmful actors. To strengthen cybersecurity defenses, improve resilience, and prevent sensitive data from being misused, coordinated actions are needed.

The ongoing and intense hegemonic battle between the United States and China can be explained by the conflict over big data hegemony. Thus, gaining a competitive edge in AI technology may come from acquiring more data through connections with more governments. To dominate AI technology, the United States and China plan to create their own exclusive network platform, or value bloc. As such, friendly nations like the United States and China may be compelled to adopt a binary framework. Being on either side of the ROK, a state…

Source…

Critically Analyzing ‘Evolving Cyber Operations’ And Implications For Pakistan – OpEd – Eurasia Review

/in


A recent report by RAND Cooperation titled “Evolving Cyber Operations” provides a comprehensive analysis of cyber operations and capabilities, particularly focusing on the lessons from the Ukraine conflict. It presents a critical look at the evolving nature of cyber warfare, the role of cyber proxies, and the shift from traditional cyber defense strategies to a resilience-focused approach.

It emphasizes cyber resilience over deterrence. The report emphasizes a shift from deterrence to resilience in cyber defense strategies. It argues that democracies cannot rely solely on deterring cyberattacks but must focus on minimizing disruption to critical data and services. The report also highlighted the role of cyber proxies. The conflict in Ukraine highlighted the significant role of cyber proxies. These proxies, whether aligned with Russia or Ukraine, have demonstrated their capacity to influence conflicts beyond direct cyberattacks, particularly in shaping political narratives and international opinions

Political and Social Resilience: Political and social resilience is identified as crucial in cyber defense. The Ukrainian experience shows the importance of maintaining political will and leveraging a diverse range of actors, including civil society and the private sector, in building a robust defense. International Collaboration remains one of the most important: The report underscores the importance of international partnerships in cyber defense. Sharing intelligence, technology, and tactics among allies can significantly enhance a nation’s cyber capabilities The use of proxies in cyber warfare has evolved, with groups like Killnet and the IT Army of Ukraine playing significant roles. These groups have blurred the lines between traditional state-aligned proxies and transnational political actors

Implications for Pakistan’s National Security

Enhancing Cyber Resilience: Pakistan should prioritize building a resilient cyber infrastructure that can withstand and quickly recover from cyberattacks. This involves not just technological solutions but also a comprehensive strategy encompassing political, social, and economic dimensions.

Diverse Cyber Defense Strategy:…

Source…

Op-Ed: Shaving time and complexity off ransomware recovery

/in


We often hear when Australian businesses are ransomwared, but what happens next? The incident response, forensic investigation, and system recovery processes are often never revealed or told.

There are likely multiple reasons why this is the case. One is that recovery from these incidents is often gruelling, with one in four teams needing a month or more to get back to business as usual.

Around-the-clock efforts to get back online are often part and parcel of the post-incident period. It’s an experience security teams are likely to be in no hurry to retell or relive.

It is worth examining why recovery from a ransomware attack takes so long, and in particular, whether architectural changes and/or additional tooling at an infrastructure level might help businesses to get back on their feet faster.

From a local data storage perspective, many businesses have similar infrastructure set-ups, where production servers talk to primary storage, and that data is replicated elsewhere for backup purposes. The backups may be point-in-time snapshots or it may be that data is actively replicated and synchronised between two sites that operate in an active-active configuration.

From a backup perspective, the most important thing is to have an immutable copy with data retention of that copy of the primary storage environment set for a specified period of time such that it cannot be deleted. This is the secure copy of data the business can restore from in the event of a cyber attack. For added safety, it’s also important to put some sort of air gap between the backup and the primary storage environment.

Immutability is an important principle to consider when looking at the cyber resiliency of data infrastructure. The idea is to take a volume of data and make it immutable in such a way that if the business is hit by ransomware, that data cannot be altered by anyone, under any circumstances.

Air gapping is another important security principle. An air gap can be logical or physical; in a traditional infrastructure set-up, point-in-time backups may be stored on tape, which acts as a physical air gap to the primary storage environment. However, tape has its own challenges, and it may be that a…

Source…

Blacklisting The Merchants Of Spyware – OpEd – Eurasia Review

/in


In a modest effort to disrupt the global spyware market, the United States announced last week that four entities had been added to its blacklist.  On November 3, the US Department of Commerce revealed that it would be adding Israel-based companies NSO Group and Candiru to its entity list “based on evidence that these entities developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.” 

Russian company Positive Technologies and the Singapore-based Computer Security Initiative Consultancy also made the list “based on a determination that they traffic in cyber tools used to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide.”

The move had a measure of approval in Congress. “The entity listing signals that the US government is ready to take strong action to stop US exports and investors from engaging with such companies,” came the approving remarks in a joint statement from Democrat House Representatives Tom Malinowski, Anna Eshoo and Joaquin Castro.

This offers mild comfort to students of the private surveillance industry, who have shown it to be governed by traditional capitalist incentive rather than firm political ideology.  Steven Feldstein of the Carnegie Endowment’s Democracy, Conflict, and Governance Program observes how such entities have actually thrived in liberal democratic states.  “Relevant companies, such as Cellebrite, FinFisher, Blue Coat, Hacking Team, Cyberpoint, L3 Technologies, Verint, and NSO group, are headquartered in the most democratic countries in the world, including the United States, Italy, France, Germany, and Israel.”

The relationship between Digital China and Austin-based Oracle shows how talk about democracy and such ideals are fairly meaningless in such transactions.  Digital China is credited with aiding the PRC develop a surveillance state; software and data analytics company Oracle, despite pledging to “uphold and respect human rights for all people” was still happy to count Digital China a global “partner…

Source…