Myths About Cyberattacks

In an editorial in the Washington Post last week, Ben Buchanan, the author of The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics, debunks five myths about cyberwar.

Myth No. 1: Cyberwar Is Overhyped and Impossible

“One of the most common myths in cybersecurity,” writes Buchanan, “is that destructive hacking is a wildly overblown threat, nearly impossible, or incapable of shaping geopolitical conflicts.” Believers of this myth are fond of pointing out that squirrels cause more blackouts than hackers.  

Buchanan cites several examples to debunk this myth, including the 2015 and 2016 attacks by Russian hackers that turned off the power in parts of Ukraine, and the June 2017 Russian cyberattack “NotPetya” that caused more than $10 billion in damage around the world. The same day that Buchanan’s editorial appeared in the press last week, United States joined several countries in accusing Russia of a major cyberattack in the Republic of Georgia in late 2019 that knocked thousands of government and private websites offline and interrupted television broadcasts.  In their 2019 book, The Fifth Domain, Richard A. Clarke and Robert K. Knake, counter-terrorism officials in several United States administrations, destroy this common myth. They argue that cyber, the “fifth domain,” is different from the other four domains – land, sea, air, and space – traditionally identified by the Pentagon. Intending to provoke government and corporate leaders into action, the authors predict that the next major war will be provoked by a cyberattack (Clarke and Knake, 2019, 7). 

Myth No. 2: Cyberwar Is All About Crashing Power Grids and Airplanes

By concentrating on the consequences of “theatrical” cyberattacks such as refineries on fire, planes plummeting from the skies, financial systems collapsing, and cities plunging into darkness, we are missing the threats that matter most, threats that take the form of military and economic espionage of information systems. A February 10, 2020 post in this blog, Courts Vulnerable to Exfiltration of National Security Technology and Sensitive Intellectual Property Through Bankruptcy Proceedings,  highlights a vulnerability which poses an oversized threat to our national security but has received little attention:  bankruptcy proceedings. Courts are vulnerable in their legal proceedings, especially in the ways cutting-edge technology information is exposed in open court.  Bankruptcy proceedings have become a unique avenue through which foreign adversaries are able to acquire sensitive national security technologies and intellectual property. No physical damage to a single computer or network is done in these espionage hacks and thefts of intellectual property.

Myth No. 3: The Purpose of Cyberattacks Is Readily Apparent

Not so says Buchanan. The purpose of the attacks, as well as the identity and motivations of the attackers, are often unclear. Foreign adversaries disguise their involvement in cyberattacks or deny them altogether. The motivations behind the very destructive NotPetya cyberattacks remain opaque today.

Myth No. 4: Cyberspace Is Borderless, With No Geography

Buchanan says that cellphone networks and WiFi communications are invisible and “borderless,” and seem “someplace else.” This warning hit home as I got ready to post this blog from a file in the cloud: “File not available. Access denied.” Where is my file? How can I access it? Buchanan contends that “data zips between countries easily, with no passport checks or customs inspection, nor any geographic hurdles” and cyberspace is essentially “borderless.”

That said, Buchanan acknowledges that geography, borders, and legal jurisdictions still matter a lot. For example, under the Foreign Intelligence Surveillance Act, the U.S. can compel telecommunications companies that operate within its borders to cooperate to address national security threats. It can access some intelligence data from Google, Apple, and Facebook. China and Russia too can use their sovereignty to block and study Internet traffic as it enters and exits borders.

Myth No. 5: It’s Impossible to Know Who Conducted a Cyberattack

Although confirming who is behind cyberattacks is difficult, the U.S. and other governments use their own hacking capabilities to figure out who conducted cyberattacks. Much of this is classified but there exists a growing private sector devoted to identifying who was responsible for cyberattacks and how they were perpetrated, e.g., Russian information operations, Chinese economic espionage and theft of intellectual property; and North Korean bank hacking. 


Copyright CourtMetrics 2020. All rights reserved.

Popular posts from this blog

Top 10 Reasons for Performance Measurement

There is a growing demand of “show me the data” from citizens and taxpayers, legislators, executive agencies, oversight boards and communities – all of whom exchange money and other support (e.g., trust and confidence) for services -- that courts can ill afford to ignore. Courts need to measure their performance to meet the demand for public accountability. But the benefits of court performance extend beyond accountability including improved prediction, better understanding and control, influence, a sharpened focus on what is important, and discovery of better practices. Objective performance data is central to good management practices like strategic planning, performance-based budgeting, Balanced Scorecards, Total Quality Management (TQM), and Six Sigma. Performance measures allow court leaders and managers, policymakers, legislators and the public to evaluate court programs’ inputs (the resources allocated), outputs (direct results of program or service activities) and outcomes (bro
Read more

The “What Ifs” Along the Road in the Quest of a Justice Index

What if we could draw an indicator of the “health” of the justice systems throughout the United States – a Justice Index - from readily available public data that is impartial, reliable, objective and comparable, let’s say the amount of time that criminal defendants spend in custody without a trial, or even without any access to legal or justice services? Or the bail amounts imposed on misdemeanor defendants?   This kind of a measure would not be perfect – no measure is – but it would be something, better than nothing. It would address questions of fairness and efficient use of public resources. That is, a criminal defendant languishing in jail awaiting trial suffers, at the least, a delay in justice. He or she is also occupying a jail bed and spending taxpayers’ money. What if we then join this measure with another meaningful indicator of the health of our justice systems in counties and states, let’s say the degree to which jurisdictions prosecute domestic violence cases.
Read more

Q & A: Outcome vs. Measure vs. Target vs. Standard

Q: Those of who write and speak about court performance measurement rely on their share of jargon -- and it's often confusing. What are the differences among the terms “outcome,” “measure,” “target” and “standard”? A: Socrates said that the beginning of wisdom is definition. We’ll see. Outcomes are the benefits or changes for the intended beneficiaries of a court’s programs and services. Outcomes may relate to knowledge, skills, attitudes, values, behavior, condition or status of the program participants or recipients of services. Examples include litigants' satisfaction with a court's courtesy and responsiveness, success of probation, time to case disposition, clarity of orders, integrity of case files, percent of mediation agreements, enforcement of orders, and perceived fairness of proceedings, as well as percent of expected expenditures and percent of revenues received. Outcomes should not be confused with the activities of those who run the court. (See the October 1
Read more