Information Warfare
[This is the March update from our DeepSec scuttlebutt mailing list. Subscribers received this article already.]
Filling a blog with articles is both hard and very easy these days. In theory, information security is more present in the news than ever. In practice, you will find few articles with in-depth content. A few days ago I had a discussion with a friend about the many web pages with the title scheme “n reasons why something is great” or “k ways to do web application filtering”. We both agreed that the title is a definite warning not to read the article. Also, most articles just give you a brief introduction into a topic and suddenly end after a few paragraphs. The term clickbait comes to mind. A lot of publishing systems use fancy techniques to generate interesting titles and summaries automatically. It’s simpler than actually writing original content.
Avoiding the cyberwar topic is impossible these days. While it is on our agenda every year, we can now see more clearly how it works. Digital warfare has less in common with electronic warfare or fancy sabotage where pipelines explode and fully network vehicles suddenly stop. The prime aim is using disinformation to turn the tide of opinions and assessments. It is not a full front assault. It is a subtle stream of information that is carefully orchestrated to serve a specific purpose. I am convinced that we will find ample of opportunities to reassess the past 5 to 10 years and look for signs of these manipulations.
Another aspect of digital confrontations are the shared resources. If you want to wage digital warfare, ensure that you and your target are connected to a network. This has important implications. Cogent has started to disconnect the Russian IP space. The major argument was not the sanctions, but the fear that attacks against (Cogent’s) infrastructure might come from connected systems. Just as in military warfare on the ground, the transport facilities become a target. The same is true for the Internet. Networked technology is another case. There haven been reports of drone manufacturers shutting down features of drone control and locating services. This is to be expected, and this is one of the main reasons DeepSec keeps calling for leaving backdoors and proprietary code out of systems we use for critical tasks in our IT environment. Supply chains are kill chains, depending on the scenario.
COVID-19 is rampant. Shenzhen is going into a full lockdown. This will affect IT resources, eventually. Rising prices for energy will contribute even more to the situation. The perfect time to worry about this has been decades ago. The IT mindset is to think of resources are infinite and cheap may have been a false consequence of Moore’s Law. Physics gives us different constraints. I sincerely hope that the discussion about efficient use of resources will enter the world of information technology and information security in 2022. It is about time, because Big Data and Big Processing are not the answer to all of our problems. Smart operators have been steadily switching to energy efficient hardware and software during the past years. Now, this approach is a part of information security.
The current affairs have affected our preparations for our events in June and November. Standing idly by is not an option. We will use breaks from reading the news to give you more updates on what we have planned for this year. Hopefully, you will find the time to read it. Don’t get distracted by disinformation.