ment a great deal of confidence about the attribution. But
Y
CMY
CIS_CYBER_HalfPage_Ad copy.pdf
1 7/24/18
5:15 PM
  really stupid proposals that would sometimes ignore risks to things like the integrity of the global financial system,” the source said on background.
Like many of those interviewed, the former staffer cited the recent elimination of the cyber coordinator position at the White House as a move that will only exacerbate the problems. Langevin and Rep. Ted Lieu (D-Calif.) have intro- duced legislation to restore the position.
The challenge of attribution
There are political and public relations factors to consider as well. When nations go to war, they often portray their decision as a defensive or retaliatory response to a malicious event. But proving to allies and the international commu- nity that a cyberattack came at the behest of a particular nation-state is difficult. In most instances of cyber attribu- tion — such as those done with WannaCry and NotPetya — it can take months or even years for officials to reach a high-confidence conclusion.
C
Even then, policymakers might not want to risk expos-
M
the White House publicly blamed North Korea for the 2017
WannaCry attack, and Tom Bossert, who served as WhiteCM
House homeland security adviser at the time, told reporters
MY
that intelligence and technical forensics gave the govern-
CY
he declined to specify what evidence the administration was relying on and acknowledged that definitive proof that theK North Korean government was responsible for the attacks was difficult to come by.
That sort of posture could make it trickier to convince allies that the evidence justifies a cyber or military response. A State Department document released in May to provide guid- ance to the president on international engagement on cyber matters notes that “difficulty attributing the source of [cyber] attacks or sharing sensitive evidence to support attribution findings has made international or public/private cooperation to respond to specific threats more challenging.”
Such cooperation is critical to establishing international rules of engagement in most domains of war, said John Dick- son, a former Air Force intelligence officer who served at the Air Force Information Warfare Center. Other domains of war have had millennia to develop clear lines of engagement, so it’s no surprise that there is still significant uncertainty about how best to respond to incidents of information warfare. Dickson argued it’s sometimes best to let policymakers have maximum flexibility.
“We don’t have anywhere near the level of history, the level of conflict, the level of openness and visibility [with cyber- war] that you have in other wars,” Dickson said. “If you’re a talented attacker — certainly a nation-state attacker — you can...still maintain some level of deniability.” n
Protecting your network and data from the latest cyber threats, means leveraging the latest threat intelligence along with intelligent tools to secure against the likeliest threats.
ing intelligence-related sources and methods. In December,
Read our white paper on the role of Artificial Intelligence in Cybersecurity.
PREPARE PROTECT PROSPER
chameleonis.com
July/August 2018
FCW.COM 15