I stayed at home instead of going to my tutorial because I was abit stressed out and underprepared for the two exams I had the day after :( - Luckily I steal everyone’s notes and synthesise it!!!

Question: If we went to cyberwar with a world superpower, what would be the main risks and what would we do to prevent and/or prepare for them?

Risks

  • Insider attack
  • Ransomware attacks on infrastructure
  • DoS attacks (eg cutting undersea cables???)
  • Sabotaging power and other services
  • Backdooring software and logging/surveiling
  • Attacks on warfare (eg. hijack drones, nukes?)
  • Jamming signals (a form of DoS)
  • Data theft (eg. stealing company/military secrets)
  • Denial of tech gear (hardware) from enemy?

Big list of recommendations

  • Compartmentalise knowledge of intelligence
  • Background checks on programmers - risks Type I/Type II errors
  • Keep critical people anonymous - may be hard to implement (esp in democratic system where leader is important to identify)
  • Create backdoors in other nation’s software/hardware to exploit in case of war - what if found early?
  • Create rootkit/malware to attack/monitor enemies and possibly attack if it detects them attacking - possible Type I/Type II errors
  • Limit/remove internet access to prevent cyberattack - feasible?
  • Create nationwide intranet
  • Prepare financial resources for cyberwar
  • Use locally-sourced applications (especially corporate, but civilians too)
  • In event of DoS/DDoS, have redundancy for online services (prevents single point of failure/single target of attack)
  • Background checks on employees who have influence (eg. corporate, military)
  • International wargames for preparation and training
  • Hardware backdoor for drones (etc) to disable if hijacked
  • Audit infrastructure

Analysis

If I were asked this question, the risks I would immediately identify would have been denial of service attacks and sabotaging of infrastructure. Good to see that those ideas appeared in my class’ discussion.

I would posit these two risks (especially the latter) as having a very impact - By damaging infrastructure (whether that be supply, transport or communications) it causes a large disruption within the nation, weakening the country’s capacity to concentrate on the larger issues.

The risks identified in class seem to all collate into four groups: DoS, Surveillance and Espionage

How would we respond to these risks?

Create rootkit/malware to attack/monitor enemies and possibly attack if it detects them attacking - possible Type I/Type II errors.

Very debatable - Essentially a recommendation to fight fire with fire.
If watching WarGames has taught me anything - it’s that no one wins a nuclear war. Sure tracking and surveillance isn’t “nuclear” but such a violation of privacy would probably entail a retaliation.

Limit/remove internet access to prevent cyberattack - feasible?
Create nationwide intranet

Give me a c, C!
Give me an e, E!
Give me an n, N!
Give me an s, S!
Give me an o-r-s-h-i-p, {…}

What does it spell?? A futile attempt to restrict information!

With Tor, Proxies, VPNs, DNS over HTTPS, and all sorts of methods to work around censorship tactics - such an effort is really a waste of both the government, and our time. ‘If there’s a will there’s a way’ (not to say that everything is futile though…)

Prepare financial resources for cyberwar

This, I agree with. Not only financial resources, but also training people to be security professionals, and for people to truly understand the state of security that we have!