One popular question nobody seems to have a clear answer on is what is the rules of engagement in cyberspace? What is considered an act of war and how does a country respond? There is no clear answer is it seems like countries are pushing the line each week with increasing bolder exploitation against organizations within other countries. Security week posted a article about how this question relates to what is happening with Russia and Ukraine right now. The following from that article summarizes the state of cyberspace.
“Cyberspace is exceptionally unruly. No arms control treaties exist to put guard rails on state-backed hacking, which is often shielded by plausible deniability as it’s often difficult to quickly attribute cyberattacks and intelligence-gathering intrusions. The technology is cheap and criminals can act as proxies, further muddying attribution. Freelancers and hacktivists compound the problem.”
What do you think is the tripwire? Is it taking down an enterprise? Is it copying trade secrets and cloning another country’s technology? Is it spreading rumors that lead to violence? It can’t be any of these since they are already happening yet there isn’t an official publicly seen response to these attacks. The USA is enforcing CMMC compliance as a proactive measure against attacks against trade secrets but there isn’t a official response reactive hack back response. Enterprises are compromised daily, and I’ve seen articles pointing out research on how bad the numbers are for fake social media accounts, which many are used for spreading fake news. What is the tripwire for real war????????????? This is a really good question.
See the full article from Security Week HERE.