Cyberwarfare and Aggressiveness in Cyberspace

Cyberwarfare and aggressiveness in cyberspace

Jarno LimnéllProfessor, Cybersecurity, Aalto UniversityVP, Cybersecurity, Insta Group Ltd.Doctor of Military Science@JarnoLim

New Normal in Security:

Speed of ChangeUnpredictable Instability

Digital-Physical Complexity

Cyber is an element in all crisis and wars

Evolution – not revolution

Cybersabotage has begun to emerge in conflicts

“Cyberattack on German steel plant caused significant damage”

KINETIC CYBER

“A cyber attack on the French television network TV5 Monde”

FALSE FLAG ATTACKS

“The Dukes: 7 Years of Russian Cyber-Espionage”

STRATEGIC CYBER ESPIONAGE “Hackers breach the Warsaw Stock Exchange”

CRITICAL INFRASTRUCTURE

Russians (and others) are testing the boundaries of the cyberbattlefield.

Russia has a wide range of tools and resources, including the ability to carry out denial-of-service attacks, develop sophisticated malware and exploit previously unknown software vulnerabilities.

Russian cyber activities are focused mainly on intelligence gathering and military reconnaissance of critical infrastructure networks as advance work for a future conflict.”

Most worryingly, today’s intelligence operations enable tomorrow’s military actions.

according to new details from an extensive

investigation into the hack, they were

skilled and stealthy strategists who

carefully planned their assault over many

months, first doing reconnaissance to

study the networks and siphon operator

credentials, then launching a synchronized

assault in a well

Coordinated December 2015 attack on the Ukrainian electrical grid was clearly an attack on critical national infrastructure.

Motive?- Testing and research- Creating deterrence (send a public message)- Revenge (power outage earlier in Crimea)

OVERALL CYBER CAPABILITIES (scale 1-10 / offense, defense, dependence) *

State CyberOffense

CyberDefense

Cyber Dependence **

Total

Iran 4 3 5 12

Estonia 3 8 1 12

Great Britain 7 5 2 14

South Korea 6 5 3 14

North Korea 3 3 9 15

Germany 7 7 2 16

Israel 8 6 3 17

United States 10 5 2 17

China 8 5 4 17

Russia 8 8 3 19

* Analysis is based on information in different public sources* Dependence is a reverse score (more dependent means more vulnerable)

Jarno Limnéll

Kyberturvallisuuden kokonaisuus

9

9

Digital security integral part of today´s security:Dependence increases and

More sophisticated capabilities being developed.

The speed of cyber attacks and their sophistication has changed dramatically.

Cybersecurity =Protecting our societies, our

businesses and our way of life

“Russia and China are the most sophisticated nation-state actors in the new generation of cyberwarfare, and Russian hackers lead in terms of sophistication, programming power and inventiveness.”

Digital-PhysicalInteraction

States consider cyber capabilities as an integral part of operational military capability and are not afraid to

employ them.

How to integrate cyber capabilities to other capabilities

Innovation and people

Talented Individuals – Who will have and educate them in constantly changing security?

Most valuable skills for cybersecurity career in next years might not be a focus in

specific technology, but ability to understand big picture.

From Technology- and Control-centric to

Humancentric Cybersecurity

Future cyberwarfare is less hacking power grids and more "hacking minds" by

shaping environment in which political reality takes place.

Cyberpolitics

Trend:The world is moving towards a greater strategic use of cyber

capabilities to persuade adversaries to

change their behavior.

Beginning – End

Our side – Their side

Military – Civilian

Involved – Not-involved

Win – Lose

Violence – Non-violence

Dichotomies are blurring

SECURITY INSECURITY

The lines between cyber activists, criminals and state-paid hackers are becoming increasingly blurred.

1) Defend own networks – improving quality in all member states2) Increase education and training

3) Raise general cyber resilience to new level4) Mindset-change: J6 J3 (plans and operations)

5) Develop situational awareness and information sharing6) Strenghten Alliance´s cyber deterrence

7) Support cyber innovations (defence, intel, offense)8) Combine cyber and physical capabilities and operations

9) Rethink Article 510) Cyberpolitics – to response Russia´s aggressive behavior in cyber domain

Jarno Limnéll

Thank you

“It is not the strongest species that survive, nor the most intelligent, but the ones responsive to change.” - Charles Darwin