The Daily Swig Web security digest

Black Hat Europe: ‘Cyber is the new black’

James Walker | 06 December 2017 at 13:40

Chris Painter, former Coordinator for Cyber Issues at the US State Department, offers a global perspective on cybersecurity in the 21st century.

Over recent years, governments and high-level executives have transitioned from viewing cyber-threats as solely technical problems to core issues that can impact national security, economic policy, human rights, and foreign policy, according to Chris Painter, commissioner at the Global Commission for the Stability of Cyberspace (GCSC) and former Coordinator for Cyber Issues at the US State Department.

Presenting the opening keynote at this year’s Black Hat Europe in London today, Painter provided a global perspective on the growing importance of cybersecurity in the 21st century, along with discussing the work being done by policymakers to create a stable digital environment.

“My first computer was an Atari 800 with a cassette tape drive,” Painter said. “Since that time, the industry has advanced tremendously. We all know the great opportunities that cyberspace and computer networks have given us in terms of connectivity, but there has also been an incredible increase in the threats from a range of different actors.”

Painter, a former federal prosecutor who has also worked as a senior official at the US Department of Justice, the FBI, the National Security Council, and finally the State Department, has had a front row seat when it comes to tracing the evolution of cybercrime over the past 25 years.

Mitnick, a very serious case back in the 90s, resulted in the theft of information from computer systems all over the world,” he said. “It caused a lot of financial damage, but at the same time it was very different from the kind of activities we are seeing now.

“Threats are now on the front pages of newspapers every day: the Equifax case, ransomware such as Petya and NotPetya, IP attacks against companies like Sony Pictures, and debilitating attacks on infrastructure.”

He added: “New technologies are also on the horizon, such as the internet of things, which pose even greater technical vulnerabilities. And then there are hybrid threats that we really didn’t anticipate. I don’t think the cyber community really understood the threat that was being posed by Russia, for instance, when it came to undermining democratic processes. This is both a cyber and political threat.”

“I often say that ‘cyber is the new black’. Everyone cares about this. What that means is there is an increased emphasis on how we counter that threat – not just nationally, but internationally.”

The GCSC is attempting to lead the charge against cybercrime with a multi-pronged strategy. And according to Painter, coordination between UN member states is vital.

“We have a range of threat actors out there,” he stated. “We have dedicated nation states, we have transnational organized crime, we have ‘lone gunmen’ hackers, and we have terrorists. It is important to build coordination against those threats.

“We have started dialogue with other countries around the world, and we have done a number of things to help with operational coordination. We’ve worked with our law enforcement colleagues [across various nations] to ensure that countries have good cybercrime rules – and many still don’t.”

While Painter stressed the importance of reacting to cyber-threats on a real-time basis, he also underlined the work the GCSC and various organizations have been doing to shape the environment, going forward.

“Firstly, we have got a number of countries to agree that international law applies in cyberspace," he said. "The second part of the stability framework was to introduce ‘norms’, such as the agreement that states should not, in peacetime, attack the critical infrastructure of another state, should not attack CERTs, and should protect the core of the internet.

“We have got pretty wide agreement, so far, within a small group of countries in the UN, but this is something we are trying to advance internationally. We are trying to set some rules of the road to start putting some boundaries around cyberspace as to what’s acceptable conduct. We need to get more countries to adopt and embrace these principles.

“What I think we have not done a good job at is deterrence. Rules are worthless if you don’t take action when people violate them. If we don’t react to some of the major issues we are seeing, then we are basically saying this is ok. There need to be consequences for actions.”

Painter added: “We also need better tools. Right now, our toolset is pretty limited. We have political tools, we have law enforcement tools, and economic sanctions, but we need to work with the technical community to ask: ‘What is the option space? What are the things we haven’t thought of?’ I think there is a lot of room there for people to work together.”

“Ultimately, diplomacy ends up playing a big role in this,” he said. “Almost all these issues are international, and therefore they require high-level policy discussions – not only between governments, but also between the technical community and those on the front line.

“The technical and policy threats that we are seeing are becoming more complex. That means that governments really need to pay attention to this and do a better job than they are doing. They also have to work closely with the technical community to make sure that they are doing this.”