The big cyber news event of the week is the just released report by McAfee. In this report the security industry giant asks if the age of cyber warfare has arrived. The thirty-seven page report has several very provocative statements about cyber warfare. Upfront, they present three key finding in the report and they are as follows:
Although there is no commonly accepted definition for cyber war today, we have seen nation-states involved in varying levels of cyber conflict.If a major cyber conflict between nation-states were to erupt, it is very likely that the private sector would get caught in the crossfire.
Too much of the debate on policies related to cyber war is happening behind closed doors.
One topic in the report that gave rise to lively debate in a meeting I attended was, “The line between cyber crime and cyber war is blurred today in large part because some nation-states see criminal organizations as useful allies. Nation-states have already demonstrated that they are willing to tolerate, encourage or even direct criminal organizations and private citizens to attack enemy targets.”
This creates an interesting dilemma about who is in charge of cyber attacks when you really don’t know who is behind it! While this has been discussed many times behind closed doors, it has rarely been argued this openly in public.
Towards the end of the report they stated that international cyber conflict has reached the tipping point where it is no longer just a theory, but a significant threat. While these are not new, the attention this report is drawing has placed these issues before the security industry, military and government leaders.
If the tipping point has been reached, how will the computer security industry respond to this international issue and what does this mean for the private sector?