It has been reported that the UK government has announced it is prepared to launch nuclear weapons if the country was faced with an exceptionally destructive attack using cyber or other “emerging technologies”. As per UK existing policy, Trident missiles could only be launched against another nuclear power, or potentially in response to extreme chemical or biological threats. Cybersecurity experts reacted below.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>This is an extremely alarming claim from the UK government. For cyber warfare to spill over into the real world in such a destructive and dangerous manner, is an ideology that is not only terrifying but as we witness cyber-attacks becoming so advanced and widespread, is something which we may see governments across the globe begin to revert to in the imminent future.</p> <p> </p> <p>A major concern is exactly how governments will monitor attacks and identified assailants. It is not always clear-cut during nation-state attacks who your attacker is. As analysts, we often witness attributed threat groups change during the investigation of an attack, with it sometimes being months before researcher’s are able to indisputably establish a threat group, due to attackers utilising all mechanisms available to obfuscate their true identity. If the government reacts too quickly to these attacks, releasing a nuclear weapon upon an innocent country, the implications could be catastrophic.</p>
<p>Attributing cyber-attacks to a specific country or group operating in it, based on the direct origin of the attack may lead to false attributions of responsibility. Cyber attacks are highly decentralized and in most cases, the actors utilize multiple levels of cross-country access to hide their origin, identity, and intent.</p> <p> </p> <p>This is especially true in cyberattacks that affect the integrity and confidentiality of systems and data, attacks that are often carried out by highly sophisticated adversary groups. These adversaries follow a chain of command, which crosses country restrictions and may involve multi-national groups with variable levels of knowledge related to the mission objectives.<br />Revealing the originating actors is achieved through cross-country investigation and co-operation, which is something unlikely to happen, but nevertheless crucial as a chain of custody.</p> <p> </p> <p>As such, engagement of weapons of mass destruction as a response to a low-confidence attribution of responsibility should be carefully re-considered, even if the intent is to demonstrate readiness.</p> <p> </p>
<p>The potential for kinetic responses to cyber conflict is real and has been used in the past, specifically by the Israeli government against a reported Hamas-backed cyber threat group. Recently, I was asked about cyberwar, and to be clear, cyber conflict is not the same as cyberwar. War really involves death and damage. We can use hyperbole all we want, but there it is. Now…what constitutes an Act of War is entirely up to nation-states. You can start a war over a fly swatter (France v. Algeria) or a man’s ear (Jenkin’s War) or a dead Archduke (Ferdinand –> WW1). But in the end, what matters is what a country does.</p>