Former US State Department cyber man: We didn’t see the Russian threat coming

Cyber no longer domain of techies, says ex-diplomat

Black Hat Cyber threats have evolved from been a solely technical issues to core issues of government policy, according to a senior US lawyer and former cyber diplomat.

Chris Painter, former co-ordinator for cyber issues at the US State Department, told delegates at the Black Hat EU conference that cyber issues have emerged as a core topic for governments worldwide. “Cyber is now seen as a core issue for defence policy, foreign policy and more… it’s not just a technical issue.

“Cyberspace is a new domain of war and all countries are involved in it,” he added.

The US, China and Russia have agreed that the rules of international law apply in cyberspace, so the rules of war apply to cyber attacks. That means that an attack on civilian infrastructure such as a dam would be considered as warranting reprisals, but the situation is more complicated than that in practice.

“A lot of malign activity is occurring below the high threshold of what could be classified as an act of war,” Painter explained.

“We’re doing a poor job at deterrence in cyberspace. The credibility of response is OK but timeliness is a problem partly because of attribution.”

Painter argued that although you can never have absolute certainty in attribution, by using a combination of technical and political analysis it’s possible to have a high degree of confidence about who is behind particular attacks, especially if they are long term campaigns.

Launching missiles in response to a cyber attack is unlikely unless there is a loss of life involved. This means that response boils down to applying diplomatic or political pressure on governments. “We need to expand the tool set,” Painter concluded.

One thing that is already possible in greater international co-operation, something that can be achieved through diplomatic channel. Painter explained how whilst at the US State Department he struck a deal to get help from other countries in taking down nodes of a botnet that was attacking US banks in return for a promise of co-operation from the US in the event of those countries needing assistance at some future date.

Painter also outlined efforts to promote norms - or "rules of the road" - in cyberspace. He also examined challenges that lie ahead and the need for the policy and technical communities to work together globally to meet those challenges. “We didn’t see the Russian threat coming,” Painter said. “Tech people need to tell policy people about the next coming threat.”

The former White House and US State Department official made his comments during an opening keynote presentation at the Black Hat Europe conference in London on Wednesday. ®

Other stories you might like

Biting the hand that feeds IT © 1998–2022