At a glance.
- UK clarifies policy on cyber counterattacks.
- "Security poverty" and critical infrastructure.
AG declares UK can conduct cyber counterattacks.
While speaking at leading policy institute Chatham House, UK Attorney General Suella Braverman declared that the country can deploy defensive cyber attacks when “key services” are targeted by nation-state adversaries, officially stating the UK’s stance on extending international law to the digital world. Traditionally there has been an unofficial global agreement that military force will not be used to defend against digital attacks or espionage, as attribution is difficult to prove. However, recent attacks on critical infrastructure and government networks have put that unspoken understanding to the test. In her remarks, Braverman cited recent incidents like the July 2021 Microsoft Exchange breaches and the Solarwinds attack, and she named four sectors as particularly vulnerable: energy security, essential medical care, the supply chain, and democratic processes. CPO Magazine notes that while none of these areas have been directly targeted by nation-states (aside from Russia’s attacks on Ukraine), they have increasingly fallen victim to ransomware operations, and North Korean advanced threat groups have been observed using such attacks to fund the government.
Security poverty and its impact on critical infrastructure.
Jeetu Patel, EVP of networking hardware giant Cisco, is addressing the intersection of cybersecurity and human rights. In a recent interview, Patel told the Register he feels cybersecurity for critical infrastructure must be standardized to ensure that smaller companies that cannot afford security measures on their own have access. "It's our civic duty to ensure that everyone below the security poverty line has a level of safety, because it's gonna eventually get to be a human-rights issue," Patel stated. Cisco's head of advisory CISOs Wendy Nather was the first to acknowledge the concept of a security poverty line at a recent RSA Conference. Unlike physical walls, Patel explained, a company’s digital barriers are not clearly defined, especially as data is shared with external associates or partners. Even if a company has security defenses in place, they are only as strong as their weakest link, and the attack surface increases exponentially as data is shared with people and devices outside the company’s traditional perimeter. "Large organizations that are above the poverty line have been able to negotiate great terms with their suppliers in this interconnected system,” Patel explained. “But when you are a small player, it is very hard for you to negotiate and you just take what your providers give you.” Shailaja Shankar, SVP of Cisco's Security Business Group, says the solution relies on security vendors donating their services and sharing their expertise. For instance, Cisco's Talos threat intelligence team supplies free cloud security products to organizations in Ukraine, and Cisco is a founding member of the Cyber Threat Alliance, where they partner with thirty global security vendors. "Shared risk requires shared defenses," Shankar stated.