Most IT security professionals already knew that it was only a matter of time before cyberespionage became a full blown international incident. This week the Federal Bureau of Investigation (FBI) issued a report that appears to confirm that individuals acting on behalf of Russian government agencies did indeed hack into systems belonging to election officials using specific types of malware. The official U.S. government response is the expulsion of 35 Russian operatives, the closure of two compounds, and additional sanctions against specific individuals and Russian intelligence agencies designed to prevent U.S. citizens from conducting any transactions with them.
Not surprisingly, Russia denies any involvement in the hacks and now appears to be trying to reduce diplomatic tensions in anticipation of a the arrival of new U.S. administration.
The bigger IT security issue, however, is to what degree will the existing cyberespionage activities be further escalated. The U.S. government has publicly stated that in addition to its public response the U.S. government will also engage in a series of unspecified covert responses. Russia will undoubtedly respond in kind.
Regardless of who is president the issue that the IT security community needs to concern themselves with now is just how much the organizations they are employed to be protect will become targets of agents working on behalf of any government. In their zeal to gain access to government secrets intelligence agents routinely look for the weakest link. All too often, that turns out to be an organization doing business with a government agency. In addition, most intelligence agents don’t really distinguish between government secrets and the intellectual property of a private organization. Anything of potential value to their country is ripe for the taking.The Internet has become a digital battlefield.Click To Tweet
In effect, the Internet has now become a digital battlefield. It may now be only a matter of time before various organizations and nation states in the name of better IT security start to segment and isolate portions of the Internet. Instead of there being a global Internet driving a global economy the future of the Internet might very well turn out to be a much more restricted environment patrolled by government officials.
Hopefully, cooler heads will prevail before that level of mutually-assured destruction of a global digital economy comes about. Unfortunately, there are already plenty of totalitarian governments attempting to exercise more control over what connects to the Internet. Cyberespionage creates the excuse for all governments around the world to implement similar controls.
In an ideal world, there should be a cyberwarfare treaty along the same lines of the ones set up surrounding nuclear and chemical weapons. After all, in the age of the Internet of Things (IoT) it should be clear to all just how lethal cyberattacks can really be. Alas, the probability of such an accord being implemented and then actually respected is low. Government agencies around the world have in multiple ways signaled their desire to have more control over what occurs online. Treaties that guaranteed unfettered access would viewed as a limit on those government prerogatives.
IT security professionals therefore should gear up for a wild ride. On the plus side there should be a lot more disclosure of cyberespionage efforts in the months ahead as governments vie to give as good as they get. For IT security professionals that means they will gain a lot more insight into the types of malware various agencies around the world are creating to exploit IT security weaknesses. The sadder news is many IT security professionals are also about to discover to how diligently some of the government agencies in their own countries have been working compromise those weaknesses in a way that make distinguishing between friend and foe in the digital age much more of a challenge than anyone really likes or, for that matter, appreciates.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot.Mike also blogs about emerging cloud technology for Intronis MSP Solutions by Barracuda.