The New Digital Battlefield

North Korea has claimed a cyber-savvy force of some 4,000 expert-level hackers thought responsible for the growing number of breaches in South Korea and her allies.

Over the past few years, the hacking initiative, undoubtedly more cost-effective than their supposed attempts at building a nuclear arsenal, has made it apparent the Communist state has shifted tactics away from military invasions and to cyber terrorism.

In the biggest known breach, earlier this year, North Korean cyber terrorists attacked the computer networks at three South Korean TV stations and two major banks.  It was an offensive that ABC News described as “huge,” divulging an unknown amount of sensitive information, and a problem that would require several days to fix. Additionally, they are suspected to be behind a number of world-wide cyber attacks, including possible ones at the United States own Department of Veteran Affairs. According to some experts, North Korean hackers are some the most well-equipped in the world and their behind-the-computer cyber attacks remove the need for logical considerations (troops, transport, weapons) currently hampering their attempts at dominating the South.

All this begs the question: if state-sponsored terrorism, the kind with bombs and guns, is considered by most of the world as an act of war, is cyber terrorism—and it IS terrorism—included?  Just like the skies above WWI gave birth to new forms of aerial combat, is the computer now the new (digital) battlefield? And with our options being either: a) keep what we’ve been doing and not consider North Korean digital aggression as a form of modern warfare, even as they steal sensitive personal information and potential threatening-to-national-security data, or b) treat it like an act of war like we did in the 1950s,  it’s really not an easy choice.

But I’m not just saying this for a sensationalist headline or to garner page views.  Recently, at the 2013 Rocky Mountain Information Security Conference, of which my company, Aveksa, was pleased to be a sponsor, keynote speaker and managing vice president at Gartner, a leading IT research analyst firm, F. Christian Byrnes spoke about the very same potential for digital warfare to lead to true-life combat.  With North Korea and others indiscriminately hacking both private sector and government data, at what point will America be forced to protect their own interests and that of their allies? And if they do, do they maintain a strictly online-only punch, counter-punch? Or does digital warfare eventually spill over into in-real-life combat?

It’s a hard question to answer. And admittedly at this point, it’s nothing more than conjecture. Still, though, our world is only becoming increasingly digital, so it begs consideration.

Although certainly another war is the nightmare scenario, it’s nevertheless wise to take every conceivable measure to protect your company’s data.  The truth, as I’ve mentioned, is that state-sanctioned cyber terrorists are deliberately and methodically stealing sensitive corporate and government data.  And until the good ol’ USA steps in, you’re on your own.  But a strong Identity and Access Management (IAM) platform that tracks user access is the type of tool that can prevent the large-scale digital terrorism the South Korean banks and TV stations were a victim to.

All of this reminds me of a famous WWII propaganda poster of an in-the-midst-of-sinking battleship framed by the foreboding rhyme “Loose Lips Sink Ships.” It was intended to alert the public to the unthought-of consequences of babbling about soldiers at sea, implying that by doing your part to keep silent, lives are saved.  Maybe, it’s time to update it for the digital age—possibly something like, “Cyber Hacks Invite Physical Attacks.”

Potential retro posters aside, though, it’s time to take a North Korean threat seriously. They sure do.

 

Original article by Vick Vaishnavi at http://www.forbes.com/sites/vickvaishnavi/2013/06/20/the-new-digital-battlefield/