While at times we discuss "cyber norms" with other States, I think it is good to start byte-sized and build a platform for reciprocal trust that mirrors our technical capabilities.
For example, last year we had a problem where we accused Russia of a state sponsored attack on JP Morgan. The United States defines financial utilities and companies as critical infrastructure, and it is easy to see how a simple malware incident can result in serious consequences. For example, we find ourselves trying to draw very subtle lines in the sand when it comes to penetrations of power plants and other utilities.
Watermarking implants can help solve these issues: in particular the issue of not knowing whether an intrusion is the result of a known responsible actor following accepted norms, or a rogue nation or third party.
Watermarking does not have to solve the attribution problem - they can be shared watermarks that attribute an implant (or "trojan" in common parlance) to a group of nations. For example, Russia, China, Israel, Germany, France, 5Eyes, etc. These nations can share a watermarking protocol which would allow them to provide a technical platform for "Red Phone" activities, or higher-level norms, including "off limits" targets or activities.
Take, for example, the 5eyes penetration of Belgacom. If the Cyber Group has decided that a norm they are following is that they will not perpetrate credit card/financial fraud, and they will not conduct economic espionage, the liability of Belgacom is much reduced when discovering a trojan on their network that has been "Signed" as a participating nation state.
This proposal increases all of our safety, and a follow-on paper is potentially available for people interested in technical details of how exactly you can provide signing protocols for watermarks that are shared, covert, and non-transferable.
(Think of this proposal as the opposite of the Tallinn Cyber Manual, which simply ports in one fell swoop current laws of war to "cyberized versions", including such hilarious nonsense as banning cyber-booby-traps, whatever those are. :> )
No comments:
Post a Comment