Cyberwar Theme Resounds At RSA; Tech Giants Unveil Joint Strategy

The RSA Conference, one of the cybersecurity industry’s largest annual events, opened in San Francisco this week amid a barrage of unsettling news, as both nations and companies drew boundary lines and formed alliances in a cyber universe that seems increasingly combative.

In the United States, a growing awareness of the weaponization of cyber skills, from sophisticated hacking to the mere posting of social media messages, has required strategic thinking not only from national defense agencies, but also from civilian government offices responsible for such ordinary projects as county elections and trade regulations.

Meanwhile, global tech companies are trying to decide how much of their data troves, and their prodigious capacity for data analysis, should be deployed in a nation’s cyber-defense activities—and for what nations. Some of the news on these troubling fronts:

—On Monday, U.S. and British intelligence agencies joined to issue a call to arms, urging all public agencies, businesses large and small, Internet service providers, device manufacturers, security firms—and ordinary citizens at home—to help defeat widespread Russian hacking of Internet infrastructure components such as Web traffic routers.

By exploiting vulnerabilities in these devices—often poorly protected because of neglected updates and password changes—Russian operatives have been able to intercept, block, or divert communications to their own networks, and capture messages, data, and log-in credentials, according to the joint technical alert by the U.S. Department of Homeland Security, the Federal Bureau of Investigation, and the U.K.’s National Cyber Security Centre.

“FBI has high confidence that Russian state-sponsored cyber actors are using compromised routers to conduct man-in-the-middle attacks to support espionage, extract intellectual property, maintain persistent access to victim networks, and potentially lay a foundation for future offensive operations,” the report stated. One possible offensive could be the remote destruction of part of a nation’s energy infrastructure, the intelligence agencies warned.

The two governments outlined steps for securing elements of the Internet infrastructure, including not only routers and switches, but also some cybersecurity safeguards, such as firewalls and Network-based Intrusion Detection System (NIDS) devices.

—On Tuesday, an alliance of 34 tech companies, including Microsoft and Facebook, unveiled a joint policy statement on their role in international cyber conflicts: the Cybersecurity Tech Accord. The signers pledged that they would not help any nation’s government to carry out cyberattacks “against innocent citizens and enterprises.” But they would “protect all customers globally regardless of the motivation for attacks online.’’

At a news briefing during the RSA Conference, Microsoft president Brad Smith said tech companies—as well as government leaders and citizens—have to do more to boost security in an era when nation states are attacking civilians “even in times of peace,” and when these attacks endanger not just machines, but also people’s lives.

“As we take stock of the world, one thing is clear, cyberspace unfortunately has become the new battlefield,” Smith said. “We saw this in 2017 as we really saw a new generation of weapons, cyber weapons, used not just by criminal organizations, but increasingly by nation states,” Smith said. “We saw that last May with the WannaCry attack, we saw it in June with the NotPetya attack.”

The companies that signed the Cybersecurity Tech Accord promised to strengthen defenses against cyberattacks by shielding their products from tampering, helping people and businesses to better protect themselves, and collaborating with security researchers and other partners to defend against threats. The signatories scheduled their first meeting during the RSA Conference this week, and said they would welcome other trusted private sector members to join the group.

The other founding members are: ABB, ARM, Avast, Bitdefender, BT, CA Technologies, Cisco, Cloudflare, Datastax, Dell, Docusign, Fastly, Fireeye F-Secure, Github, Guardtime, HP Inc., HPE, Intuit, Juniper Networks, LinkedIn, Nielsen, Nokia, Oracle, RSA, SAP, Stripe, Symantec, Telefonica, Tenable, TrendMicro, and VMWare. As the New York Times pointed out, Google, Amazon, and Apple are not signatories at this point.

—In recent years, tech companies that participate in global supply chains have faced the fact that they may be involuntarily drawn into conflicts between nations. International import/export policies on tech products can now hinge on a suspected danger of embedded spyware, along with routine concerns such as the balance of trade. The breakdown in trust between countries can result in a balkanization of technology products, services, and digital communications networks.

—Both the United States and the United Kingdom this week placed curbs on trade with Chinese telecom equipment provider ZTE. The U.K’s cybersecurity agency warned the nation’s telecommunications providers not to use ZTE equipment or services, the Financial Times reported. The Chinese government has enough influence over the state-owned business to raise worries among U.K. authorities about possible interference with ZTE’s equipment.

The U.S. Commerce Department banned trade with ZTE in the other direction, forbidding U.S. companies from selling software or parts such as chip sets to ZTE for seven years, Reuters reported. The U.S. agency has been feuding with ZTE since it discovered ZTE had been shipping U.S. products to Iran. The action came against a backdrop of wider American conflicts with China over suspected intellectual property theft, trade deficits, and national security. ZTE buys components from U.S. companies including Qualcomm (NASDAQ: QCOM), Microsoft (NADAQ: MSFT), and Intel (NASDAQ: INTC), according to Reuters.

The U.S. government already forbids American telecom companies to buy equipment from the much larger Chinese company, Huawei, and is mulling a plan to secure U.S. communications by building a government-funded 5G network, the Financial Times reported.

—France is creating its own encrypted messaging app for government officials, due to worries that existing services based in other countries, such as Facebook’s WhatsApp and Russia-based Telegram, could make the officials vulnerable to spying, Reuters reported. The concerns were elevated by recent revelations about the loss of at least 87 million Facebook profiles to political data firm Cambridge Analytica, and probably to other entities. The French state’s messaging service might someday be offered to ordinary French citizens.

Photo credit: Wade Roush

Trending on Xconomy