As I’m writing the news is circulating that outgoing President Barack Obama has levied sanctions against Russia for various hacking activities including their attempts to affect the outcome of the 2016 Presidential election.
The sanctions that are currently being implemented include expelling 35 Russian “operatives” from the United States and personal sanctions against the leaders of Russia’s cyber-forces. No doubt there soon will be a host of other secret sanctions, likely many of them cyber-attacks against Russia.
Of course, Russia is threatening to retaliate in various ways and we will likely soon hear that some U.S. diplomats are being sent home as persona non grata.
With only three weeks to go before the inauguration of the next President, the current one doesn’t have to worry much about what might happen because it won’t be on his watch any more. But you can be certain that Russia’s retaliation will be more serious than stealing John Podesta’s Gmail password.
While I can’t predict exactly what the Russians will do for their cyber revenge, you can assume it will be significant, perhaps debilitating. It might even be the beginning of a full-scale cyber-war.
And that’s only the start. Now that young Macedonians have discovered that fake news can pay dividends, you can assume that fake stories will become more sophisticated, and more inflammatory.
While fake news by itself isn’t specifically a cyber-security problem, we have already seen how fake news stories can trigger serious consequences and not just in the realm of cyber-security. Just last week a fake news story resulted in renewed nuclear threats between Israel and Pakistan with each reminding the other that they have nuclear weapons and aren’t afraid to use them.
While nuclear war, even on a limited basis, is far worse than a cyber-attack, the chances are that none of the nuclear-capable nations on earth is in a hurry to launch the Big One, if only because it will result in their own death as well, but that’s where renewed cyber-wars come in.
Nowadays it’s easy and cheap to badly hurt your adversary using cyber-attacks, and never needing to turn their national capital into a radioactive wasteland.
But an attack between national adversaries isn’t actually the biggest threat to security. These days the bigger threats are criminals looking to make a fast buck and others wishing to take out the internet connections of a competitor, harass a foreign government they don’t like, take down the websites of companies that angered them or thrill seekers trying to see if they can get on the national news.
Unfortunately, it takes very little in the way of resources to set up Distributed Denial of Service Attack, especially now that entrepreneurs are renting out botnets by the hour. These attacks that are increasingly launched from the Internet of things are extremely difficult to counter and nearly impossible to defend against.
While there are ways to mitigate such attacks, usually by using cloud-based anti-DDoS services, the arrangements have to be made in advance of an attack if they’re to be most effective.