Risk
2/19/2014
03:39 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

U.S. Running Out Of Allies On Cyber Battlefield

International cyber policy and enforcement, and ownership over the Internet are thorny topics that will be tackled at the 2014 RSA Conference next week

International cyber policy and enforcement and ownership over the Internet are all thorny topics, particularly since the Edward Snowden leaks. All of these subjects will be tackled at the RSA Conference next week in a panel discussion titled "Cyber Battle: The Future of Conflict."

RSA Conference 2014
Click here for more articles about the RSA Conference.

Outdated extradition treaties are not prepared to deal with the borderless realm of the Internet. Although there are rules about international airspace and international waters, there is no defined international cyberspace. Without discrete laws to be enforced, cybercrime investigations and prosecutions rely less upon a set of established directives and more upon an international spirit of cooperation.

Yet recent events have disturbed that spirit of cooperation. Dmitri Alperovitch, panel moderator and co-founder and CTO of CrowdStrike, says that while the U.S.'s traditional allies are publicly taking a stand against American spying, unofficially they're much more understanding and less surprised.

However, says Alperovitch, the Snowden scandal has increased the "lack of trust from the rest of the world in the continued U.S. leadership of the Internet."

Although there is no one "owner" of the Internet, most of the world's root DNS servers reside within the United States and ICANN is an American corporation that operates as part of the U.S. Department of Commerce.

Over recent years there has been a great deal of discussion over Internet governance, and movements to wrest the power away from the U.S. and place it in the hands of the United Nations, specifically the International Telecommunication Union. Thus far, these efforts have failed.

"All the energy and push is on the other side, [not the U.S.]," Alperovitch says, "particularly with countries that are fearful of a free Internet."

Alperovitch points out that even American allies do not all share the American stances on freedom of the press. He also referenced the U.S.'s efforts to push China to destroy the "Great Firewall of China" and support a free and open Internet.

"Since the Snowden revelation, the U.S. agenda on China has been completely derailed," he says.

While all this is happening, the number of malicious actors and government-approved spying on the Internet is expanding and the number of countries involved in the activity is increasing.

"You can pretty much assume that everyone is spying on everyone," he says. "How can we get back to a safer Internet that we've enjoyed that now seems just like a memory?"

Alperovitch's panel will take place next Thursday morning, Feb. 27. Panelists include Eric Rosenbach, Deputy Assistant Secretary for Cyber Policy of the Department of Defense, James Lewis, Program Director of the Center for Strategic and International Studies, Jason Healey, Director of Cyber Statecraft Initiative for the Atlantic Council, and Martin Libicki, Senior Scientist of RAND.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3345
Published: 2014-08-28
The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503.

CVE-2014-3347
Published: 2014-08-28
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid s...

CVE-2014-4199
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

CVE-2014-4200
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.

CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.