Risk
2/19/2014
03:39 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

U.S. Running Out Of Allies On Cyber Battlefield

International cyber policy and enforcement, and ownership over the Internet are thorny topics that will be tackled at the 2014 RSA Conference next week

International cyber policy and enforcement and ownership over the Internet are all thorny topics, particularly since the Edward Snowden leaks. All of these subjects will be tackled at the RSA Conference next week in a panel discussion titled "Cyber Battle: The Future of Conflict."

RSA Conference 2014
Click here for more articles about the RSA Conference.

Outdated extradition treaties are not prepared to deal with the borderless realm of the Internet. Although there are rules about international airspace and international waters, there is no defined international cyberspace. Without discrete laws to be enforced, cybercrime investigations and prosecutions rely less upon a set of established directives and more upon an international spirit of cooperation.

Yet recent events have disturbed that spirit of cooperation. Dmitri Alperovitch, panel moderator and co-founder and CTO of CrowdStrike, says that while the U.S.'s traditional allies are publicly taking a stand against American spying, unofficially they're much more understanding and less surprised.

However, says Alperovitch, the Snowden scandal has increased the "lack of trust from the rest of the world in the continued U.S. leadership of the Internet."

Although there is no one "owner" of the Internet, most of the world's root DNS servers reside within the United States and ICANN is an American corporation that operates as part of the U.S. Department of Commerce.

Over recent years there has been a great deal of discussion over Internet governance, and movements to wrest the power away from the U.S. and place it in the hands of the United Nations, specifically the International Telecommunication Union. Thus far, these efforts have failed.

"All the energy and push is on the other side, [not the U.S.]," Alperovitch says, "particularly with countries that are fearful of a free Internet."

Alperovitch points out that even American allies do not all share the American stances on freedom of the press. He also referenced the U.S.'s efforts to push China to destroy the "Great Firewall of China" and support a free and open Internet.

"Since the Snowden revelation, the U.S. agenda on China has been completely derailed," he says.

While all this is happening, the number of malicious actors and government-approved spying on the Internet is expanding and the number of countries involved in the activity is increasing.

"You can pretty much assume that everyone is spying on everyone," he says. "How can we get back to a safer Internet that we've enjoyed that now seems just like a memory?"

Alperovitch's panel will take place next Thursday morning, Feb. 27. Panelists include Eric Rosenbach, Deputy Assistant Secretary for Cyber Policy of the Department of Defense, James Lewis, Program Director of the Center for Strategic and International Studies, Jason Healey, Director of Cyber Statecraft Initiative for the Atlantic Council, and Martin Libicki, Senior Scientist of RAND.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Sara Peters is contributing editor to Dark Reading and editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4725
Published: 2014-07-27
The MailPoet Newsletters (wysija-newsletters) plugin before 2.6.7 for WordPress allows remote attackers to bypass authentication and execute arbitrary PHP code by uploading a crafted theme using wp-admin/admin-post.php and accessing the theme in wp-content/uploads/wysija/themes/mailp/.

CVE-2014-4726
Published: 2014-07-27
Unspecified vulnerability in the MailPoet Newsletters (wysija-newsletters) plugin before 2.6.8 for WordPress has unspecified impact and attack vectors.

CVE-2014-2363
Published: 2014-07-26
Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote attackers to obtain access via a login request.

CVE-2014-2625
Published: 2014-07-26
Directory traversal vulnerability in the storedNtxFile function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to read arbitrary files via crafted input, aka ZDI-CAN-2023.

CVE-2014-2626
Published: 2014-07-26
Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.