>Guest Blogger: Cyberwar Meeting in European Parliament with NATO’s Jamie Shea


This post was written by Reza Rafati – CEO Cyberwarzone.com and he has given us his permission to post it on Chatback Security. Reza recently responded to our request for guest bloggers and what a prefect way to kick things off as Cyber Security is a specialism that we do not profess to know much about!

Cyber Security is now recognized as a high risk priority by governments across the globe. This is supported by the fact that the UK Government’s Strategic Defence Spending Review which diverted key funds away from traditional areas of spending to the protection of the UK’s critical national infrastructure from the cyber threat.
There is no winner in Cyber warfare

The importance of this shift to a greater focus on Cyber Security was given highlighted by the discovery of STUXNET, the first example of a ‘cyber weapon’ designed to attack an aspect of a nation’s critical national infrastructure.

The Meeting

The Cyber Security meeting was a great success. At the start of the meeting there were some technical issues with the microphones, but who cares? We want to discuss Cyber warfare! And so we did.


The discussion started with the NATO strategies issue, it was about which options does a country have when it is under attack by a force?

This was a very delicate issue because what is Cyber warfare is? Well we speak of Cyber warfare at the moment that a country has declared war to the country. So when a country or a force attacks another country without a declaration of warfare it is not Cyber warfare.

The act of attacking without a declaration of war is classified as Cybercrime. This makes it hard to retaliate because there is no war declared. The next issue that comes along is the fact that even if we do reply with an attack, we could take down an hospital and then we are speaking of collateral damage. Because the aggressor used the hospital network to attack, we retaliate against the hospital.

We will need a global understanding & perspective about the Cyber war attacks.

Cybercrime is like a paradox. There is no hierarchical system

Nightmare of all problems

After an attack (Stuxnet) there are certain points that need to be checked and controlled. You will have to look after :
 – How did they penetrate the systems
 – You will have to clean the systems
 – The disruption it caused
 – Exploits ?
 – The mental stress it causes.
The cyberspace needs to be regulated, but how do you want to regulate the internet while it can’t be regulated by a single regulator. Because when we look to the internet we see it as no man’s land (law of the sea), but in fact it is somebody’s property, it could be from the government, companies or from civilians.


So the world has to agree for transparency. If we need help or information regarding Cyber security the countries should provide them.

But at the moment there is no transparency, think of the Estonia and Russian conflict.

A Finnish expert, told the Helsingin Sanomat newspaper that it would be difficult to prove the Russian state’s responsibility, and that the Kremlin could inflict much more serious cyber-damage if it chose to. source

Open issues

 – The internet traffic regarding Cybercrime has increased rapidly.
 – How can a behaviour code be created to use the internet legitimate.
 – If there is an attack going on, and you want to retaliate how will you get the attribution of proof?
 – How can we make retaliation possible?
 – Who is responsible ?
 – What can we do against sponsored cyber attacks?
 – How can we prevent extremists from recruiting people from the internet?
 – At a certain point defence will catch up with offensive behaviour
 – Creating a global cyber war response team

If I would shutdown a honey pot because there is a “cyber war” going on, it could affect over 500 servers. And that is the reason why you can’t retaliate, because you don’t know were the bodies will show up.

Author: Reza Rafati
Twitter name: @cyberwarzonecom

For more information about me please checkout my Linkedin profile at http://uk.linkedin.com/in/padrury/

Posted in Miscellaneous Tagged with: ,