After several massive attacks against some key online services, what if someone was probing the defences of the Internet?
Cyber security expert Bruce Schneier on his blog :
Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. […] We don’t know who is doing this, but it feels like a large nation state. China or Russia would be my first guesses. […]
It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that. Furthermore, the size and scale of these probes — and especially their persistence — points to state actors. It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar.
My knowledge in cyber security is close to zero – I just know password managers like 1Password or LastPass can really enhance personal security at a very low cost for the user (this is why I actually use 1Password). I can’t really tell if Bruce Schneier is trustworthy or not – he seems to be, considering his records, but I’m not fluent enough on this topic to have a more specific point of view. (I’m also always suspicious with “star experts”, as, at least in France, a lot of people who speak on the media as “experts” are in fact not that good in their field of alleged “expertise”.)
Nevertheless, if true, what he describes in his blog post is kind of worrying. Because, who could this entity be? And why is it “probing” the Internet? What kind of damages could be expected if a vast cyber attack is launched against “the Internet”?
I have no idea if this is related, but how could I think about the yesterday cyber attack against Dyn, an attack that resulted in shutting down a vast number of online services and websites such as Twitter, Netflix, Spotify, Soundcloud, The Guardian and The New York Times? Was it another probing from the very same unknown entity?
Cyber security is more and more on the spotlights these days. Ed Snowden helped us, the regular citizens, to be more careful on online privacy and online espionnage by showing that government organizations like the N.S.A. indiscriminately recorded and stored informations about many of us. But for what I understand, cyber security is more than that, as it also embodies (at least) cyber criminality and cyber warfare.
Following Schneier’s claim, if the entity behind these probings is a state, then the probings are an operation of cyber warfare. I’ve recently read an article on Le Monde (the French equivalent of The New York Times) about the growing cyber warfare capabilities of the French army. It was roughly my first reading on this topic. I guess in the next few months or years, the public interest on the topic of cyber warfare will largely increase. Considering what’s at stake (nothing less than national security), that’s probably a good thing.