On one side, we can applaud that American cyber power is still respected. That is, however, if we believe a foreign power would have wished to attack infrastructure during a domestic election.  Such a move would have been a clear, open attack and would have demanded a response.  It is also possible that an attack during voting was never a plan of our adversaries.  The attacks on voting and Internet infrastructure also were characterized as probing attacks to learn the response patterns of counter cyber responses. This is consistent with a cold war scenario.  An open attack would have turned the war hot. So it was a bluff. You do not learn in a hot exchange, you just react – calling the cards. 

So we are still in the cyber cold war; but we were Cuban-missile-crisis close to Cyber World War I. We are still in a war of potentials, that provides each player a set of moves they can make which both release tension from actual warfare levels, but keep the tension in readiness for war levels.

What next?

It is certain that attacks on Internet infrastructure will continue to rise in frequency and increase in complexity, moving from predominately DDoS to route and address manipulation. These will remain probing attacks as response methods are learned and response times marked. Internet infrastructure and the companies that support it seem to be an open target. Data hacking of governments and corporations will increase. Fortunately, power grids and transportation infrastructure, perhaps even more vulnerable, are not yet cold war targets. But for Information and Communications Technology (ICT) companies, active measures are called for.

Now that it is on the playing board, the character of this cold war will involve continued embarrassing releases of illegally hacked information at key times to influence national and international events. Besides Russia’s fetching and release of information on the USA’s Democratic Party, it is well understood that Putin has accumulated mounds of potentially damaging data on President-elect Trump and his business dealings, many shadowed in Russia. This, perhaps, will provide unseen leverage by Russia on USA policy. It probably will result in embarrassing data disclosures. Google outed Microsoft’s software vulnerability. Hacked data disclosures in order to leverage corporate policy and influence decisions are a likely future trend.

China, through a hack of  U.S. data files, is known to have collected detailed personal data on every government, military, and security-cleared worker in the U.S. via a massive data breach hack on the U.S. government. It remains to be seen how this information will be used, but it is clearly seen by China as a strategic asset.

Two fronts of response activity are needed. While we can, make large investments in security technology targeted at protecting physical and network infrastructure.  But equally important, civil and legal institutions must evolve to address this very new world.

Cyber Civil Institutions

We do not have a top-down design for a civil and legal mechanism for responding to this cyber cold war. Social institutions are not subject to engineering efficiency. What happens is that every institution, seeing need and budget opportunities, spawns its own solution group. These never have the same goals and operating methodologies. Also, before a law enforcement agency can open a cybercrime case, it has to have jurisdiction. The World Conference on International Telecommunications 2012 (WCIT-12) gave to the U.N. the regulatory oversight of the Internet - including traffic flow and management of Internet Domain Names and IP addresses. This legal management portfolio included responsibilities for coordinating security and response to fraud. Many argue that the U.N. management equals competing goals and methodologies. Perhaps, pragmatically, it is better to look to national and bilateral solutions.

So, as an ICT corporation, if you are the object of a cyber attack, the good news is that there are organizations which can respond to your requests for assistance. The bad news is you must yourself figure out where to go for that assistance.  Here are the U.S. groups:

Get involved with InfraGard. It is a partnership between the FBI and the private sector. Businesses, academic institutions, state and local law enforcement agencies contribute members to share information and intelligence to prevent hostile acts against the U.S. Along with this, create dedicated internal cyber defense organizations as departments inside your ICT.  Microsoft has provided a strong example for this with Microsoft's Digital Crimes Unit. A company can do more than protect its cyber boarders. Microsoft actively partners with government groups like the FBI and private associations and other corporations to find and put down botnets. While some lines must be drawn in the sand, like protecting the privacy of your customers' data, a hand should be extended toward cooperation in finding the bad guys and repairing infrastructure.