Cyber attacks: We must stop tit-for-tat warfare

Spiralling cyber skirmishes are in no one's interest and harm all parties…

...innocent bystanders, by denying access to systems and services. We're all put at risk by the actions of a few.

The growing ease of launching a cyber attack, combined with the steady increase in vulnerabilities being discovered, increasing connectivity and our 'always on' culture, means we can expect to see more and more cyber skirmishes in the future.

Overreaction to cyber attacks

Part of the problem, or perhaps part of the effectiveness, is that people can and do overreact to such attacks. If they have the skills to use the internet to get back at their attackers, they invariably do, which is rarely the best way to put an end to it. Because of the ease and anonymity, it is very easy for such skirmishes to spiral out of control.

Perhaps more concerning is that such retaliation is often fruitless due to the anonymity of the original attacker. Attacks may be blamed on nation states, but the true culprits are often activists or bored teenagers.

Such attacks are hard, sometimes impossible, to attribute to a particular group. However, they can be easily and effectively crafted to look as if they came from a certain place. So even where it seems clear who the perpetrator is, it may not be.

It is therefore important for those aggrieved not to overreact or jump to conclusions. Nothing is gained by launching retaliatory attacks even if you get the right target, and you may find yourself victim to even more severe attacks.

Diplomacy is best response

There are no easy solutions. Diplomacy is the best route forward, but of course this approach is not always possible when there are fundamental differences of opinion, or when one or both parties refuse to co-operate. Indeed, the disruption of any ongoing diplomacy can actually be the aim of a cyber attack.

Even if we can't always protect ourselves from the initial attack, we need to stop making things worse for ourselves by leaping to conclusions. There needs to be recognition that all countries have activists that may not act in the interest of the state.

Establishing a motivation and likely source is more effective than trying to trace the attack. As with the investigation of any crime, until you can be absolutely sure of the perpetrator, you should not be seeking to retaliate.

The only practical resolution is for such issues to be discussed openly, and underlying grievances to be addressed through proper processes. This objective is not always easy, or indeed possible.

But tit-for-tat attacks are in no one's interest. They cause undue harm to all parties as well as innocent bystanders. They are often fruitless due to the anonymity of the original attacker. They have usually already achieved their intended purpose, and they divert already stretched resources away from tackling real cybercrime.

If we don't implement a degree of acceptance we will soon be seeing repeats of the cyber attacks we saw in Estonia in 2007.

Tony Dyhouse is cyber security director at the Digital Systems Knowledge Transfer Network, an independent, free-membership body set up by the Technology Strategy Board to combine expertise in distributed computing, cyber security and location services to help address the challenges of digital Britain. The Cyber Security Programme brings together business, government and academia to collaborate on effective responses to cyber security threats.