Krigskunst.dk

Tag: Cyber

  • Russiske agenter kortlægger datakabler i Irland

    I denne uge har det vakt opmærksomhed at Irland øjensynligt har fundet russiske agenter i gang med at kortlægge de præcise placeringer af transatlantiske datakabler. Fx skriver The Moscow Times:

    Ireland’s police believes Russia has dispatched agents there to inspect undersea cables, raising concerns that they could tap or damage the cables at their weak points and thwart global communications, Britain’s The Times newspaper reported Sunday.

    Britain and the United States have warned that the Russian Navy could disrupt over $10 trillion in daily transactions by attacking the fiber-optic cables crossing the world’s seas and oceans. Last year, Britain banned the export of submarines to Russia over national security risks including the alleged ability to cut the undersea cables which carry most global internet communications.

    Irland kandiderer til rollen som fremtidens kampplads for spioner, lidt på samme måde som Berlin var det under Den Kolde Krig. Dels har landet en central placering som bindeled for transatlantiske kabler, og dels har en fordelagtig skattelovgivning gjort at firmaer som Google, Facebook og Twitter har etableret europæiske hovedsæder i Irland. Endeligt er der den faktor at Irland ikke selv har et særligt stærkt efterretningsvæsen, så landet er sårbart over for fremmede magters positionskamp i cyberspace.

  • GDPR står i vejen for Europas udvikling af kunstig intelligens

    Som internetbruger kan man godt blive træt af cookie-advarsler, og som virksomhed er det en jungle at hitte rede i hvad der tæller som private oplysninger, og hvad man må gøre med dem. Men måske er der også flere udfordringer med EU’s meget strikse tilgang til datasikkerhed. Emilia Porubcin beskriver i et blogindlæg hos ICDS hvordan GDPR på en række områder er decideret skadeligt.

    For det første har forskere nu bevist at systemet kan bruges til at skabe sig adgang til brugeres data. GDPR har nemlig åbnet en ladeport for identitetstyveri. Alle borgere har krav på at få oplyst alt hvad virksomheden har registreret om dem, og det kan ondsindede individer udnytte til social manipulation af de ansatte som prøver at forvalte reglerne.

    Et andet problem er at GDPR gør det svært at arbejde med udvikling af kunstig intelligens. Som Emilia Porubcin beskriver det:

    The EU’s expansive privacy regulation has also been critiqued for the limitations it poses on AI development, which relies heavily on (big) data. Beyond its restrictions on the collection of user data, GDPR ensures that even if a company does collect personal data, its use for automated decision-making—a standard AI application—is limited. Article 22 mandates that a user can opt out of automated processing, in which case the company must provide a human-reviewed alternative that obeys the user’s wishes. When automation is used, it must be clearly explained to the user, and its application could still be punished for ambiguity or violating other regulations, making the use of AI a risky task for GDPR-compliant bodies.

    Det er dårlige nyheder. Kunstig intelligens er afgørende for fremtidens teknologi, både civilt og militært. Det er vigtigt at Europa er konkurrencedygtig på det område. Lad os håbe de finder en god løsning så man kan tilgodese både borgernes privatliv og virksomhedernes arbejde med kunstig intelligens.

  • Cyberkrigen kører i baggrunden. Vi har brug for en digital Genéva-konvention.

    Magasinet Wired giver her deres guide til begrebet cyberkrig. Skrevet af Andy Greenberg

    For nearly a decade, cyberpolicy doves have been calling, largely in vain, for some sort of global treaty or convention that could establish rules for cyberwarfare. In their 2010 book Cyber War, Clarke and Knake proposed a Cyber War Limitation Treaty, which would ban first-use attacks on another country’s critical infrastructure. More recently, Microsoft president Brad Smith has called for a Digital Geneva Convention that would prohibit cyberattacks on civilian targets. Josh Corman, a former director of the Cyber Statecraft Initiative at the Atlantic Council think tank, has suggested a more limited agreement that he describes as a “cyber no-fly-zone” around hospitals, one that would essentially start the process of limiting cyberwarfare by making any life-threatening attack on medical facilities a war crime.

    The first major historical event that could credibly fit Clarke and Knake’s definition—what some have dubbed “Web War I”—had arrived just a few years earlier. It hit one of the world’s most wired countries: Estonia.
    In the the spring of 2007, an unprecedented series of so-called distributed denial of service, or DDoS, attacks slammed more than a hundred Estonian websites, taking down the country’s online banking, digital news media, government sites, and practically anything else that had a web presence. The attacks were a response to the Estonian government’s decision to move a Soviet-era statue out of a central location in the capital city of Tallinn, angering the country’s Russian-speaking minority and triggering protests on the city’s streets and the web.

    Jeg kan efterfølgende anbefale at læse Wireds artikel om NotPetya-angrebet der i stor stil gik ud over Mærsk.