"European Union member states have drafted a diplomatic document which states serious cyber-attacks by a foreign nation could be construed as an act of war.
The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances."
The framework on a joint EU diplomatic response to malicious cyber activities would seem to raise the stakes significantly on state-sponsored attacks, especially those focused on critical infrastructure.
Security minister Ben Wallace claimed last week that the UK government is “as sure as possible” that North Korea was behind the WannaCry ransomware attacks in May that crippled over a third of NHS England, forcing the cancellation of thousands of operations and appointments.
The suspected state-sponsored group known as Dragonfly has also been active of late probing US energy facilities.
That said, definitive attribution in cyberspace is very difficult, making the framework appear largely symbolic.
It brings the EU in line with Nato moves in the past establishing cyber as a legitimate military domain, meaning an online attack could theoretically trigger Article 5, the part of its treaty related to collective defense.
That states that an attack on one member is an attack on all 29 allies.
McAfee chief scientist, Raj Samani, claimed the move was unsurprising considering WannaCry and the likely state-backed attacks on French and German elections.
“While it is important to define cyber-attacks that are used for espionage or disruption as they would be when committed by physical actors, the greatest challenge that countries have will be in identifying and proving that the malicious actors that caused the cyber-attack have direct links to governmental organizations – something that these groups will be even more keen to conceal going forward,” he added."
I'm expecting the USA to follow with a similar statement, to function as an additional deterrent against the recent spate of Russian and North Korean incusions.
The vast majority of Russia's attacks start with social engineering and spear phishing attacks. KnowBe4's integrated training and phishing platform allows you to send fully simulated phishing emails so you can see which users answer the emails and/or click on links in them or open infected attachments.
See it for yourself and get a live, one-on-one demo.
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
This is a cross-post from Phil Muncaster at InfoSec Mag