Communications of the ACM
A Better Kind of Cybersecurity Strategy
The multilateral nature of cybersecurity today makes it markedly different than conventional security, according to a new study.
Credit: Jose-Luis Olivares/MIT
Researchers at the Massachusetts Institute of Technology (MIT), Northwestern University, and the University of Chicago contend Russia's use of North Korean IP addresses for a cyberattack during the opening ceremonies of the 2018 Winter Olympics underscored the need for a new cybersecurity strategy involving selective retaliation.
Said MIT's Alexander Wolitzky, "If after every cyberattack my first instinct is to retaliate against Russia and China, this gives North Korea and Iran impunity to engage in cyberattacks."
After extensive modeling of scenarios in which countries are aware of cyberattacks against them but have imperfect information about the attacks and attackers, the researchers found a successful strategy involves simultaneously improving attack detection and gathering more information about the attackers' identity before retaliating.
Wolitsky added, "If you blindly commit yourself more to retaliate after every attack, you increase the risk you're going to be retaliating after false alarms."
From MIT News
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found