Sputnik talked about Lithuania’s calls for a joint European cyber task force with Kevin Curran, professor of Cyber Security School of Computing, Engineering and Intelligent Systems, Department of Computing, Engineering and the Built Environment at Ulster University.
Sputnik: How different will this new cyber force be from the NATO Cyber Rapid Reaction Force?
Kevin Curran: It will have a different objective which is really to do with civilian infrastructure, of course, NATO has had a Cyber Rapid Reaction Force for several years now and it protects NATO's own networks, they have a centralized and around-the-clock cyber support for various NATO sites, this handles report incidents and decimates important incident-related information to the management of security.
But this new initiative by Lithuania is more designed to protect civilian infrastructure which is under attack because when it comes to this NATO Cyber Rapid Reaction Force, that is more concentrated on secrets on government levels and military, but the fact is, that quite often with cyber attacks now, that other countries when they are attacking or even individual highly-skilled cyber hack teams, that they actually infiltrate civilian networks, civilian organizations and cause rapid damage within a country, so therefore, it's more likely that if you have a cyber reaction force which allows information to be shared between countries similar to what NATO does and what the NATO Cyber Reaction Force does, but people are more likely to sign up because top secrets are not being passed around across the borders, but still the countries are coming together to collaborate and, of course, provide more effective plans to be able to protect their networks.
Sputnik: You speak of countries coming together, how likely is the new force to attract new members from the European Union countries besides the seven existing ones?
Kevin Curran: It has a chance, of course, again, maybe people will stick to what's already there with the NATO Cyber Task Force, but I think the fact is that this has from the ground up, not concentrating on the secret, on the military aspects and again it's more to do with protecting infrastructure within civilian populations, because in the past cyber-aggression was seen as a technical issue to be outsourced to technicians, but now we know that cyber space is an official domain of warfare, again, the state actors are increasingly meeting geopolitical goals, not only through military force like they did for centuries, but now through discreet cyber tools. And, of course we have disinformation campaigns, and Lithuania have given examples of fake news and cyber operations which are targeted at their government and infrastructure, and these need to be responded to, so countries need to collaborate really to be more effective in protecting what has become a modern problem really.
Especially, we've seen with the problem of ransomware now, even in the UK, last year the National Health Service was brought to its knees because there was a ransomware attack which demanded payment through Bitcoin and really what we had was a critical part of our infrastructure was wiped out for a number of days.
Kevin Curran: It is difficult, because when it comes to cyber-attacks, attribution is very difficult, in other words, they will make it look like a particular attack is coming from another country, that they would pepper the code with comments, anything they can do to make sure that they are not pinpointed as a source, so therefore many attacks which Russia get the blame for, actually, are not from Russia, but likely there could be many other attacks, which other countries are blamed for, and they actually might have come from Russia, so it's very difficult, because attribution, when it comes to looking through source code, it's very hard to pinpoint which country was involved, because of course we have very highly skilled people to do this malware.
It's always down to transparency, as much as you can open up within reason about what you do, that can help. For instance, there's one of the leading people behind the Internet, behind the infrastructure is Huawei, which are Chinese, but the US Government is telling its national citizens to not use Huawei infrastructure, but of course, in the UK, what Huawei did was set up a center close to the GCHQ which are basically the spies for the United Kingdom, and allow them to examine the source code, allow them to examine the code, to see if there are any flaws, any backdoors, so when it comes to things like that there are things you can do, but when it comes to, actually, a county trying to protect its reputation it's very difficult in the long run to be able to do that.
The views and opinions expressed by Kevin Curran are those of the speaker and do not necessarily reflect those of Sputnik.