TSG’s Penders on Euronews: Skripal Case & Russia’s Hybrid War

October 23, 2018 – Lyon, France – The head of The SPECTRUM Group’s Cyber Security & Insider Threat Team, Michael Penders, sat down with Euronews to discuss the Skripal case and the role of cyber threats in Russia’s hybrid war.

Penders noted that, while earlier cyber attacks could be made nearly anonymously, that has changed. “It has been notoriously difficult in the past to attribute attacks in cyberspace. However, in recent years, there have been dramatic improvements in capabilities of the U.S. government and other organizations to attribute these attacks more precisely,” said Penders. “And some of these capabilities have not yet been revealed. It’s been an enhancement of capabilities to identify, with great certainty, the location and the identity of [a given] attack.”

As the Euronews piece found in speaking with several experts, cyber attacks by high-level and state-sponsored hackers are most effective when the entities they’re attacking, whether companies or governments, do not alert others, seek help, or share counter-hacking resources.

“Now, it’s fair to say that as these [counter-cyber threat] capabilities continue to evolve, and evolve very rapidly, the sharing lags behind, and [necessarily] has to be structured in a considered fashion,” noted Penders. But, he added, “there is a great effort to share intelligence, [one] that has proceeded unabated across the alliances – groups like NATO – in terms of the cyber security defenses and offensive capabilities.”

Mario Scaramella shared with Euronews that some European countries believe that military and defense strategy and efforts should be Europe-wide, but cyber threat intelligence should be kept within individual countries. That approach, Penders noted, makes all countries more vulnerable.

“Well – that is the way in for serious hackers, state-level hackers. They take a look into the supply chain of an organization – even the [U.S.] Department of Defense. And if they can gain access to a military defense contractor, that shares data or a supply chain [with] the organization, or an individual at the organization, it can be a way into the critical infrastructure itself.”

While extremely sophisticated cyber attacks on high-value government, corporate, and personal information are ongoing and evolving, the abilities of governments and companies to defend themselves and their citizens has risen to the challenge. Penders sees that as a positive note in what has been and will continue to be a long and multi-domain battle, as evidenced by the Skripal case.

“One thing that’s happened in recent years is [that] the cyber defense industry has become a $6 billion industry. [These attacks] have spurred innovation and the ability to detect and respond and limit the consequences of a cyber attack.”

Penders continued: “This, when coupled with the evolving cyber offensive capabilities [of nations under attack], align for a powerful deterrent. However, the rules for engagement in cyberspace are still unclear.”

Learn more about The SPECTRUM Group’s Cyber Security and Insider Threat capabilities.

Click below for the full two-part interview and transcript (in Italian):

Speciale Intelligence – prima parte: dal caso Skripal alla guerra ibrida, by Diego Malcangi, Euronews

Speciale intelligence – seconda parte: la guerra ibrida e i terreni di scontro, by Diego Malcangi, Euronews