If there’s one thing that everyone seems to be talking about at the moment, it’s hacking.
Recent hard-hitting ransomware attacks like WannaCry have made malware a talking point for the man in the street, and allegations persist that Russian hackers may have attempted to influence the result of the US presidential election.
Most recently, the Goldeneye/Petya malware hit organisations in various countries, and was felt particularly hard in Ukraine where government offices, energy companies, and the capital Kiev’s airport fell victim. Amongst the Ukrainian casualties of the malware was the infamous Chernobyl nuclear power plant, which had its automatic radiation monitoring systems.
So you can understand why governments have moved far beyond considering hacking and malware to be the province of childish pranksters. Hacking is a serious business.
This fact was brought home to British politicians last week, when they found themselves locked out of their email accounts after the Houses of Parliament’s IT systems were targeted by hackers.
So, what should be done about this?
Well, UK defence secretary Sir Michael Fallon has an idea: He wants to blow the hackers to smithereens.
Sir Michael gave a speech earlier this week where he described how the Royal Navy or Army could be used to respond to a cyber attack:
“The price of an online attack could invite a response from any domain – air, land, sea or cyber space.”
“When it comes to the latter, we are making sure that offensive cyber is an integral part of our arsenal. We now have the skills to expose cyber criminals, to hunt them down and to prosecute them. To respond in kind to any assault at a time of our choosing.”
As we’ve described before, hackers have been killed by American drone strikes in the past – although it’s likely they were singled out for attention for their other ISIS-related activities rather than the simple hacks they perpetrated.
One thing is clear – countries are no longer turning a blind eye to hacking. (and, for what it’s worth, countries around the world are not adverse to engaging in hacking themselves.)
It’s clear that the UK doesn’t just want to be seen to properly protecting its government and parliamentary IT systems, but also wants to send a strong message to its citizens that it is also doing the utmost to defend infrastructure targets such as the energy grid and air traffic control systems by taking pre-emptive action where possible.
But for all its bombastic bravado, the UK government would be wise to remember that it is incredibly difficult to accurately attribute an attack to a particular country, let alone determine whether it was backed by that country’s leaders or the action of lone “patriotic” hackers.
There is always the danger that an attack – whether it be by a drone strike or a retaliatory hack – could impact innocent parties rather than the intended targets, who might be many miles away or even on the other side of the world.
The last thing you would want is to attack an innocent party. Just imagine how a mistake like that might escalate into a situation that’s much much worse.