Facultad de Derecho

25 de julio de 2024

CYBERWARFARE, BUSINESS AND ARTIFICIAL INTELLIGENCE

Recently, subversive groups in Colombia have used drones to attack the civilian population and the Colombian armed forces. The use of technology for war or better technology as a weapon is part of the history of human conflicts. The government's response has been to carry out public purchases of equally or more powerful technologies for the detection, control and destruction of drones and to obtain technical assistance and training from foreign governments with greater technological development. Businesses related to the sale of weapons and cyber defense are some of the most important in terms of volume and value of transactions. The digital era has introduced with greater emphasis a new area, which is the transfer of information technologies related to the use of weapons. As in other issues, artificial intelligence is introducing another factor of imbalance in favor of those who may be at the forefront in the use of automation and predictability as strategic tools. In this essay we are going to analyze and discuss how information technologies are at the core of the war industry and how the very principles of human rights in armed conflict can undergo changes due to threats to national and international security. through the use of artificial intelligence.

Por: Daniel Peña Valenzuela

Cyber Warfare and Cyber Defense

Cyberwarfare and cyber defense are intertwined yet distinct concepts in the realm of cybersecurity. Cyberwarfare focuses on offensive strategies, aiming to disrupt, damage, or gain unauthorized access to an opponent’s systems or information.Nation-states and sophisticated attackers use advanced tools like malware, exploits, and social engineering to achieve their objectives. Motivations can include espionage, sabotage, economic advantage, or political influence.

Conducting cyberattacks across borders raises legal questions about sovereignty, jurisdiction, and international laws governing warfare.The ethics of cyberwarfare are contentious, especially regarding collateral damage, proportionality, and the potential for unintended consequences. It is often challenging to accurately attribute cyberattacks due to the use of proxies, false flags, and the anonymity provided by the internet. Incorrect attribution can lead to diplomatic tensions or escalations between nations. A cyberattack can potentially trigger conventional military responses, leading to escalation and broader conflictsEstablishing credible deterrence in cyberspace is complex, as it requires demonstrating both offensive capabilities and defensive resilience.

Cyber defense centers around protecting networks, systems, and data from unauthorized access, disruption, or destruction. Employing firewalls, encryption, intrusion detection systems (IDS), and comprehensive security policies are essential. There is a shift towards proactive defense, including threat intelligence, security awareness training, and continuous monitoring  Organizations often face resource constraints, including budget limitations and a shortage of skilled cybersecurity professionals. Balancing investments between prevention, detection, and response is crucial.

Collaboration between governments, private sector entities, and international organizations is vital for sharing threat intelligence and coordinating responses. Overcoming barriers to information sharing, such as concerns over privacy and competitive advantage, is a key issue. Cyber defense must continuously evolve to counter emerging threats like ransomware, state-sponsored attacks, and vulnerabilities in IoT devices and cloud infrastructure. Timely detection and response are critical in mitigating the impact of cyber attacks.

Cyberwarfare and cyber defense both pose significant challenges, albeit from different perspectives. While cyberwarfare focuses on offensive capabilities and strategic implications, cyber defense emphasizes resilience, collaboration, and adapting to evolving threats. Both arenas require ongoing innovation, international cooperation, and robust legal frameworks to navigate the complex landscape of cybersecurity in the modern age.

Cybersecurity, State and National Security

Cybersecurity is indeed a multistakeholder issue, involving various entities and stakeholders across different sectors. The digital ecosystem is highly interconnected, with networks spanning across national borders, industries, and sectors. A security breach in one sector or region can have ripple effects globally. Protecting cyberspace requires collaboration among multiple stakeholders, as no single entity can address all aspects of cybersecurity alone. Cyber threats come from various sources, including nation-states, cybercriminals, hacktivists, and insiders. Each stakeholder group faces distinct threats and vulnerabilities. Rapid technological advancements, such as IoT, cloud computing, and AI, introduce new vulnerabilities and complexities that require coordinated efforts to mitigate risks.

In the realm of cybersecurity, the concept of a “starring figure” doesn’t align with the field’s dynamics, which are more about collaborative efforts and technological advancements rather than individual prominence. However, certain entities or organizations play pivotal roles and are widely recognized for their contributions and influence in shaping cybersecurity practices and policies globally. One such entity is the state.

States develop and enforce cybersecurity policies and regulations that govern organizations and individuals within their jurisdictions. They establish legal frameworks to address cyber threats, data protection, incident reporting, and international cooperation on cybersecurity issues. States prioritize cybersecurity as a critical component of national security strategies. They invest in cyber defense capabilities to protect government systems, critical infrastructure, and sensitive data from cyber attacks, espionage, and sabotage.

States engage in diplomacy and international cooperation to address cross-border cyber threats. They participate in bilateral and multilateral agreements, treaties, and organizations aimed at enhancing cybersecurity cooperation, information sharing, and norms of responsible state behavior in cyberspace. Some states conduct offensive cyber operations to achieve strategic objectives, including intelligence gathering, disruption of adversaries’ capabilities, or in response to cyber attacks. States invest in cybersecurity capacity building initiatives, education, and workforce development to enhance national resilience and address skill shortages. They collaborate with private sector entities, academia, and civil society to promote cybersecurity.

Cyberdefense and IA

AI algorithms can analyze vast amounts of data in real-time to detect patterns and anomalies that may indicate a cyberattack. This capability helps in early threat detection and prediction of potential attacks before they fully materialize. AI-powered systems can respond to threats autonomously and rapidly, often much faster than human operators. This includes actions like isolating infected systems, blocking suspicious activities, or rerouting traffic to mitigate the impact of an attack.

AI can monitor and analyze user and system behaviors to establish baselines and identify deviations that may indicate unauthorized access or malicious activities. This proactive approach enhances security by focusing on abnormal behavior rather than known attack signatures. AI enhances the effectiveness of security analytics by processing and correlating data from various sources (e.g., network traffic, logs, user behavior) to provide more accurate insights into potential threats. This helps in prioritizing alerts and reducing false positives.

AI enables adaptive security measures that can dynamically adjust to evolving threats and changing environments. This adaptability is crucial in today’s complex and rapidly changing cybersecurity landscape. While AI offers significant benefits, there are also challenges such as AI being susceptible to adversarial attacks and the need for skilled professionals to develop and manage AI-based cyberdefense systems.

AI is revolutionizing cyberdefense by providing advanced capabilities in threat detection, response automation, behavioral analysis, and adaptive security measures. As cyber threats become more sophisticated, leveraging AI in cyberdefense is becoming increasingly essential for organizations to protect their digital assets effectively.

Challenges for Colombia’s cyber defense due to artificial intelligence

For a country still at war like Colombia, it is evident that any technology can be used to unbalance and cause more damage to the enemy. In that sense, the disruptive nature of artificial intelligence requires a strategic analysis to incorporate it among the options to improve offensive and defensive alternatives.

As long as the war in Colombia does not end, the Colombian state, directly or through its national and international suppliers, must have at its disposal the artificial intelligence systems and artifacts that allow it to overcome cyber defense challenges.

Technological dependence is not a good strategic axis in the defense sector. Colombia cannot depend on the implementation of artificial intelligence for weapons from international suppliers or foreign countries. It is important that businessmen and local industry can support the Colombian state in its goal of autonomy and development of its own defense technologies.

Artículos Recientes