Dropped in, guns ablaze. That’s Berkeley’s MICS.

Just a small reading to start your first week. Some short 200 pages on what is cyber and what is cybersecurity. Turns out, there’s no answer. That’s our main problem. People can’t quite define cybersecurity. More accurately, everyone has different values. Those values translate into what they personally consider needing security, even in cybersecurity. Anyways, people can’t define cybersecurity. In turn, neither can the government. This is where we run into trouble. No definition, no policies, no point of attack… or defense? What’s the definition again?

Looking at major players in the cyber game, we have the US, Russia, China and Iran just to name a few.

The US wants to build out major infrastructure in the cyberspace both offensively and defensively. The problem? No budget to hire the good engineers when FAANG, MAANG, whatever got the whole shebang. Not only that, cybersecurity is hard to grasp. Not everyone is an inherent cyber spy hacktivist and schools can’t exactly teach that now can they? All in all, the US wants to make moves and they’re trying real hard.

This leads us into foreign players. Most cyber doctrines reflect the nations cultural history. Russia likes the cyber game, however, their government is in the same position. The funding isn’t top-tier and they put an emphasis on ~intelligence~ gathering rather than direct attacks. When they DO attack, they prefer hiring for the short jobs. It has less ramifications for the blame game and also gets the job done. Everyone is happy – except Sony probably.

Iran is all in for prevention and tit-for-tat. Break 30,000 Iranian machines? 30,000 Saudi machines are next on the list for retaliation. Iran is planning for tense situations. While also not actively doing things in public, they’re lying in wait to hold a threat over someone’s head if something’s happening.

China is the mystery. Their main focus is on the IP game. They’re looking to make money. The government has to deal with layers and layers of bureaucracy and the efficacy of their cyber activity has yet to be shown. However, China has a strong market for stolen intellectual property and it has a big impact of the American producers and market. The strange part of this world power is their lack of domestic enforcement on cyber crimes. Hackers and scammers target domestic people rather than act with the ideology of the state. Lax punitive measures and controls have led to people acting within the country rather than as a government sponsored entity. However, it’s hard to say the extent of cyber usage in their military with the closed doors we can’t see behind. What is known is the US won’t act in any way to damage the inseparable interdependence the nations have on each other. For now, most of the countries seem to be pulling intelligence in order to make foreign policy and will continue playing nice since our economies rely on each other.

quick blurb: these are very shortened opinions based on this week’s readings. I agree with some view points and mostly find the cultural heritage an interesting anchor for how each nation acts in regards to cyber. The US is aggressive but mostly talk and finger pointing while they do the same “bad” acts. Iran is playing it safe with backup plans but ready to go toe to toe and an eye for an eye. Russia is aloof- they’re building but still like to act detached from an espionage or this case, act like they don’t have state-sponsored hacktivists. China is trying to protect their heritage and cultural norms by blocking outsiders but let’s remember- their society is now almost entirely in the digital world (have you seen douyin?) so they can’t be as inept as some papers suggest.

So for now, what is cyber? What is cyber security? Whose values do they hold a definition up for?