Cyber-criminals as Modern State Sponsored Pirates

Greetings from the Australian National University where Professor Andrew Goldsmith is speaking on "Cyber-criminals as semi-state actors: weaponising ransomware and the Russia/Ukraine conflict". He pointed out that ransomware attacks thought to be originating from Russia are using software which is more normally used for extracting information from systems than simply blackmailing, suggesting a state sponsored role. Professor Goldsmith then went back to the past and pointed out that states in the past have sanctioned private for-profit military operations, in the form of piracy. He says ransomware is attractive as it is financially rewarding for private groups, while being deniable for the state and recommended Egloff (2018). 

Professor Goldsmith asserted that Australian government doesn't have cyber-security capabilities, and has to rely on companies. I suggested that perhaps we needed the equivalent of a coastguard used to combat piracy, that is a force combining the features of military and police. Professor Goldsmith responded that to combat a network, you need your own network, but that having companies conducting offensive cyber-warfare was problematic. The solution, I suggest, is to have reserve ADF personnel, who are continually trained using educational technology, working for the companies. They can look for attacks in their civilian day job, and if an offensive response is needed, put on their uniform. 

References

Egloff, F. (2018). Cybersecurity and non-state actors: a historical analogy with mercantile companies, privateers, and pirates [PhD thesis]. University of Oxford. https://ora.ox.ac.uk/objects/uuid:77eb9bad-ca00-48b3-abcf-d284c6d27571/