Is the United States at war in cyberspace with other countries? It's the claim that a few insurers made when US-based Merck filed a claim after a 2017 cyberattack. The company filed a $700mm-ish claim, and the insurers rejected this saying that the attack was an act of war by Russian government operatives. If a factory were disrupted in the real world by actual government operatives (soldiers, spies, etc.), then it likely would be considered an act of war, but in cyberspace, who knows.

Actually, in cyberspace, who really knows who is whom, and for who they work? Maybe we don't even know who "they" are in many cases.

Bruce Schneier wrote a piece on this, talking about a possible solution of using a government backstop that would provide some assistance or coverage that insurers might not be able to cover. While that sounds good if you have a claim, as a citizen, I think this likely encourages more attacks from others, whether they are nation-states or individuals. If someone thinks they might create a spending crisis in a country, maybe they would mount many attacks that are disguised as coming from a foreign nation and cause a government spending issues.

The United States has a scale issue, but this could cause similar issues in many smaller countries if this were a way of doing business. Perhaps this might also cause some economic issues if companies don't want to do business in places where they aren't covered.

However, this might not be a big issue as more insurers are starting to carve out exceptions in their coverage for these types of attacks, so if your organization is hacked by a supposed nation-state, you aren't covered. I suspect this will also start to extend to other exceptions, such as having unpatched (or incompletely patched) systems, poor policies or just incompetent employees, lack of security scans, and more.

In some sense, I would hope that some of these attacks will force, or at least pressure, many organizations to take security more seriously. At the same time, as someone dealing with these changes, it can be inconvenient and a blow to productivity as I struggle to adapt to changes in policy, protocol, and procedure. Some are easy, like locking my home machine. Some are more challenging and frustrating as I try to share more content inside the company. It's good, but it's frustrating.

Cyberattacks and cybersecurity are increasingly a part of our lives as technology professionals and I urge you to spend a little time learning about the field. If you want a fun challenge, try the Advent of Cyber 2023 is still up as of this writing. I went through it and it was a fun (and scary) way to learn a few things about security, vulnerabilities, and tools out there.