Student Report on Cyber Terrorism
The following is my final report for TESU done on Cyber-Terrorism from June of 2017. What is sad to say is in the 2 years since the writing of this report, things can be said to have gotten worse, with clear evidence of Russia and China's continued infiltration into US technology and election infrastructure, and complete inaction from congressional Republicans to stopping it in favor of possible short-term gains such interference has outweighing the long-term stability of the US.
James Topoleski
Research Report Into Cyber Terrorism
There can be little doubt in today’s world that the growth of cyber-terrorism has become a significant threat to nations. Far beyond targeting individuals for financial gain where that damage is somewhat contained, the ability to take down whole infrastructure, or even whole governments has become an significant tool for state sponsored hacker groups. With the support of governments they can advance an agenda that promotes their nations through the damage and confusion sewn on that governments rivals. Worse still though is that thanks to the ease of access and the availability of the tools, rouge factions no longer need support from one's governments and could act as terminal for hire, working for terror cells, criminal organizations, and even just for fun to sew just as much destruction on their own.
This report will discuss how such attacks have gone from a minor annoyance to a critical threat for nations, and in doing so show that as methods and techniques have improved the advancement of politically motivated cyber-warfare has become an important and dangerous tool in nations arsenals both in sowing discord among a nations population, and critically damaging that nations infrastructure.
It was never this way mind you, only 20 years ago cyberspace attacks were almost looked on as a novelty. Back then very little was interconnected and while a disgruntled sewer system operator might have had fun poking his employer in the eye by making the sewer system run haywire, it was still seen as an oddity. (Brenner, 2013) In fact much in the way of cyber warfare was thought of as little more than fun Hollywood movies like War Games, Sneakers, and Hackers, movies where black hat “patriots” fought against the man in an attempt to expose government secrets that infringed on our freedoms, an irony in that many of those movies have inspired the perpetrators of some of the largest leaks of US intelligence and tools in recent years.
This doesn’t mean that we as a nation we naïve to the notion of cyber warfare. There is still classified missions where the US engaged in limited cyber warfare on Saddam Hussein in the first Gulf War of 1991, as well there had been serious talk as far back as 1994 of “using the Internet to empty the bank accounts of key Serbian leaders,” (“Cyber Warfare…The New Reality.,” 2012) during the Serbian war in the Balkans. The only thing that stopped such an action was fear, that “ In taking this step, we’d open Pandora’s Box.”(“Cyber Warfare…The New Reality.,” 2012)
Today though we are in a situation where whole security systems could be disabled, such as the WeMo firmware hack in 2014 (Goodin, 2014) or whole power infrastructure can be taken over, such as the 2015 Ukrainian power grid hack, a scenario only 8 years prior that was seen as scaremongering “when the US government demonstrated in 2007 how hackers could take down a power plant by physically destroying a generator with just 21 lines of code.” (Security, n.d.) Nations have gone about gathering holes in major OSs or applications, and hiding them away for their use against one another. Secret projects like the “Cherry Blossom project, which is the framework by which CIA operatives can subvert wireless routers; install software that harvests email addresses, chat usernames, MAC addresses and VoIP numbers; and allow man-in-the-middle attacks and browser redirection” (at 22:49 & tweet_btn(), n.d.) are routinely being used to further efforts of nations against not only other nations, but their own people, leaving citizens helpless to what their nations cyber warfare plans are and vulnerable.
“We now rely on social structures that barely existed 150 years ago. The order and functioning of modern societies, economies and militaries depend upon tight coordination of logistics and operations.” (Alexander, Goldman, & Warner, 2013) It is because of this dependence though that makes state sponsored cyber-terrorism such a critical issue. One has little further to look than the CIA and MOSADS Stuxnet virus, “the first attack of a major nature in which a cyberattack was used to effect physical destruction.” (Lindsay, 2013) in this case the centrifuges of Iran’s nuclear program, to see how interconnected the internet has become with modern life.
With Stuxnet, the Governments of the United States and Israel opened up a new frontier, not much different than the one the US and Soviet Union previously worked together to prevent becoming weaponized. While this was seen as a win against a nation looking to develop a nuclear capability, that firmware ended up spreading far beyond the systems that it was intended to damage. Yet while the cold war powers came to an agreement that space was off limits for the use of weapons to attack each other, today the US, Russia, Iran, China and many other nations have decided cyberspace is fair game, despite being as damaging if not more so than a space based weapons platform could have been.
We may already be too late in this fact as recent investigations have shown dangerous new vulnerabilities meant to disrupt a nation's fragile electrical infrastructure being developed. “The computer code, dubbed “CrashOverride” by Maryland-based Dragos, and “Industroyer” by ESET in Slovakia, is a genuine cyber weapon that can map out a power station’s control network and, with minimal human guidance, issue malicious commands directly to critical equipment. “ (Poulsen, 2017) Such a weapon could seriously cripple a nation's power infrastructure at a time that may be critical for the attacker. The US government and others are not taking it lightly either. The “Department of Energy assessed that the U.S. now faces “imminent danger” of a cyberattack that would trigger a prolonged cascading outage that would “undermine U.S. lifeline networks, critical defense infrastructure, and much of the economy; it could also endanger the health and safety of millions of citizens.” (Poulsen, 2017) We may be on the verge of an attack even more serious than Stuxnet, and the general population not even being aware of its existence, only realizing something is amiss when every single light and outlet in a large swath of the US blinks out in a matter of minutes. Such a tool could be the attack itself, or the precursor of something much more serious such as a terror attack or even all out warfare, using the confusion sewn in those opening moments as a time to strike.
There are many ways that a nation could prevent such a catastrophe. Stuxnet happened in part because of a failure to follow proper security procedures, the code being loaded into the systems by way of a USB Stick. Just by taking simple controls like preventing such a stick from being readable, or by limiting the contact infrastructure has with the web at large one could prevent a lot of vulnerabilities from worming their way into their systems.
In the case of the recent WannaCry attack, simple malware blocks and phishing/malware intercept software that pre-loads emails and tests attachments in a controlled virtual machine could have easily limited the scope of the attack. Even education into the risks involved in opening an attachment you don’t know about, and had no indication you would be getting would go a long way. More importantly limiting the access that vital systems have to common systems that handle web traffic would localize an attack to day to day client machines and not vital infrastructure. Thus it is common that much like singular attacks on individuals, cyber warfare specialists use common exploit patterns and tools to get their attacks through.
When it comes to cyber warfare, nations tend to be the largest players in the field. Large countries like the US, China, Russia are the expected actors, but even smaller nations such as North Korea, Iran, Ukraine, and others all have hands in the game. In a way cyberwarfare has leveled the playing field. Whereas in the past a nation needed to send an not too insignificant portion of the GDP on military strength, cyber warfare makes it so that literally any nation with even low tech computers has the ability to cause serious damage to a much larger nation. A perfect example of this comes from the fallout of the recent WannaCry cyberattack, which crippled England health system. After careful investigation, “Britain’s National Cyber Security Centre (NCSC) has reportedly attributed the WannaCry malware … to the North Korean-affiliated hacking team Lazarus Group.”(“WannaCry ransomware attack ‘linked to North Korea’ | Technology | The Guardian,” n.d.) Gaining access to leaked US NSA tools, North Korean hackers were able to inflict serious damage despite being in a country with limit electrical service and a very restricted internet.
This need for limited resources has actually brought about a new player to the field, that of non-state actors. Groups like Anonymous, and others have no declared national allegiance. They work as rouges and players for higher, either causing damage due to a nation or political parties perceived offenses towards them, or just for the ability to do, using their abilities less like white and grey hats and more like black hats, sewing seeds of destruction because they can. This poses an even more serious threat than that from a national group, as their work may be mistaken for a state actor causing two nations to have diplomatic failings.
The US has long been seen as taking the lead when it comes to cyber warfare. Indeed some of the most significant attacks against nations has been at the hands of US intelligence teams who have been tasked with using their tools to either provide intelligence for operations, or cripple infrastructure. “Much of the world's cyberinfrastructure, capacity and computer-security expertise resided in America,” (Alexander, Goldman, & Warner, 2013) and due to this the US has had some early advantages in the use of cyber warfare.
If anything is at fault to the US’s issues today of staying ahead of the game, it is that there was no urgency or foresight into how critical those advantages would be. “By the time the United States started losing intellectual property on a massive scale in the middle of the last decade, the opportunity to capitalize on commanding advantages had been lost.” (Alexander, Goldman, & Warner, 2013) Couple this with recent intelligence leaks such as the Snowden leak, or the release of many of the known tools the NSA use to get into IT infrastructure and the US more often than not is playing catchup in containing and combating attacks than staying ahead of them most notably by the next major player in the field, Russia.
Recent news has shown though that the social attack is just as damaging as going after infrastructure in delegitimizing current governments and sewing discourse into a political system. As early as 2008, Russia instigated a massive attack on the former Warsaw Pact nation of Georgia, resulting in “the online capabilities of Georgia” being “severely degraded by a massive denial-of-service attack.” As well as “Georgian official and private web-sites were also defaced.” (Filshtinskiy, 2013) This could easily be seen as a trial run to the slew of European elections as well as the last US presidential election where once again Russia has been found to be interfering or outright swaying the election towards candidates that benefit it as a state.
In fact Russia has become one of the largest threats towards other nations in the realm of cyber warfare, going so far as performing a major “cyberattack on the U.S. electoral system” that has been found to be “far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.”(“Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known,” 2017) These attacks are in many ways extensions of the old Soviet Era playbook towards intelligence operations, and far more dangerous. Where once you had limited Russian infiltration through the use of compromised moles with only access to particular segments of government operations, today you see vast inflation and disinformation being sewn far and wide into the entire nations being.
A lot of this recent resurgence has the fall of the Soviet Union to blame. The end of the USSR has been a rough situation for many Russians to deal with. Economic strife has severally crippled their military, and corruption runs rampant in their government now made up of ex-soviet officials, and organized criminals who through shrewd business dealings have bought their way to top government positions. Couple this with economic sanctions levied at the few major trade items Russia was actually making money off of and it spells a recipe for a military looking towards cheaper ways to combat nations.
In fact much of Russia’s propaganda machine it uses today to sway European and US elections towards candidates that have a more pro-Russia stance can be traced to tools used internally by the KGB and other groups for propaganda toward their own citizens. “Aggressive and deceptive propaganda... worse than anything I witnessed in the Soviet Union”(Kendall, 2014) has been the take from many who have seen Russia’s media and web brigades strike out against anything and anyone perceived as anti-Russian. Very quickly Russia has learned to use the internet as a tool to spread false narratives and outright lies so believable, even staunch anti-communist cold war warriors are being convinced that Russia is speaking more truth than their own government.
China on the other hand, has had an interesting position on their current cyber warfare efforts, in that they often play out very similar to how their own military operates. Much of China’s efforts deal with the restricting of normal e-commerce trade and the general operation of the internet through blocking access via the Great Firewall of China. While they have had limited incursions through the use of hacking to gain access to nuclear or warfare secrets, their efforts have been minor with good reason as by having such a large population that extends beyond their borders, their intel and surveillance gathering efforts have more revolved around HUMINT or human intelligence and less SIGINT or signal intelligence.
“If we want to talk about the actual, now playing out, big national security issues,.. the real world one to worry about is the massive campaign of intellectual property theft that’s emanating from primarily China.” (Policy, n.d.) Often it is not state secrets that make their way into China through cyber means, but corporate secrets making them a more significant threat towards the economic forces that drive nations, than the military forces that protect them. This causes a serious question to be raised on who is responsible at that point in protecting a nations companies, the companies themselves who spend significant resources and money on protecting their organizations, or should the military, who has never before intervened in such a direct way interview here in protecting against a threat with known country backing, even if that threat is not directed at the US government or military.
The one question all must ask is where do we go from here. While we as a world very quickly found out the serious nature of the use of nuclear weapons and the deadliness of all out warfare to stick to a cold war between nations, forever shying away from an all-out conflict with the knowledge of what such a third World War could bring, cyber warfare is shadowy and seen as very limited. Even with WannaCry few were directly affected by the attack, despite the large number of hospitals having their IT infrastructure locked out, not one death has been attributed to it. While this may be through sheer luck, the specter of a Cyber Pearl Harbor or Cyber 9/11 has been raised, one which may make nations act.
“In the past, we have persistently established institutions to deal with all the uncertainties prevalent in the international system, yet with these changes in scale, proximity, and precision driven by developments in the sphere of information technology, we have helped undermine the international system’s presumptions about conflict.”(Kavanagh, 2015) It may be just this need for establishing an institution, a treaty with clear structure on what is or is not allowed, sort of a START treaty for cyber-warfare that may be needed to at least reign in the state actors and prevent the possibility of a cyber-cold-war going hot.
While this may not prevent your rouge actors from causing issues, it could keep the ones with major money backing their hacking teams from getting out of line, preventing such a critical attack that makes the world wake up in the way we woke up to Hiroshima and Nagasaki and the potential global destruction that use of such a weapon could invoke. It could even be used to prevent the rouge actors, as nations would have incentives to prevent them from being seen as an act by the state, and not from a terrorist group.
Unfortunately it may very well take a bomb being dropped in the metaphysical sense to wake world leaders up. Even after the recent proliferations of attacks in the last year, it seems there has been little incentive for nations to act on the perceived threats. The rewards still outweigh the risks in their minds, and it may take something with a significant death count or loss of economic wealth to make nations wake up.
As you can see while it may be frustrating or financially damaging as a recipient of an singularly focused attack on the person, the stakes grow significantly larger when you look at nation state cyber-warfare. Governments lose legitimacy, infrastructure is damaged or destroyed affecting thousands or millions, and the recipient nation can easily fall into turmoil. With no plans from any government to stop, we as the whole of human population stand at the edge of warfare that could be as catastrophic as any bomb dropped or gun fired. No longer does a nation even have to send a weapon streaking towards its enemy, one simply needs to have the better room full of hackers to throw a nation into chaos.
Citations:
22:49, 15 Jun 2017 at, and Iain Thomson tweet_btn(). “WikiLeaks Emits CIA’s Wi-Fi Pwnage Tool Docs.” Accessed June 18, 2017. https://www.theregister.co.uk/2017/06/15/wikileaks_dumps_cia_wifi_pwnage_tool_docs_online/.
Alexander, Keith B., Emily Goldman, and Michael Warner. “Defending America in Cyberspace.” The National Interest, no. 128 (2013): 18–24.
Brenner, Joel F. “Eyes Wide Shut: The Growing Threat of Cyber Attacks on Industrial Control Systems.” Bulletin of the Atomic Scientists 69, no. 5 (September 2013): 15–20. doi:10.1177/0096340213501372.
“Cyber Warfare…The New Reality.” Vital Speeches of the Day 78, no. 5 (May 2012): 145–49.
Filshtinskiy, Stas. “Cybercrime, Cyberweapons, Cyber Wars: Is There Too Much of It in the Air?” Communications of the ACM 56, no. 6 (June 1, 2013): 28. doi:10.1145/2461256.2461266.
Goodin, Dan. “Password Leak in WeMo Devices Makes Home Appliances Susceptible to Hijacks (Updated).” Ars Technica, February 18, 2014. https://arstechnica.com/security/2014/02/password-leak-in-wemo-devices-makes-home-appliances-susceptible-to-hijacks/.
Hewitt, Bill. “Democracy in the Digital Age.” Consumer Reports 81, no. 7 (July 2016): 10–12.
Kavanagh, Camino. “Cybersecurity, Sovereignty, and US Foreign Policy.” American Foreign Policy Interests 37, no. 2 (2015): 100–112.
Kendall, Bridget. “Russian Propaganda Machine ‘Worse than Soviet Union.’” BBC News, June 6, 2014, sec. Magazine. http://www.bbc.com/news/magazine-27713847.
Lindsay, Jon R. “Stuxnet and the Limits of Cyber Warfare.” Security Studies 22, no. 3 (July 2013): 365–404. doi:10.1080/09636412.2013.816122.
Policy, Talking Foreign. “Talking Foreign Policy: AD Iscussion on Cyber Warfare.” Accessed May 28, 2017. http://search.ebscohost.com/login.aspx?direct=true&profile=ehost&scope=site&authtype=crawler&jrnl=00087254&AN=108307863&h=PGhuhN13R6rUexeDd31vSCDmPxTnuuzQ7De8igO0aZmMdq3Jq31yjL3wotJJtOYDf9CDOLZSNCSB0kZgDLxs1A%3D%3D&crl=c.
Poulsen, Kevin. “U.S. Power Companies Warned ‘Nightmare’ Cyber Weapon Already Causing Blackouts,” January 30, 2017. http://www.thedailybeast.com/newly-discovered-nightmare-cyber-weapon-is-already-causing-blackouts.
Rodden, John. “Warfare, from Cold to Cyber.” Society 52, no. 5 (October 2015): 405–9. doi:10.1007/s12115-015-9922-2.
“Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known.” Bloomberg.com, June 13, 2017. https://www.bloomberg.com/politics/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections.
Sanger, Eric Lipton, David E., and Scott Shane. “The Perfect Weapon: How Russian Cyberpower Invaded the U.S.” The New York Times, December 13, 2016. https://www.nytimes.com/2016/12/13/us/politics/russia-hack-election-dnc.html.
Security, Author: Kim Zetter Kim Zetter. “Everything We Know About Ukraine’s Power Plant Hack.” WIRED. Accessed May 7, 2017. https://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/.
Vaseashta, Ashok, Philip Susmann, and Eric Braman. Cyber Security and Resiliency Policy Framework. IOS press, 2014. http://books.google.com/books?hl=en&lr=&id=xW7YBAAAQBAJ&oi=fnd&pg=PR5&dq=%22another+nation%E2%80%99s%22+%22it+%E2%80%9Cplans,%22+%22in+all+domains,+ensure%22+%22growth+and%22+%22Even+more+than+UAVs,%22+%22European+Cyber%22+%22a+combination+of+all+our%22+%22customers+go+when%22+%22build+capability+to%22+&ots=OqRj7-S4-3&sig=EvJQCKPO9UOJDQm2sVJiU2pU94A.
“WannaCry Ransomware Attack ‘Linked to North Korea’ | Technology | The Guardian.” Accessed June 18, 2017. https://www.theguardian.com/technology/2017/jun/16/wannacry-ransomware-attack-linked-north-korea-lazarus-group.
James Topoleski
Research Report Into Cyber Terrorism
There can be little doubt in today’s world that the growth of cyber-terrorism has become a significant threat to nations. Far beyond targeting individuals for financial gain where that damage is somewhat contained, the ability to take down whole infrastructure, or even whole governments has become an significant tool for state sponsored hacker groups. With the support of governments they can advance an agenda that promotes their nations through the damage and confusion sewn on that governments rivals. Worse still though is that thanks to the ease of access and the availability of the tools, rouge factions no longer need support from one's governments and could act as terminal for hire, working for terror cells, criminal organizations, and even just for fun to sew just as much destruction on their own.
This report will discuss how such attacks have gone from a minor annoyance to a critical threat for nations, and in doing so show that as methods and techniques have improved the advancement of politically motivated cyber-warfare has become an important and dangerous tool in nations arsenals both in sowing discord among a nations population, and critically damaging that nations infrastructure.
It was never this way mind you, only 20 years ago cyberspace attacks were almost looked on as a novelty. Back then very little was interconnected and while a disgruntled sewer system operator might have had fun poking his employer in the eye by making the sewer system run haywire, it was still seen as an oddity. (Brenner, 2013) In fact much in the way of cyber warfare was thought of as little more than fun Hollywood movies like War Games, Sneakers, and Hackers, movies where black hat “patriots” fought against the man in an attempt to expose government secrets that infringed on our freedoms, an irony in that many of those movies have inspired the perpetrators of some of the largest leaks of US intelligence and tools in recent years.
This doesn’t mean that we as a nation we naïve to the notion of cyber warfare. There is still classified missions where the US engaged in limited cyber warfare on Saddam Hussein in the first Gulf War of 1991, as well there had been serious talk as far back as 1994 of “using the Internet to empty the bank accounts of key Serbian leaders,” (“Cyber Warfare…The New Reality.,” 2012) during the Serbian war in the Balkans. The only thing that stopped such an action was fear, that “ In taking this step, we’d open Pandora’s Box.”(“Cyber Warfare…The New Reality.,” 2012)
Today though we are in a situation where whole security systems could be disabled, such as the WeMo firmware hack in 2014 (Goodin, 2014) or whole power infrastructure can be taken over, such as the 2015 Ukrainian power grid hack, a scenario only 8 years prior that was seen as scaremongering “when the US government demonstrated in 2007 how hackers could take down a power plant by physically destroying a generator with just 21 lines of code.” (Security, n.d.) Nations have gone about gathering holes in major OSs or applications, and hiding them away for their use against one another. Secret projects like the “Cherry Blossom project, which is the framework by which CIA operatives can subvert wireless routers; install software that harvests email addresses, chat usernames, MAC addresses and VoIP numbers; and allow man-in-the-middle attacks and browser redirection” (at 22:49 & tweet_btn(), n.d.) are routinely being used to further efforts of nations against not only other nations, but their own people, leaving citizens helpless to what their nations cyber warfare plans are and vulnerable.
“We now rely on social structures that barely existed 150 years ago. The order and functioning of modern societies, economies and militaries depend upon tight coordination of logistics and operations.” (Alexander, Goldman, & Warner, 2013) It is because of this dependence though that makes state sponsored cyber-terrorism such a critical issue. One has little further to look than the CIA and MOSADS Stuxnet virus, “the first attack of a major nature in which a cyberattack was used to effect physical destruction.” (Lindsay, 2013) in this case the centrifuges of Iran’s nuclear program, to see how interconnected the internet has become with modern life.
With Stuxnet, the Governments of the United States and Israel opened up a new frontier, not much different than the one the US and Soviet Union previously worked together to prevent becoming weaponized. While this was seen as a win against a nation looking to develop a nuclear capability, that firmware ended up spreading far beyond the systems that it was intended to damage. Yet while the cold war powers came to an agreement that space was off limits for the use of weapons to attack each other, today the US, Russia, Iran, China and many other nations have decided cyberspace is fair game, despite being as damaging if not more so than a space based weapons platform could have been.
We may already be too late in this fact as recent investigations have shown dangerous new vulnerabilities meant to disrupt a nation's fragile electrical infrastructure being developed. “The computer code, dubbed “CrashOverride” by Maryland-based Dragos, and “Industroyer” by ESET in Slovakia, is a genuine cyber weapon that can map out a power station’s control network and, with minimal human guidance, issue malicious commands directly to critical equipment. “ (Poulsen, 2017) Such a weapon could seriously cripple a nation's power infrastructure at a time that may be critical for the attacker. The US government and others are not taking it lightly either. The “Department of Energy assessed that the U.S. now faces “imminent danger” of a cyberattack that would trigger a prolonged cascading outage that would “undermine U.S. lifeline networks, critical defense infrastructure, and much of the economy; it could also endanger the health and safety of millions of citizens.” (Poulsen, 2017) We may be on the verge of an attack even more serious than Stuxnet, and the general population not even being aware of its existence, only realizing something is amiss when every single light and outlet in a large swath of the US blinks out in a matter of minutes. Such a tool could be the attack itself, or the precursor of something much more serious such as a terror attack or even all out warfare, using the confusion sewn in those opening moments as a time to strike.
There are many ways that a nation could prevent such a catastrophe. Stuxnet happened in part because of a failure to follow proper security procedures, the code being loaded into the systems by way of a USB Stick. Just by taking simple controls like preventing such a stick from being readable, or by limiting the contact infrastructure has with the web at large one could prevent a lot of vulnerabilities from worming their way into their systems.
In the case of the recent WannaCry attack, simple malware blocks and phishing/malware intercept software that pre-loads emails and tests attachments in a controlled virtual machine could have easily limited the scope of the attack. Even education into the risks involved in opening an attachment you don’t know about, and had no indication you would be getting would go a long way. More importantly limiting the access that vital systems have to common systems that handle web traffic would localize an attack to day to day client machines and not vital infrastructure. Thus it is common that much like singular attacks on individuals, cyber warfare specialists use common exploit patterns and tools to get their attacks through.
When it comes to cyber warfare, nations tend to be the largest players in the field. Large countries like the US, China, Russia are the expected actors, but even smaller nations such as North Korea, Iran, Ukraine, and others all have hands in the game. In a way cyberwarfare has leveled the playing field. Whereas in the past a nation needed to send an not too insignificant portion of the GDP on military strength, cyber warfare makes it so that literally any nation with even low tech computers has the ability to cause serious damage to a much larger nation. A perfect example of this comes from the fallout of the recent WannaCry cyberattack, which crippled England health system. After careful investigation, “Britain’s National Cyber Security Centre (NCSC) has reportedly attributed the WannaCry malware … to the North Korean-affiliated hacking team Lazarus Group.”(“WannaCry ransomware attack ‘linked to North Korea’ | Technology | The Guardian,” n.d.) Gaining access to leaked US NSA tools, North Korean hackers were able to inflict serious damage despite being in a country with limit electrical service and a very restricted internet.
This need for limited resources has actually brought about a new player to the field, that of non-state actors. Groups like Anonymous, and others have no declared national allegiance. They work as rouges and players for higher, either causing damage due to a nation or political parties perceived offenses towards them, or just for the ability to do, using their abilities less like white and grey hats and more like black hats, sewing seeds of destruction because they can. This poses an even more serious threat than that from a national group, as their work may be mistaken for a state actor causing two nations to have diplomatic failings.
The US has long been seen as taking the lead when it comes to cyber warfare. Indeed some of the most significant attacks against nations has been at the hands of US intelligence teams who have been tasked with using their tools to either provide intelligence for operations, or cripple infrastructure. “Much of the world's cyberinfrastructure, capacity and computer-security expertise resided in America,” (Alexander, Goldman, & Warner, 2013) and due to this the US has had some early advantages in the use of cyber warfare.
If anything is at fault to the US’s issues today of staying ahead of the game, it is that there was no urgency or foresight into how critical those advantages would be. “By the time the United States started losing intellectual property on a massive scale in the middle of the last decade, the opportunity to capitalize on commanding advantages had been lost.” (Alexander, Goldman, & Warner, 2013) Couple this with recent intelligence leaks such as the Snowden leak, or the release of many of the known tools the NSA use to get into IT infrastructure and the US more often than not is playing catchup in containing and combating attacks than staying ahead of them most notably by the next major player in the field, Russia.
Recent news has shown though that the social attack is just as damaging as going after infrastructure in delegitimizing current governments and sewing discourse into a political system. As early as 2008, Russia instigated a massive attack on the former Warsaw Pact nation of Georgia, resulting in “the online capabilities of Georgia” being “severely degraded by a massive denial-of-service attack.” As well as “Georgian official and private web-sites were also defaced.” (Filshtinskiy, 2013) This could easily be seen as a trial run to the slew of European elections as well as the last US presidential election where once again Russia has been found to be interfering or outright swaying the election towards candidates that benefit it as a state.
In fact Russia has become one of the largest threats towards other nations in the realm of cyber warfare, going so far as performing a major “cyberattack on the U.S. electoral system” that has been found to be “far more widespread than has been publicly revealed, including incursions into voter databases and software systems in almost twice as many states as previously reported.”(“Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known,” 2017) These attacks are in many ways extensions of the old Soviet Era playbook towards intelligence operations, and far more dangerous. Where once you had limited Russian infiltration through the use of compromised moles with only access to particular segments of government operations, today you see vast inflation and disinformation being sewn far and wide into the entire nations being.
A lot of this recent resurgence has the fall of the Soviet Union to blame. The end of the USSR has been a rough situation for many Russians to deal with. Economic strife has severally crippled their military, and corruption runs rampant in their government now made up of ex-soviet officials, and organized criminals who through shrewd business dealings have bought their way to top government positions. Couple this with economic sanctions levied at the few major trade items Russia was actually making money off of and it spells a recipe for a military looking towards cheaper ways to combat nations.
In fact much of Russia’s propaganda machine it uses today to sway European and US elections towards candidates that have a more pro-Russia stance can be traced to tools used internally by the KGB and other groups for propaganda toward their own citizens. “Aggressive and deceptive propaganda... worse than anything I witnessed in the Soviet Union”(Kendall, 2014) has been the take from many who have seen Russia’s media and web brigades strike out against anything and anyone perceived as anti-Russian. Very quickly Russia has learned to use the internet as a tool to spread false narratives and outright lies so believable, even staunch anti-communist cold war warriors are being convinced that Russia is speaking more truth than their own government.
China on the other hand, has had an interesting position on their current cyber warfare efforts, in that they often play out very similar to how their own military operates. Much of China’s efforts deal with the restricting of normal e-commerce trade and the general operation of the internet through blocking access via the Great Firewall of China. While they have had limited incursions through the use of hacking to gain access to nuclear or warfare secrets, their efforts have been minor with good reason as by having such a large population that extends beyond their borders, their intel and surveillance gathering efforts have more revolved around HUMINT or human intelligence and less SIGINT or signal intelligence.
“If we want to talk about the actual, now playing out, big national security issues,.. the real world one to worry about is the massive campaign of intellectual property theft that’s emanating from primarily China.” (Policy, n.d.) Often it is not state secrets that make their way into China through cyber means, but corporate secrets making them a more significant threat towards the economic forces that drive nations, than the military forces that protect them. This causes a serious question to be raised on who is responsible at that point in protecting a nations companies, the companies themselves who spend significant resources and money on protecting their organizations, or should the military, who has never before intervened in such a direct way interview here in protecting against a threat with known country backing, even if that threat is not directed at the US government or military.
The one question all must ask is where do we go from here. While we as a world very quickly found out the serious nature of the use of nuclear weapons and the deadliness of all out warfare to stick to a cold war between nations, forever shying away from an all-out conflict with the knowledge of what such a third World War could bring, cyber warfare is shadowy and seen as very limited. Even with WannaCry few were directly affected by the attack, despite the large number of hospitals having their IT infrastructure locked out, not one death has been attributed to it. While this may be through sheer luck, the specter of a Cyber Pearl Harbor or Cyber 9/11 has been raised, one which may make nations act.
“In the past, we have persistently established institutions to deal with all the uncertainties prevalent in the international system, yet with these changes in scale, proximity, and precision driven by developments in the sphere of information technology, we have helped undermine the international system’s presumptions about conflict.”(Kavanagh, 2015) It may be just this need for establishing an institution, a treaty with clear structure on what is or is not allowed, sort of a START treaty for cyber-warfare that may be needed to at least reign in the state actors and prevent the possibility of a cyber-cold-war going hot.
While this may not prevent your rouge actors from causing issues, it could keep the ones with major money backing their hacking teams from getting out of line, preventing such a critical attack that makes the world wake up in the way we woke up to Hiroshima and Nagasaki and the potential global destruction that use of such a weapon could invoke. It could even be used to prevent the rouge actors, as nations would have incentives to prevent them from being seen as an act by the state, and not from a terrorist group.
Unfortunately it may very well take a bomb being dropped in the metaphysical sense to wake world leaders up. Even after the recent proliferations of attacks in the last year, it seems there has been little incentive for nations to act on the perceived threats. The rewards still outweigh the risks in their minds, and it may take something with a significant death count or loss of economic wealth to make nations wake up.
As you can see while it may be frustrating or financially damaging as a recipient of an singularly focused attack on the person, the stakes grow significantly larger when you look at nation state cyber-warfare. Governments lose legitimacy, infrastructure is damaged or destroyed affecting thousands or millions, and the recipient nation can easily fall into turmoil. With no plans from any government to stop, we as the whole of human population stand at the edge of warfare that could be as catastrophic as any bomb dropped or gun fired. No longer does a nation even have to send a weapon streaking towards its enemy, one simply needs to have the better room full of hackers to throw a nation into chaos.
Citations:
22:49, 15 Jun 2017 at, and Iain Thomson tweet_btn(). “WikiLeaks Emits CIA’s Wi-Fi Pwnage Tool Docs.” Accessed June 18, 2017. https://www.theregister.co.uk/2017/06/15/wikileaks_dumps_cia_wifi_pwnage_tool_docs_online/.
Alexander, Keith B., Emily Goldman, and Michael Warner. “Defending America in Cyberspace.” The National Interest, no. 128 (2013): 18–24.
Brenner, Joel F. “Eyes Wide Shut: The Growing Threat of Cyber Attacks on Industrial Control Systems.” Bulletin of the Atomic Scientists 69, no. 5 (September 2013): 15–20. doi:10.1177/0096340213501372.
“Cyber Warfare…The New Reality.” Vital Speeches of the Day 78, no. 5 (May 2012): 145–49.
Filshtinskiy, Stas. “Cybercrime, Cyberweapons, Cyber Wars: Is There Too Much of It in the Air?” Communications of the ACM 56, no. 6 (June 1, 2013): 28. doi:10.1145/2461256.2461266.
Goodin, Dan. “Password Leak in WeMo Devices Makes Home Appliances Susceptible to Hijacks (Updated).” Ars Technica, February 18, 2014. https://arstechnica.com/security/2014/02/password-leak-in-wemo-devices-makes-home-appliances-susceptible-to-hijacks/.
Hewitt, Bill. “Democracy in the Digital Age.” Consumer Reports 81, no. 7 (July 2016): 10–12.
Kavanagh, Camino. “Cybersecurity, Sovereignty, and US Foreign Policy.” American Foreign Policy Interests 37, no. 2 (2015): 100–112.
Kendall, Bridget. “Russian Propaganda Machine ‘Worse than Soviet Union.’” BBC News, June 6, 2014, sec. Magazine. http://www.bbc.com/news/magazine-27713847.
Lindsay, Jon R. “Stuxnet and the Limits of Cyber Warfare.” Security Studies 22, no. 3 (July 2013): 365–404. doi:10.1080/09636412.2013.816122.
Policy, Talking Foreign. “Talking Foreign Policy: AD Iscussion on Cyber Warfare.” Accessed May 28, 2017. http://search.ebscohost.com/login.aspx?direct=true&profile=ehost&scope=site&authtype=crawler&jrnl=00087254&AN=108307863&h=PGhuhN13R6rUexeDd31vSCDmPxTnuuzQ7De8igO0aZmMdq3Jq31yjL3wotJJtOYDf9CDOLZSNCSB0kZgDLxs1A%3D%3D&crl=c.
Poulsen, Kevin. “U.S. Power Companies Warned ‘Nightmare’ Cyber Weapon Already Causing Blackouts,” January 30, 2017. http://www.thedailybeast.com/newly-discovered-nightmare-cyber-weapon-is-already-causing-blackouts.
Rodden, John. “Warfare, from Cold to Cyber.” Society 52, no. 5 (October 2015): 405–9. doi:10.1007/s12115-015-9922-2.
“Russian Cyber Hacks on U.S. Electoral System Far Wider Than Previously Known.” Bloomberg.com, June 13, 2017. https://www.bloomberg.com/politics/articles/2017-06-13/russian-breach-of-39-states-threatens-future-u-s-elections.
Sanger, Eric Lipton, David E., and Scott Shane. “The Perfect Weapon: How Russian Cyberpower Invaded the U.S.” The New York Times, December 13, 2016. https://www.nytimes.com/2016/12/13/us/politics/russia-hack-election-dnc.html.
Security, Author: Kim Zetter Kim Zetter. “Everything We Know About Ukraine’s Power Plant Hack.” WIRED. Accessed May 7, 2017. https://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/.
Vaseashta, Ashok, Philip Susmann, and Eric Braman. Cyber Security and Resiliency Policy Framework. IOS press, 2014. http://books.google.com/books?hl=en&lr=&id=xW7YBAAAQBAJ&oi=fnd&pg=PR5&dq=%22another+nation%E2%80%99s%22+%22it+%E2%80%9Cplans,%22+%22in+all+domains,+ensure%22+%22growth+and%22+%22Even+more+than+UAVs,%22+%22European+Cyber%22+%22a+combination+of+all+our%22+%22customers+go+when%22+%22build+capability+to%22+&ots=OqRj7-S4-3&sig=EvJQCKPO9UOJDQm2sVJiU2pU94A.
“WannaCry Ransomware Attack ‘Linked to North Korea’ | Technology | The Guardian.” Accessed June 18, 2017. https://www.theguardian.com/technology/2017/jun/16/wannacry-ransomware-attack-linked-north-korea-lazarus-group.