The UK, Canada and US took the unusual step of publically naming individuals involved in hacking
Cyber Espionage – the act of hacking (accessing computer networks to intentionally cause damage) by sovereign governments is an increasing threat to the West.
Last week, the UK government took the unusual step of publicly naming 7 Russian agents, accused of being involved in a series of Cyber espionage plots. The 7 stand accused of hacking the Organization for the Prohibition of Chemical Weapons (OPCW) which had been tasked with investigating the attack of the Russian agent, Sergi Skripal, on UK soil.
Canada alleged a similar hacking scheme perpetrated by the same individuals on The World Anti Doping Agency (WADA) and the US made similar claims.
Below: Google Survey showing The Risks From Hacking
Source: Google April 2018
Cyber-attacks can now affect the real world in material ways
The number of real world components now attached to the internet is growing exponentially. Everything from power grids to livestock on farms is now being connected. As a result, cyber-attacks no longer simply inconvenience users. They can cause death and destruction in the real world as well as changing minds of voters, en masse and influencing political policy. The most devastating effects produced by Cyber-attacks are often economic, involving the theft of Intellectual Property (IP) or stopping entire industries functioning – such as the ‘Wannacry’ attack in 2017 on UK National Health Service computers which stopped the functioning for more than 24 hours.
However, Cyber Attacks have been so carefully orchestrated, it’s possible when reading accounts of how they were detected and Western Intelligence agencies, to detect a real sense of surprise and confusion. It’s a case of ‘death by a thousand cuts’, where each, individual, low level attack might be considered a minimal aggression, low impact event. The sum of them is a much more concerning phenomenon. The involvement of multiple government ‘players’, each of which obscures the source and intent of their attacks, sometimes for long periods, has confused the issue more.
Hacking is now part of multifaceted international warfare. In Australia, China faces questions over using financial influence with politicians through a series of bribes. In developing nations of South East Asia, China has been accused of over extending loans to countries which can’t afford to repay them. In parallel, Russia is killing people with targeted poisons domestically.
Why do they do it? Reasons for fighting on the new cyber-front
The goal of state sponsored hacking activities vary according to the government conducting them. Often, it’s a case of simply wanting to undermine the perception of Western economies.
Cyber espionage has a number of benefits for the countries perpetrating the attacks.
It’s cheaper and less dramatic than launching a war: China currently has one aircraft carrier. Having invested billions of dollars and a decade in building it, they are about to undertake the construction of their second. Russia has aircraft carrier but it is in such a state of disrepair that it has to be followed by a tug which can rescue it, should the vessel run in to problems. While not ‘cheap,’ funding espionage teams fall at the relatively inexpensive end of government funded military projects and appears to garner better results in some situations.
It can be profitable: North Korea funds it’s lavish parties for senior officials, at least in part with the proceeds of hacking. Pyeongyang used to have a reputation for destructive, brutal attacks, designed more to destroy the reputation of rivals. Now, North Korean hackers are more famous for their motif – of ‘robbing banks’.They focus on the hacking of cryptocurrency assets which are harder to trace, but which are also readily exchangeable for real money – something the dictatorship needs given it’s starving population, national resource limitations and penchant for using crystal meth.
It accentuates what other countries are good at: China has an advantage in electronics equipment manufacture, offering products and services to hundreds of global technology businesses. Russia has experience in security and antivirus software, acting as one of the world’s first providers of that sort of product in their Kaspersky systems antivirus software.
The thing that each of the primary hacking threat nations share (Russia, North Korea and China) is that each is a more authoritarian government, which requires less permission from it’s populous to conduct these behind the scenes manoeuvres.
Trump is taking the fight to the hackers
The Trump administration is seen as more prepared to take risks and be on the offensive with cyber-attacks than any government which proceeded him. He has laid out his thinking in the NSPM13 – National Security Presidential Memorandum which, importantly, allows the US military to act below the threshold of ‘the use of force’ without agreement from Congress.
The White-House is so concerned about threats from hacking that they recently authorized ‘offensive cyber operations’.
That’s probably an appropriate step. Recent news reports suggested that Apple and Amazon had been hacked by China, at a time when the When the President tweets every day from his iPhone (it is rumoured he has two iPhones, one of which is used specifically for Twitter. Furthermore, the CIA have engaged with Jeff Bezos to build a highly secure cloud for the agency. Now is the time to consolidate a technology approach around the new hacking threat.
The US has responded in parallel with Trade wars and tariff hikes, especially with China. In response, China continues to exert ‘soft influence’ through the commissioning of films in Hollywood which show the country in a good light.
It’s a battle for hearts and minds
Russia has called the response from the West ‘Western Spy Mania.’ China and North Korea flatly deny involvement when questioned about the attacks. These are just some of the ways in which public perception of ‘The Truth’ is being challenged these days.
Perhaps the most insightful comment on the subject was from John Demers, the US Assistant Attorney General for National Security who says these incidents are “altering perceptions of the truth”.
The reality is that as the number of items connected to the internet balloons in the years to come, the complexity of the technology systems upon which we build our lives is increasing exponentially – and with that increase comes an equivalent exposure to any ‘open door’ security oversight being used by hackers for the purposes of espionage. The 9.1% of people who believe hacking presents ‘little or no risk’ may choose to learn more about the subject.