Mark 2013 down as the year that the global cyberweapons arms race started.
Already, there have been five cyberattacks of unprecedented size and scope in just the first six months of the year. Of even greater concern, many of these cyberattacks appear to have emanated from state-sponsored actors coordinating cyberespionage campaigns lasting years, not days or weeks. These cyberweapons – which involve everything from malicious bits of code hidden within PDF documents to viruses that infect the software used to operate the infrastructure of nuclear power plants – represent a growing threat to the national security of the world’s leading powers.
In his roundup of the Five Most Dangerous Cyberweapons of 2013, Igor Rozin suggests that the newest cyberweapons are already more sophisticated and lethal than those from just six months ago. If the earliest versions of cyberweapons were pieces of malicious code that infected your computer and caused it to crash, the newest cyberweapons enable users to take over your computer and use it to steal sensitive trade, research, or diplomatic secrets. In one operation known as “MiniDuke,” a group of hackers targeted a range of government and non-government institutions across Europe by using malicious PDF documents that exploited Adobe Reader. In another operation known as “Red October,”hackers conducted a global cyberespionage campaign against politicians and diplomats that involved servers, proxy servers and hosting services housed across multiple countries.
What’s all the more disconcerting about a potential cyberweapons arms race is that the line between state and non-state actors is no longer clear. As Mandiant discovered earlier this year, it’s possible to have shadowy state actors loosely affiliated with a country’s military, as in the case of China’s APT1. What do you do with these Chinese hackers who appear to be systematically tapping into our nation’s research organizations, corporations and governmental organizations and then siphoning away trade secrets and sensitive diplomatic communications? Send a few armed drone strikes into the heart of Shanghai to take out the hackers camped out in a single building?
If the previous rounds of cyberattacks were organized by cybercriminals and shadowy cyber-terrorist cabals, then future round of cyberattacks will be organized by the wealthiest nation-states. That means that the single, one-off attacks of disgruntled hackers will be replaced by sustained, multi-year campaigns made possible by billion-dollar budgets and the involvement of a nation’s top leaders. The phishing scams of Syrian hackers (which have gone so far as to infiltrate the emails of the White House) and the ongoing cyberespionage schemes of the Chinese Army (which are thought to have tapped into every important organization in New York and Washington) are just the start.
Now that cybersecurity has been ratcheted up in national strategic importance, the generals are getting involved. If before, these generals counted the number of tanks, stealth bombers and nuclear warheads they had at their disposal, they now have a brand new way to measure their relative power: the number of computers capable of delivering lethal payloads.
Already, you can see the impact of a global cyberweapons arms race at the highest diplomatic levels. Russia, growing ever more concerned about the new geopolitical balance of power made possible by the development of the Internet as a delivery mechanism for cyberattacks, just elevated cybersecurity to a major strategic concern. Russia is now partnering with the United States on a bilateral cybersecurity commission, even going so far as to install a Cold War-style telephone “hotline” between the two nations to avert a cyberwar. (This appears to be the suggestion of a Cold War general eager to get back into the game.)
The Latest on: Global Cyberwar
- Cyberwar: Nation-state cyber attacks threaten every company (TechRepublic)on November 23, 2019 at 8:49 am
ZDNet's Danny Palmer explains the current realities of global cyberwar and why nation-state cyber-campaigns have become "a problem for everybody." ...
- When cyberwar struck its first civilian targeton November 12, 2019 at 2:18 am
Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers Andy Greenberg, Doubleday (2019) In 2017, a piece of malicious software called NotPetya launched the first global ...
- Sandworm and the GRU's global intifadaon November 6, 2019 at 8:10 am
This episode is a wide-ranging interview with Andy Greenberg, author of Sandworm: A New Era of Cyberwar and the Hunt for the ... but yours too is based on fragile illusions." It's a kind of global ...
- The WIRED Guide to Cyberwaron August 23, 2019 at 12:00 am
Cyberwar is not simply stealing information, neither the global great game of nations spying on each other’s governments nor the more controversial sort of private-sector economic espionage that the ...
- Venafi Survey: 87 Percent of Security Professionals Say World is at Cyberwaron March 19, 2019 at 5:12 am
“With the increasing sophistication and frequency of cyberattacks targeting businesses, everyone is involved in cyberwar.” Additional findings ... Venafi provides global visibility of machine ...
- What does cyberwar look like? We're about to find out, but from an unlikely sourceon February 20, 2019 at 7:50 am
But what began as targeted attack against a regional rival soon morphed into a global campaign that wreaked havoc on dozens ... later it may have an impact on the legal standards related to cyberwar.
- Russia’s plan to unplug from the internet shows cyberwar is escalatingon February 15, 2019 at 4:12 am
Russia is contemplating briefly detaching itself from the global internet at some point in the next few months, according to media reports this week. Despite appearances, the experiment isn’t a sign ...
- Russia plans to disconnect the entire country from the internet to simulate an all-out cyberwaron February 12, 2019 at 4:28 am
Russia plans to temporarily disconnect the entire country from the global internet to simulate an all-out cyberwar. Under this test, Russian internet service providers would have to redirect web ...
- We Should Certify Journalists Amid Cyberwar With Russiaon December 20, 2018 at 1:28 am
But American politics are clouding our vision to the true threat: Russia’s disinformation attacks weaken us from within, distract us from global issues, disrupt Western alliances and bolster Kremlin ...
- How a chilling Saudi cyberwar ensnared Jamal Khashoggion December 7, 2018 at 2:49 pm
When Jamal Khashoggi entered the Saudi Consulate in Istanbul on Oct. 2, he didn’t know he was walking into a killing zone. He had become the prime target in a 21st-century information war — one that ...
via Google News and Bing News