by Azhar Unwala
These cyber developments will enable and correspond with developing cyber threats. Cyber power was ubiquitous in 2016; it included an $81 million electronic heist from a Bangladeshi bank, an unauthorized breach of the U.S. National Security Agency network, Russian cyber operations against U.S. Democratic Party members and institutions, and the exposure of 500 million private Yahoo! accounts. The prevalence and magnitude of 2016’s cyber operations suggest that cyber power will present more advanced and frequent risks to global security, politics, industry, and infrastructure in 2017.
Nation-states will lead
In warfare, cyber power will continue to provide asymmetric advantages against traditionally stronger adversaries. Advanced, interconnected military platforms and communications are all accordingly susceptible to being short-circuited. China and Russia have been preparing to disrupt U.S. military and intelligence satellites and unsettle American command-and-control to achieve information dominance in future conventional conflict with the United States.
Outside conflict, state-sponsored cyber espionage will intensify in 2017. Phishing, spear-phishing, and whaling operations — where broad swaths of individuals, specific groups of individuals, or a single high-profile individual are respectively targeted with malware — will be espionage’s primary enabler.
Wombat Security’s 2016 State of the Phish report indicates that 85 percent of private organizations worldwide suffered phishing operations, primarily through email attachments. Political institutions were also targeted, such as the U.S. government’s Office of Personnel Management, members at the 2016 G20 summit, and Hillary Clinton’s U.S. presidential campaign chair John Podesta. These end-users’ prominence and established vulnerability suggests that cyber espionage will be bolder in 2017.
States will aim to glean insight into adversary government’s decision-making as well as acquire knowledge of private companies’ trade secrets, intellectual property, or global business operations. Espionage’s benefits may further outweigh its costs as governments and multinational organizations increasingly move toward cloud computing and storage architectures. Since cloud data is easily shared and accessible across numerous devices, one proper breach could provide access to an entire enterprise.
Non-state actors will follow
Non-state actors armed with cyber power will reach new sophistication in 2017. Criminal organizations will be the primary threat; European police claim those organizations already conduct 80 percent of cyber-crime. Criminal networks’ complex transnational hierarchies, partnerships, and operations also make targeting them difficult. Cyber-criminals — whether tied to traditional criminal networks or not — have also begun to commodify their services worldwide. This suggests that they will be often commissioned by terrorist organizations, cyber-inept rogue governments, or nation-states seeking anonymity to disrupt foreign commerce and politics.
The tools available to cyber-criminals will also make their actions more lethal. Constant upgrades to exploit kits targeting basic services Adobe Flash Player and Microsoft Windows will provide a steady means for criminals to overcome security protocols. New releases of IP anonymizers like Tor and anonymous cryptocurrencies like Bitcoin and Zcash will also impede organizations and law enforcement’s ability to locate and prosecute cyber-criminals. Zcash in particular offers a new trajectory for cyber-crime in 2017: its greater anonymity than Bitcoin will enable criminals to compromise foreign devices with malware and exploit those devices to mine currency for themselves — all at the cost to the foreign devices’ users.
Industry will be a key target
More significantly, cyber power will target industry in 2017. It is likely that private companies will become greater targets for politically-motivated cyber operations related to complex geopolitical rivalries in which they do not participate. This trend is already apparent: in the past two years, the Chinese military hacked into Westinghouse Electric, North Korean hackers targeted Sony Pictures, and cyber operations linked to Russia triggered Ukrainian utility outages. In these cases, cyber power linked to states or patriot hackers aimed to acquire intelligence, demonstrate cyber capabilities, project strategic influence, or frighten populations—often with huge media impact. While many companies in unstable regions already analyze geopolitical risk for their operations, extending that analysis to the cyber realm is difficult and can leave those businesses uniquely vulnerable.
Along those lines, cutting-edge cyber-attacks against industry infrastructure are now probable. Nation-states above all have been attempting to compromise adversary infrastructure, and the necessary skills and technology to do so is becoming increasingly widespread. The past year exhibited attacks in this regard: breaches against health organizations like the Central Ohio Urology Group resulted in thousands of patient records being leaked, and a large-scale distributed denial of service (DDoS) attack against the domain service Dyn compromised and shut down parts of the U.S. Internet.
Information warfare will be routine
In 2017, information warfare will be employed against a wide array of public and private targets to generate uncertainty towards truth. The 2016 U.S. presidential election displayed how disinformation and fake news can sway public perceptions of political institutions and politicians. That model is likely to be replicated in a variety of contexts worldwide. In Indonesia, hardline Muslim groups have been utilizing fake news to propagate anti-Chinese sentiment accordingly.
Information warfare will also aim to project influence among specific targets. Publication of a high-profile individuals’ emails can upset political, diplomatic, or business strategies by fomenting distrust and controversy around those individuals. It can also incite fear and violence: ISIS has frequently gathered personal information online about U.S. military and law enforcement personnel and published that data to threaten those personnel virtually and physically.
Containing cyber power’s risks
Cyber power will undoubtedly pose greater risks to global politics, security, and commerce in 2017. As more devices, individuals, and institutions become interconnected, actions to ensure the costs of connection will be necessary.
Interstate dialogue and informal international arrangements around cyber threat intelligence, critical infrastructure protection, and security measures will likely become more prevalent. Bilateral and trilateral dialogues around cybersecurity have already occurred among countries like the United States, China, Japan, India, South Korea, and France. These discussions will likely shift to improving law enforcement intelligence-sharing against cyber-crime, as well as calls for greater international norm-building around the uses and limits of cyber power.
The political implications of cyber power targeting public and private sectors will provide greater collaboration between government and industry at the national level. Industry and government may improve threat intelligence-sharing as well as cooperate in setting more robust national standards and procedures for cybersecurity, data protection, and censorship.
No comments:
Post a Comment