Manjari Chatterjee Miller and Engin Kirda
A couple of weeks ago, the government set up an expert committee under the National Cyber Security Coordinator to look into revelations that a Chinese technology company with links to China’s government had been monitoring Indian citizens and organisations. India is not the only country concerned about such cyberattacks. The United States (US) department of defence (DoD) last week exposed an information-stealing malware, SlothfulMedia, which they said was being used to launch cyberattacks against targets in India, Kazakhstan, Kyrgyzstan, Malaysia, Russia and Ukraine.
While the DoD did not identify the cyber actor responsible for this particular malware, certain countries — China, Russia, North Korea, Iran — have consistently been accused of cyber warfare. The most notorious example is, of course, that of the misinformation campaign conducted by Russian bots during the 2016 US presidential elections, a campaign that is said to be active again in the upcoming US elections. This brings us to the question of what cyberwarfare is, who conducts it, how it is waged, and the ramifications of what seems to be an opaque shadow war conducted behind screens.
Cyberwarfare is a strategic competition conducted between adversaries in cyberspace. It allows countries to conduct covert operations on a large scale, cheaply, and anonymously. These latter three attributes are particularly important to understand.
Cyberwarfare is broad because it can occur in at least five different spaces — economic, societal, cultural/intellectual, military, and political. Economically, in the US, 85% of cyberattack targets are in the private sector — small banks, for example, can face over 10,000 attacks per day. US government agencies recently released a joint advisory warning that BeagleBoyz, a North Korean hacking group, has once again started robbing banks worldwide, including in India, through remote internet access to fund Kim Jong-Un’s cash-strapped regime. Societally, sowing disinformation through social media disinformation is also cyberwarfare. Russia has been particularly savvy in this field but recently, China has stepped up its game. Intellectual property (IP) rights are another avenue of strategic competition — in 2014, the US justice department indicted five Chinese military hackers and accused them of stealing secrets from US Steel, JP Morgan, Alcoa, Westinghouse Electrical Co., SolarWorld and United Steelworkers. Military cyberattacks are perhaps the most associated with cyberwarfare — the “Sandworm Team”, a group associated with Russian intelligence, has conducted attacks on government sectors in the US, Ukraine, Poland, and on the European Union and NATO.
Cyberwarfare is both cheap and anonymous because the nature of the game has changed radically over the past two decades. The internet is today an essential critical infrastructure. Any country that is heavily reliant on it is at a relative disadvantage — the threats range from IP theft, to small businesses, to elections, to even the electricity grid. And it is exceedingly cheap – training videos are easily available online so all that is needed is a motivated group of people with an inexpensive laptop and an internet connection.
It is also difficult to trace. A well-documented and game-changing cyberattack occurred in 2010 when a malware “Stuxnet” was released that was designed to damage Iran’s nuclear capability by making Iranian scientists and government think there were a series of internal engineering mishaps at their enrichment facility. It was a clever and sophisticated attack. Stuxnet was reported to be a result of US-Israeli collaboration and showed that governments can use malware to achieve covert intelligence objectives.
But malware is not necessarily in need of government collaboration. Individuals are just as capable of launching such attacks, abetted and encouraged by their governments. Malware is often simple, low-cost and difficult to trace. A lot of malware, for example, is manufactured in China, and there is reported collaboration between the People’s Liberation Army (PLA) and Chinese universities to train hackers. But when a cyberattack is actually launched by either the government or individual, there is often no real consequence because of the anonymity it offers.
This brings us to the question of combatting cyberwarfare. On one hand, the attributes of cyberwarfare make it difficult for governments to deter it. On the other, governments no longer have a choice but to confront it. The US recently released a report from its Commission on Cybersecurity with recommendations to shore up defences. One of the most important recommendations is to build relationships of trust between the government and private sector. In addition, governments must maintain priority investments in technology, science, and research and development (R&D) in the cyber sector. Innovation is of paramount importance given the increasing complexity and sophistication of the attacks — the US has been investing heavily in new Artificial Intelligence (AI) technologies to be able to automatically identify cyber threats and also launch cyberattacks against adversaries. India activated a Defence Cyber Agency last year. But much more needs to be done. Cyberwarfare is here and given that it poses a fundamental threat to both institutions and individuals, there has to be a concerted government-driven long-term strategy to counter it.
No comments:
Post a Comment