Sam Sabin
The war between Israel and Hamas is reminding governments just how difficult it is to control politically motivated hacking groups.
Why it matters: Politically motivated hackers (also known as hacktivists) often target state-backed organizations and groups in an effort to complicate war efforts.
- But military cyberattacks and nefarious citizen-run attacks each come with their own geopolitical consequences.
The big picture: The war in Ukraine restarted a conversation about what role, if any, political hackers should have during wartime — and that conversation is now spilling into the fight between Israel and Hamas.
- The Ukrainian government has sanctioned civilian hackers to join its efforts as part of the so-called IT Army — giving politically motivated hackers legitimacy they didn't have before.
- Russia has also turned a blind eye to its own crop of political hackers, who are launching attacks against pro-Ukrainian groups.
Driving the news: Since Hamas' surprise attack on Israel, political hacking groups have launched a series of cyberattacks targeting critical services.
- Politically motivated hackers have reportedly already targeted colleges, billboards and newspapers in the first weeks of the war.
State of play: Political hacking takes a variety of forms, Michael Daniel, president and CEO of the Cyber Threat Alliance, told Axios.
- Some groups are closely connected with their home governments and strike only targets that the government has either directed or strongly suggested the groups hit, said Daniel, who is also a former Obama White House cyber official.
- Others have looser ties to the governments they claim to support and act as rogue agents, he added.
Yes, but: Some countries with fewer digital resources are eager to tap into their citizens' hacking prowess when engaging in active military conflict.
- When Ukraine found itself at war with Russia, one of the world's cyber superpowers, the Ukrainian government used every resource at its disposal, including civilian hackers.
- "You can argue until you're blue in the face about the bad precedent that it sets," Daniel said. "I'm just not sure that's very persuasive to people who are in the middle of a hot shooting war."
Between the lines: Encouraging civilian hackers to participate in active military conflicts could embolden them and lead to unintended consequences.
- Turning to civilian hackers can protect governments from liability for the disruptive or detrimental cyberattacks these standalone groups launch.
Zoom in: This month, the International Committee of the Red Cross issued its first-ever guidelines for how civilian hackers can engage in war — and how countries should consider reining in political hackers.
- The guidelines suggested that hackers not target critical services or spread terror among civilians and that governments shouldn't encourage civilians to violate international laws.
- But some hacking groups haven't taken too kindly to these suggestions, saying that "war has no rules" and telling the media that they plan to ignore the Red Cross guidelines.
What they're saying: "We don't really quite know what to do about this kind of activity yet," Daniel said.
- "Guerrilla warfare has been a part of conflict for hundreds, thousands of years — is this the online version of guerrilla warfare?" he added.
The bottom line: To rein in the reliance on civilian hackers, larger governments like the U.S. should set a precedent of either responsibly bringing in civilian hackers or not using them at all, Daniel said.
- "The only way to really do this is to set an example and try to lead by example," he said. "It's just going to become part of the conflict landscape."
No comments:
Post a Comment