War and peace in the cyber world: new challenges, old politics
External Relations 6 June 2016In these times the growing threats in cyber attacks are frequently discussed in the news and – at a higher level – by governments and international organisations.
Last summer it has been declared by many US Congressmen that the next Pearl Harbor could be led through cyber channels, impacting western power, security, financial, and government systems.
It is already well known that the internet will became a crucial communications tool for more than two billion people in less than twenty years. The Internet secured its place as an engine for economic growth, and one of the most important vehicles for social and political change.
Anyway, it should be kept in mind that, at the same time, the internet has given birth to opportunities for piracy, fraud, sabotage, theft, and new channels of economic and governmental espionage. The diffusion of such a dimension of internet exerts a huge phenomenon of network disruption – everything we mentioned here is an issue that involves cyber security in one form or another.
Also the international politics of the Internet governance are in contention. Countries are more and more competing in the international arena to determine which agency or body will be responsible for setting new concrete and solid standards for Internet technologies. As we can imagine, the outcome of this type of competition will definitely have a profound impact on the Internet structure, its architecture, and also over issues on operations, security, and content. The standards that will be defined at International and European level should be ratified and implemented domestically in legislation, by national parliaments.
New actors have arisen as potential and effective threats in cyber space: rogue nation states, organised cyber criminal networks, anonymous hackers, terrorist groups, and also technologically advanced military forces and intelligence agencies.
Which is the strongest and how do they rank in risk and sophistication?
Which is the strongest and how do they rank in risk and sophistication? How can our highly limited resources be prioritised in order to address this huge number of threats? Global cyber security experts are debating whether it does exist an efficient way to intervene and counterattack those threats.
One aspect that global experts are considering particularly relevant is that who seek to do damage to cyber systems are, in general, far better equipped than those who own, operate and protect those systems. Furthermore, the cyber adversary has no competitive, business, legal or intellectual property constraints in combining information and easily implementing actions.
Moreover, from an economic point of view, papers and working groups have been developed by experts on how cyber criminals can actually enjoy an incredibly well-grounded profit model. The profit model we refer to is characterised by a low barrier to entry, huge reward, and little chance of attribution.
All these aspects contribute the business of cyber crime, with financial gain encouraging with incredible margins these actors to espionage and destruction.
In that direction, it is considerably recommended to look at cyber security, not just as an aspect of the new international relations and conflicts, but also as a top technology as well as an economic issue of risk mitigation and investment. In fact, even if civilisation is dependent like never before on pervasive technologies, national security, economic growth and stability and even public safety are instantly jeopardised around the world. Interestingly, society’s increasing exposure to these types of threats is not from the technology itself but – we could say – rather from the limitations of the policies that support its use amongst individuals, enterprises, government and non-government organisations, bringing international cyber security diplomacy to the forefront of the international security of our world.
China, an actor of international cyber security and cyber security threats
China is an actor widely considered in any discussion of international cyber security and cyber security threats to the US and, generally speaking, the entire western world. In 2014, a report on the operation Ke3chang, produced by FireEye, studied such campaign of informatic espionage targeting those Foreign Affairs Ministers in EU, providing false information on the Syrian crisis.
FireEye, the organisation who gave the name to the operation, explained that this action seems to be implemented by a group operating in China since 2010, who started the campaign in 2013, few days before the G20 Summit held in Russia – where the main topic was the Syrian crisis.
In the words of the Unit 42 – the Threat intelligence section of Palo Alto Networks, it seems that those Chinese cyber attackers kept on develop their own cyber weapons, producing a new group of malwares so-called TidePool, which is able to read, write and delete files within the system that has been attacked.
Researchers at Palo Alto believe that, with this malware, the group has put in place a campaign targeting Indian embassies everywhere in the world. In particular, attacks consist of an email with an infected attachment ( “phishing”), in the form of an annual report. Mails, in order to gain credibility, are sent from real mail address of real people who have significant relations with Indian embassies.
Since 2013, when the first report appeared, Chinese authorities denied any involvement in the story. Anyway, researchers have remarked the presence of the code 0x04 (LANG_CHINESE), indicating that those analysed systems execute software in Chinese – as a default language. Even if it could be seen as a smoking gun, anyway it is irrelevant when it comes to put the blame of attacks to a State or a government.
Here comes to light that, still nowadays, one of the biggest issues of modern geopolitical balance of power – whose are quickly moving into the cyber space – that one concerning the attribution of the responsibility of actions put in place in the cyber space.
Quite often, complexity of cyber space pulls it off the sphere of geopolitical analysis, describing it as a pure chaotic turmoil impossible to study – in complete opposition to the concept of “order”, typical of the physical world, responding to an existent system of standards and laws.