By Paul Witry
Introduction
Mr. Spock may not have been an avid Facebook user, but the Internet sure has taken on the properties of Deep Space, filled with the unknown. The past two decades have seen unprecedented growth in online usage and dependency within nations around the globe. Not only has the internet become a core technology in the daily lives of individuals around the world, but entire nations rely on the web to facilitate communication, international trade, and even democracy. However, with increased use of such an interconnected resource come new security concerns for the information and safety of nations and their citizens.
Cybercrime is a prevalent threat in the private sector in terms of information theft and corporate espionage. However, the events of recent years have shown a growing level of technological armaments being fortified by sovereign states around the world. Russia in particular has flexed its muscles with attacks on the power grids of the Ukraine and the United States in 2016. The sophistication of these attacks has increased greatly in the last decade, with larger targets in the eyes of both independent hacking groups and national governments.
The Players
Often individuals have a conceptualization of what a typical “hacker” would look like – a single person hunched over a keyboard, empty energy drink cans on the desk and only the light of a monitor illuminating the room. While this may be how it plays out in the movies, today’s most elite cybercriminals and government hackers are far from that. Often a team of technology specialists are at the core of international criminal organization’s cyber arm. They work to further the group’s reach throughout a region of cyberspace known as the Deep Web, as well as infiltrate companies, or even governments. These cyber criminals are often the players driving government adaptation to new threats with their discoveries of gaps or creation of new tools and tactics. For this reason, governments are often willing to employ these tech-savvy mercenaries to further their own agendas in multiple arenas.
One such organization which garnered the attention of the international cybersecurity community goes by the name “Fancy Bear”. This “advanced persistent threat” (APT) group has been shown to have close ties to the GRU in Russia since their conception in 2008 [1]. They have been considered responsible for the attacks on the United States Democratic National Committee and Presidential Elections in 2016. The group is also believed to be behind attacks against a host of other nations, including Brazil, Canada, China, Georgia, Iran, Japan, Malaysia and South Korea. According to CrowdStrike, one of the industry’s leading security firms, these attacks against nations often focus on key military and government infrastructure and assets [2].
While some organizations do maintain ties to governments, other groups take on more of a vigilante mindset. The collective Anonymous is perhaps one of the best known in the community. Their desire to incite chaos and political change stretches across the private and public sector, impacting large Fortune 500 companies and national governments alike. This goes to illustrate the broad swath of organizations and individuals who have the ability and knowledge to participate in what is becoming an open field of attacks. The larger threat that presents itself in cybercrime, cyber warfare, and cyber terrorism is the ability of an individual. Armed with enough knowledge and a keyboard, these individuals can infiltrate governments from behind lines of code, learning secrets remotely that would have taken months of preparation for traditional spies to obtain. This is what makes the arena of cyberspace so concerning, and ultimately so dangerous.
International Threat
According the United Nations Global Cybersecurity Index (GCI) of 2017, a mere 38% of all 193 member nations had an established and published cybersecurity strategy, with another 12% of governments working to create a strategy [3]. This leaves half of the nations of the world without a cohesive defense strategy or understanding of the imminent threat which cyber-attacks pose to their nation. The GCI has called for more growth within the international community concerning the security threats posed by digital attacks. Ultimately it is the responsibility of individual nations to prepare themselves for the possibility of these attacks as they enter further and further into the digital age [4]. However, the international community as a whole will benefit from all nations fortifying their security measures and maintaining a standard of protection. Due to the nature of cybersecurity and the threats it looks to protect against, it is imperative that nations remain vigilant and engaged with their level of investment in digital defense in the years to come.
This new technological threat does not come without some caveats. In February 2018, Secretary General of the United Nations Antonio Guteres made a call for regulation of the cyberwarfare. He raised the questions of the Geneva Convention’s validity when discussing cyberattacks, as well as the role of international humanitarian law in these types of conflicts. While Guterres recognizes the benefits associated with technological development in states and for governments, it also creates a new breed of warfare for which the world may not entirely be prepared. Due to the constant growth of this threat, the next major international conflict very well may be fought not on soil but over cyberspace [5].
The increase of technological accessibility for states around the globe has triggered a new arms race, a cyber “Space Race”. The increased readiness of states is a sure sign that the next large scale international conflict will be fought not with launch codes but lines of code. The nature of actions between nations has been irreversibly altered with the large-scale implementation of the world wide web. Capital, state secrets, and communications that pass through this new medium are becoming increasingly vulnerable as states jump on this new technological wave. What many governments are not prepared for, however, are the constantly developing threats that grow in the dark recesses of this information super highway. While we are a long way off from setting our phasers to stun, the power of executing a few lines of code could turn the tide in international conflicts.
Paul Witry is a senior at Loyola University Chicago where he is studying Political Science, International Relations, and Anthropology.
Works Cited
[1] Malone, Clare. “The Moscow Midterms” fivethirtyeight.com. April 9, 2018. https://fivethirtyeight.com/features/how-russia-could-steal-the-midterms/
[2] Alperovitch, Dmitri. “Bears in the Midst: Intrusion into the Democratic National Committee.” CrowdStrike.com. November 6, 2018. https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
[3] “Half of all countries aware but lacking national plan on cybersecurity, UN agency reports.” news.un.org. November 4, 2018. https://news.un.org/en/story/2017/07/560922-half-all-countries-aware-lacking-national-plan-cybersecurity-un-agency-reports
[4] “Global Cybersecurity Index 2017”. Itu.int. November 4, 2018. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2017-PDF-E.pdf
[5] Guterres, Antonio. “Address at the Opening Ceremony of the Munich Security Conference.” Un.org. November 5, 2018. https://www.un.org/sg/en/content/sg/speeches/2018-02-16/address-opening-ceremony-munich-security-conference
Image Source: https://news.un.org/en/story/2017/07/560922-half-all-countries-aware-lacking-national-plan-cybersecurity-un-agency-reports
