Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/18/2018
10:30 AM
Nir Gaist
Nir Gaist
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

From Bullets to Clicks: The Evolution of the Cyber Arms Race

Cyber strategies have become as important as physical weapons in the battle for political advantage. Here's a quick look at four broad categories.

Political actors — including both superpowers and emerging economies — for decades have used cyberattacks, hacks, leaks, and malware to gain a political edge over their enemies and to keep their allies in line. One of the earliest and most notable events involved René Camille, comptroller general of the Vichy French Army and an agent for the French Resistance, who hacked the punched card system used by the Nazis to locate Jews in the early 1940s.

Over time, the scope, scale and sophistication of politically motivated attacks have increased alongside their malicious intentions. In 2004, North Korea trained an army of 500 hackers who sabotaged South Korea's computer networks. Flash forward to the present and the US is accusing Russia of targeting its energy infrastructure.

Cyber strategies have become just as important as physical arms in the battle for world supremacy. Here is a quick look at four broad categories these new cyber forces execute through clicks rather than triggers.

Nation-State Warfare
Political actors are adding cyber weapons to their arsenal since they have a number of distinct advantages over traditional bombs and missiles. They are less expensive (the cost of just one Tomahawk cruise missile hovers around $1.8 million), and attackers can activate them at a moment's notice. Moreover, retaliation is not as likely because attribution is so difficult and loss of life is likely to be far less than in direct combat.

One recent example is the sabotage of missiles and missile programs rather than relying solely on unreliable and expensive antimissile interceptors. This tactic has strategic appeal because the adversary may suspect a technical flaw rather than sabotage. For instance, the US built the so called "left-of-launch" capability aimed at disabling North Korea's nuclear missile systems on the ground prior to launch. In the case of Iran, the US built and deployed project Nitro Zeus as a cyber alternative to full-scale war.

Political-Influence Campaigns
Using cyber means to distribute misinformation and propaganda and instill controversy, confusion, doubt, and anger among targeted populations has grown in popularity. Russia's influence on the US elections (from the Democratic National Convention hack to social media troll farms and millions of ads) is well documented. Overall, Russia is suspected of political meddling in 27 countries since 2004.

Although not as infamous as Russia, other countries have also leveraged cyber tactics for political gains. The United Arab Emirates (UAE) and Qatar stand accused of hacking emails, releasing "dirt" and weaponizing fake news to influence American policy on both Iran and the stance on a UAE-led blockade of its country. Even less industrialized nations, such as Vietnam, are going cyber for political advantage. Vietnam is suspected of hacking and releasing sensitive Philippine documents, including a transcript of a phone call between President Trump and President Duterte, in an apparent attempt to derail the Philippines from strengthening ties with the US and China.  

Spying Campaigns
Many countries with less-than-stellar human rights records have deployed cyber weapons as surveillance tools against their own citizens. These can be homemade or tools purchased from cyber-arms dealers. Examples include: China's focus on dissidents and political activists in Hong Kong, Mexico's hacking and tracking of journalists, Pakistan's surveillance of human rights defenders, and Iran's cyber harassment of protesters.

Nation-State Digital Espionage
In addition to leveraging expensive spies, countries have been using digital espionage for over half a century. With most sensitive data now available in digital format on network-accessible servers, this type of espionage has proven to be extremely powerful and allows for fast access to troves of information. China's hack of the Office of Personnel Management as well as its alleged theft of F-35 blueprints are examples of this type of cyberattack. The US government also engages in spying campaigns, as revealed by Edward Snowden.

What's next? Just like their physical counterparts, cyber arms will continue to become more advanced and pervasive. They are also becoming more "democratized" and accessible to developing countries that we do not normally associate strong military capabilities with. Eventually, cyber weapons will turn out to be more influential than the military in determining world supremacy.

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Register before July 27 and save $700! Click for more info

Nir Gaist is a senior information security expert, ethical hacker, and a gifted individual. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir holds significant cybersecurity experience after serving as a security ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
nirgx
50%
50%
nirgx,
User Rank: Author
7/23/2018 | 9:49:21 PM
Would love to connect !
Would love to connect with the audience during my upcoming live webinar on Wednesday, August 15 @ 11am PST. Here is the registration link - https://www.brighttalk.com/webcast/16267/330296. Topic is "Should More Protection Really Equal More False Positives?"
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.