Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/18/2018
10:30 AM
Nir Gaist
Nir Gaist
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

From Bullets to Clicks: The Evolution of the Cyber Arms Race

Cyber strategies have become as important as physical weapons in the battle for political advantage. Here's a quick look at four broad categories.

Political actors — including both superpowers and emerging economies — for decades have used cyberattacks, hacks, leaks, and malware to gain a political edge over their enemies and to keep their allies in line. One of the earliest and most notable events involved René Camille, comptroller general of the Vichy French Army and an agent for the French Resistance, who hacked the punched card system used by the Nazis to locate Jews in the early 1940s.

Over time, the scope, scale and sophistication of politically motivated attacks have increased alongside their malicious intentions. In 2004, North Korea trained an army of 500 hackers who sabotaged South Korea's computer networks. Flash forward to the present and the US is accusing Russia of targeting its energy infrastructure.

Cyber strategies have become just as important as physical arms in the battle for world supremacy. Here is a quick look at four broad categories these new cyber forces execute through clicks rather than triggers.

Nation-State Warfare
Political actors are adding cyber weapons to their arsenal since they have a number of distinct advantages over traditional bombs and missiles. They are less expensive (the cost of just one Tomahawk cruise missile hovers around $1.8 million), and attackers can activate them at a moment's notice. Moreover, retaliation is not as likely because attribution is so difficult and loss of life is likely to be far less than in direct combat.

One recent example is the sabotage of missiles and missile programs rather than relying solely on unreliable and expensive antimissile interceptors. This tactic has strategic appeal because the adversary may suspect a technical flaw rather than sabotage. For instance, the US built the so called "left-of-launch" capability aimed at disabling North Korea's nuclear missile systems on the ground prior to launch. In the case of Iran, the US built and deployed project Nitro Zeus as a cyber alternative to full-scale war.

Political-Influence Campaigns
Using cyber means to distribute misinformation and propaganda and instill controversy, confusion, doubt, and anger among targeted populations has grown in popularity. Russia's influence on the US elections (from the Democratic National Convention hack to social media troll farms and millions of ads) is well documented. Overall, Russia is suspected of political meddling in 27 countries since 2004.

Although not as infamous as Russia, other countries have also leveraged cyber tactics for political gains. The United Arab Emirates (UAE) and Qatar stand accused of hacking emails, releasing "dirt" and weaponizing fake news to influence American policy on both Iran and the stance on a UAE-led blockade of its country. Even less industrialized nations, such as Vietnam, are going cyber for political advantage. Vietnam is suspected of hacking and releasing sensitive Philippine documents, including a transcript of a phone call between President Trump and President Duterte, in an apparent attempt to derail the Philippines from strengthening ties with the US and China.  

Spying Campaigns
Many countries with less-than-stellar human rights records have deployed cyber weapons as surveillance tools against their own citizens. These can be homemade or tools purchased from cyber-arms dealers. Examples include: China's focus on dissidents and political activists in Hong Kong, Mexico's hacking and tracking of journalists, Pakistan's surveillance of human rights defenders, and Iran's cyber harassment of protesters.

Nation-State Digital Espionage
In addition to leveraging expensive spies, countries have been using digital espionage for over half a century. With most sensitive data now available in digital format on network-accessible servers, this type of espionage has proven to be extremely powerful and allows for fast access to troves of information. China's hack of the Office of Personnel Management as well as its alleged theft of F-35 blueprints are examples of this type of cyberattack. The US government also engages in spying campaigns, as revealed by Edward Snowden.

What's next? Just like their physical counterparts, cyber arms will continue to become more advanced and pervasive. They are also becoming more "democratized" and accessible to developing countries that we do not normally associate strong military capabilities with. Eventually, cyber weapons will turn out to be more influential than the military in determining world supremacy.

Learn from the industry's most knowledgeable CISOs and IT security experts in a setting that is conducive to interaction and conversation. Register before July 27 and save $700! Click for more info

Nir Gaist is a senior information security expert, ethical hacker, and a gifted individual. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir holds significant cybersecurity experience after serving as a security ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
nirgx
50%
50%
nirgx,
User Rank: Author
7/23/2018 | 9:49:21 PM
Would love to connect !
Would love to connect with the audience during my upcoming live webinar on Wednesday, August 15 @ 11am PST. Here is the registration link - https://www.brighttalk.com/webcast/16267/330296. Topic is "Should More Protection Really Equal More False Positives?"
Florida Town Pays $600K to Ransomware Operators
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/20/2019
Pledges to Not Pay Ransomware Hit Reality
Robert Lemos, Contributing Writer,  6/21/2019
AWS CISO Talks Risk Reduction, Development, Recruitment
Kelly Sheridan, Staff Editor, Dark Reading,  6/25/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-1619
PUBLISHED: 2019-06-27
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability is due to improper session ...
CVE-2019-1620
PUBLISHED: 2019-06-27
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device. The vulnerability is due to incorrect permission settings in affected DCNM software. An attacker could ex...
CVE-2019-1621
PUBLISHED: 2019-06-27
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to gain access to sensitive files on an affected device. The vulnerability is due to incorrect permissions settings on affected DCNM software. An attacker...
CVE-2019-1622
PUBLISHED: 2019-06-27
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to retrieve sensitive information from an affected device. The vulnerability is due to improper access controls for certain URLs on affected DCNM software...
CVE-2019-10133
PUBLISHED: 2019-06-26
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The form to upload cohorts contained a redirect field, which was not restricted to internal URLs.