Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

11:55 AM
Connect Directly

Strategic Cyber Warfare Heats Up

It's "anything goes," according to renowned hacker the Grugq, who drew a bright line between cyberwar and cyber warfare at this week's virtual Disclosure Conference.

When tens of millions of Korean pop music sensation BTS superfans descended on the Internet in June in support of Black Lives Matter, some described them as a virtual army. But for renowned hacker the Grugq, the impact of that army was very real. By taking online action to support racial justice at the behest of BTS, their fans were engaging in the kind of cybercraft that analysts often attribute to nation-states, he said.

"People with this level of devotion, who spend $50 on a lightbulb that's the same color as their neighbor's lightbulb and can be controlled by the management of the band, these people are operating in cyberspace. I think that's awesome. But that also means that cyber power belongs to a K-pop band," Grugq said in his opening keynote on the subject of cybercraft and cyber warfare at the virtual Disclosure Conference on Wednesday. 

Related Content:

Stop Saying 'Digital Pearl Harbor'

Collateral Damage: When Cyberwarfare Targets Civilian Data

Special Report: Computing's New Normal, a Dark Reading Perspective

Grugq drew a bright line between cyberwar, which uses Internet-connected computing devices in the service of a traditional war with real-world impact on infrastructure and lives, and cyber warfare, which, as part of cybercraft, has allowed nation-states to engage each other antagonistically without directly killing people. 

"'Cyber' used to mean that it only gave you strategic surprise," which is why cybercraft is so often compared to the Japanese attack on Pearl Harbor, he said. "But now cyber warfare is [the ruleless game] Calvinball. Anything goes."

This rapidly changing environment is a core part of Grugq's definition of cybercraft as "applied cyberpower" – the ability to use the Internet to create advantages and influence events in the real world across the realms of diplomacy, information, military, and the economy. Essentially, the interconnectedness of the components that gird almost every aspect of society also makes it significantly easier and cheaper to exploit them. 

It's not just Grugq expressing concern over the state of cyber power. The rapid evolution of environments that promote the exchange of information, whether or not factual, makes it easier to manipulate those environments — and to affect the thinking of large groups of people, according to RAND in an October 2019 report.

Three key findings of the RAND study support Grugq's analysis. First, national security increasingly relies on institutions that can help mediate the deluge of information available online by better educating people against social manipulation. Second, Big Tech and the private-sector influence billions of people and can wield their cyber power in ways that previously only nation-states have been able to. 

And third, networks will become the domain of conflicts, as state actors develop networks to "avoid attribution and strengthen their virtual societal warfare capabilities against retaliation," the study says.

"It will be much more difficult to understand, maintain an accurate portrait of, and hit back against a shadowy global network," the report's authors wrote.

Another way to put it is to think of how the application of cyber power has led to exploiting "cognitive vulnerabilities," says Herb Lin, computer security policy expert and research fellow at Stanford University's Center for International Security and Cooperation.

"The idea is not to hack the vulnerabilities in the computer but to hack the vulnerabilities inside the brain" by exploiting our biases and expectations, Lin said. Look no further than the fake Russian hack of the Michigan voter registration database from earlier this week, which turned out to not be a hack at all because the information it contained was already publicly available. 

"This is a new environment, and it's one that we don't understand very well," he says.

That lack of ability to get consumers to "slow down and think," as Lin and others have put it, serves two purposes, said Grugq. It exploits the kinds of societal divisions that have been worsening in the United States and elsewhere, and it decreases the morale of the people being exploited — whether or not they know it.

"Battles stop when the people fighting them choose to stop," he said. "That's a much lower bar to reach than destroying the capability to fight or the will of the nation to fight."


Seth is editor-in-chief and founder of The Parallax, an online cybersecurity and privacy news magazine. He has worked in online journalism since 1999, including eight years at CNET News, where he led coverage of security, privacy, and Google. Based in San Francisco, he also ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
9/6/2020 | 1:32:41 PM
Great reporting
Great reporting. I can't usually make it to these kinds of conferences, so I rely on second hand accounts, and you've done a great job. I'm featuring this article in the upcoming OSIRIS Brief as especially noteworthy and useful to decision makers and military strategists. Not only are TheGrugq's insights helpful, as a current practicioner, but your additional research adds context and iinformation I am sure people working in this field will appreciate.
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...