For many people, the IT world is a strange and difficult place to comprehend. Indeed its a landscape filled with people who have all sorts of obscure technical know-how, dark aspirations and a magical ability to go largely unnoticed by society.
The news media at large would have you believe that they live on something called ‘The Dark Web’ – a place where even Google does not dare venture. IT security companies may try to make you believe that the odd inhabitants of this netherworld are not only interested in your company’s data, but are looking for ways to try and break the very foundations on which our world lives. Even governments convince its citizens that other nations are actively working to conspire against them, and that cyber threats are only rivalled by other extreme violent crimes.
Even today, the BBC published an article entitled ‘GCHQ warns politicians about Russian hacking threat’. There seems to be a consensus that hackers and people within the cyber espionage community have extraordinary powers that threaten the very fabric of society.
The trouble is, for the most part, all this rhetoric is either flat-out not true or at the very least impossible to know for sure. I say this not as an opinion, but rather as an obvious fact. Even Boris Johnson, long-time bumbler and inciter to all sorts of outlandish views, had to concede on Sunday that there is ‘no evidence that the Russians are actually involved in trying to undermine our democratic processes at the moment.’
And yet, these stories appear. At a fundamental level we have to question why this is, but at a more base level it should be consciously said that there is no way that we could really know who is responsible. It may be more easy for a hacker to frame a particular individual, for instance, than to make themselves totally anonymous. The first problem is that clear accountability is a rare luxury in this particular world. Of course this does not necessarily make the problem easier to understand, or the situation less scary, but it does somewhat make the doom and gloom on the news have a little less impact when you realise it is largely speculation.
Like it or not, hackers, crackers, coders and trolls live among us, found in every sector of society from the rich to the poor. Anonymity, or the ability to hide identity, is the main reason that we do not know who these people are, even though we recognise that, statistically speaking, we must know them. Thinking logically then – either you retain your anonymity, and are not stopped from these practices, or you lose your anonymity, and are either arrested, or targeted by the intelligence community and stopped from committing further crimes.
So, the only people who are able to hack effectively are those people who are not known to the intelligence community and therefore cannot be identified. While it may be possible to narrow down a cyber attack to a particular region, in some cases, or identify the tools used as connected with a particular group, there is no way to assign any kind of responsibility without a degree of guesswork. Their tracks are too well covered.
Considering Cyber Espionage and how it actually works
Last year we did a full examination of the type of cyber attacks which are used across the world. These fall into four separate categories: Cyber Espionage, Cyber Warfare, Hacktivism and Cyber Crime. (To read more about the full spectrum of attacks click here.) For this article, we are only discussing cyber espionage relating to governments, because there is lots of confusion around this topic. Corporate espionage is similar but both the methods and motivations tend to differ.
“One of the most difficult problems regarding cyber warfare is defining cyber espionage. Many nations and international bodies have created their own definitions but it has been difficult to narrow it down to a single consensus. Factors like the extent and nature of the damage caused by the attack, the identity of the attacks, and how the stolen information is used all influence how cyber espionage is perceived.
One set of guidelines for nation-state cyber warfare, the Tallinn Manual, attempts to provide definitions, procedures, and rules governing international cyber operations. This manual, published in 2013 as a result of a conference hosted by the NATO Cooperative Cyber Defense Center of Excellence in Tallinn, Estonia, defines cyber espionage as “an act undertaken clandestinely or under false pretenses that uses cyber capabilities to gather (or attempt to gather) information with the intention of communicating it to the opposing party” [Schmitt].
“Although most people would characterize cyber espionage as specifically targeting secret information for malicious purposes, this definition does not address the intent of the attack or the nature of the information stolen. This may seem unnecessarily vague but for the purpose of international law this definition is appropriate.”- Nation State Cyber Espionage and its Impacts, D Rubenstein, Professor Raj Jain
It’s the necessity for such a loose and woolly definition which seems to be causing all of the problems. It shares so many of its characteristics with whistleblowing – a morally virtuous and acceptable way of pointing out illegalities and malpractice within industries and governments.
What are the motivations of Cyber Espionage?
From CNN January 3, 2017: “According to statements from the White House and the Treasury Department, the government has sanctioned nine entities and individuals over their alleged interference in the election: the GRU and the FSB, which are two Russian intelligence services; four individual officers of the GRU; and three companies that provided material support to the GRU’s operations.
The US also separately sanctioned two Russian individuals, Evgeniy Mikhailovich Bogachev and Alexey Belan, for using cyber-enabled means to allegedly cause misappropriation of funds and personal identifying information.”
Cyber Espionage, as opposed to cyber warfare, is all about information. In other words it is about exposing information which can be damaging to governments. Or, in plain terms, it is about exposing government lies or horrific acts.
Sometimes governments must make impossible choices, and other times politicians, being human, succumb to pressure, make errors in judgement and even make bad choices. Being accountable to an electorate, these three areas mean that those politicians are a liability to the running of government.
Take 2016 as an example. Supposedly the Russian government (or hackers linked with Russia) were influencing the American elections. Firstly, there were numerous American hacker groups, such as Anonymous, who were constantly leaking information about both Clinton and Donald Trump to the press – who, incidentally, were the ones actually publicising all of the information.
Second, all of the allegations were true, and were part of ongoing investigations throughout the campaign, backed up by sources from Wiki Leaks. If the allegations were false that would have been easy to prove. What the political system rallied against was vulnerability and the idea that the flow of information out into the public domain had been compromised.
Third, Donald Trump is a hacker.
The term ‘hack’ in more recent terms means to subvert an obstacle by using a new method or non-standard technique to solve the problem. The news media has always been an obstacle to politics, and so in subverting the dominance of the news media by using other more open outlets such as Twitter, he solves the problem of controlling how information is delivered by making it open to anyone. This is the essence of cyber espionage.
Just because the septuagenarian doesn’t know how to use a computer (and often can’t correct his spelling of 140 characters) does not mean that his motivations aren’t the same. Essentially the argument against government hacking is the argument against freedom of information, especially in regards to elections.
The Landscape of Cyber Espionage (and why you don’t need to worry)
In any nation, there is fear of the unknown. This is clearly evidenced by the cold war and the distrust of the Russian regime. This is a narrative which has continued for the past seventy years, and an angle which is most adaptable to the current narrative surrounding the Russian political system.
In real terms, for instance, the evidence shows that the Chinese have significantly more power when considering cyber espionage capabilities. ‘Golden Shield Project’ was first conceived in 1998. It encompasses a wide array of technological developments including facial recognition and defensive capabilities which are simply not possible anywhere else in the world because of the Chinese governments unique stranglehold over ISP’s (Internet Service providers).
In China the internet infrastructure is effectively run by the government, and any device attached to the network is not only monitored but has the potential to be weaponised to attack any individual or website which compromises national security. That said, these powers in in the hands of a police force, and not criminals. They are not allowed to exercise their power at will, but are regulated in their approach.
It seems then that the largest risk of cyber espionage is not from country to country, but rather a government spying on its own people – and that’s nothing to be worried about, we have known that is the case for years…. As we have been told a thousand times, if you have nothing to hide then you have nothing to fear…. Unless of course you are a politician with some skeletons in your closet. Then… good luck, the world is probably quite a scary place.
Thinking about IT Security? Talk to us now!
Call KJL today, we would love to help. We guide companies through the steps to make their IT environments fully protected from corporate hacking and compliant with ICO and other government regulatory bodies.
Check our our IT security options
We are always willing to have a chat about IT systems, so why not give us a non-formal call on 01268627111 and we can always send you some more information. Alternatively, just click here to contact us.