Is bombing hackers going to sort out the cyber-crime or cyber-terrorism? Unfortunately, it is not likely. We suggest a collective international response instead.
A 32-year-old Chinese woman gained access to Mar-a-Lago during Donald Trump’s visit to the Florida resort over the weekend, reported the New York Times. The event from March this year would not be particular news if the person did not carry four cell phones and a thumb drive infected with malware. The security agents in charge concluded that the infected removable drive contained a piece of malware with the aim of spying on US President Trump.
This relatively easy to detect attempt was rather unusual as this alleged cyber-attack was easily attributable. The majority of these attacks happen remotely since it is pretty tricky to determine whether or not other states actors are behind such attacks.
Based on the various sources, Panda Security recently pointed out that the states are facing an increasing amount of cyber-attacks. The state-owned enterprises, defence companies, the aerospace sector, universities, activists and journalists are all preferred targets of cyber-attacks.
Panda Security explained that the vectors of cyber-attacks are varied but the most common intrusions on systems and computers are done by using malware delivered via emails or by physical devices such as pen drives or portable memory units. Blocking systems via botnets-based DDoS attacks and the remote espionage of electronic devices, by capturing signals from mobile networks or Wi-Fi signals, are also common. Cyber attackers are increasingly using more complex techniques such as electromagnetic emanations from the hardware.
Cyberwarfare is nowadays recognised as a new battlefield, similar to air, land, sea and space. It seems that cyber-capable states are progressively more spying and hacking each other – and the rest of the world. The cyberwarfare has reached such an extent that even Pentagon worries that its newest high-tech weapons, such as the F-35, are vulnerable to hacking.
We have recently pointed out that the United States already have highly resourced Cyber Command, the Russian Federation has established Kiber Voyska (Cyber Army), Israel has an intelligent Cyber Unit 8200, People’s Liberation Army has a cyber unit deploying up to 100,000 individuals, the UK has the National Cybersecurity Centre, and many other countries have established specifically dedicated cyber protection and offence units or agencies. Even Facebook has its own War Room for the control of the Internet.
State-backed hacking and physical warfare have been on a slow but steady path toward convergence for about two decades – reports the Wired.com portal. The portal further stated that both information security and warfare researchers say that it was only a matter of time before a nation launched a kinetic attack against enemy hackers. The US, for example, has reserved the right to retaliate against cyber-attacks with the military force since 2011.
So far it was cyber-attack against another cyber-assault but we at VM Advisory have agreed with the above warnings and have repeatedly cautioned that the cyber-attacks might provoke much more disasters reaction – a kinetic response.
And it has indeed happened at the begging of this month!
As reported by the Hacker Combat Community, the Israeli Defence Force (IDF) response against cyber attackers was decisive and literally with the ‘bang’. Israel bombed hackers from Gaza! The IDF flattened a building allegedly used by hackers from Hamas.
The IDF twitted: “We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.”
The bombing is the first known example of a kinetic attack being used as a response to cyber aggression. The Wired.com portal calls it another evolution of so-called “hybrid warfare”.
So where are we going?
The cyber-attackers have devised many methods of hiding the origins of the attacks but the kinetic response is much easier to recognise and attribute. With no intention to comment on this particular Israeli response, we are concerned that an increasing physical response to cyber-attacks can be disastrous. If the kinetic rejoinders escalate regionally or globally, it can cause unprecedented tragedies – including the possibility of a nuclear Armageddon.
Creating a safer world by the internationally organised and coordinated actions on at least three issues: counter-terrorism, cybersecurity and disaster management – is becoming imperative!
Joining the call of many concerned organisations and individuals, we have recently suggested the creation of an international effective mechanism and close cooperation for fighting against the threats of cybercrime and terrorism. This includes cooperation in the areas such as sharing of information and best practices relating to cybersecurity and effective coordination against cybercrime and cyber terrorism. The development of international norms, principles and standards should be an urgent job of international organisations such as the UN, International Telecommunication Union, European Union, BRICS – as well as various military alliances.
The signing of these high-level agreements would allow the countries to launch a direct dialogue regarding the main cooperation aspects of maintaining international cyber and general security. In other words, this will allow countries to conduct practical cooperation on a range of issues such as the establishment of nodal points in member-states for cooperation by using, for example, the national Computer Security Incident Response Teams. These should be joint systems for responding to cybersecurity threats, investigating cases of the use of ICT for terrorist and other criminal purposes – and preventing the kinetic response to cyber-attacks.
This would be a far better way to build a more secure world than to witness an increment in the cyber-kinetic war games.