Nation States
"Cyberwar" is a term that divides the security community because no-one can agree what it actually means. But, however it's defined, we believe cyberweapons present an existential threat to the world. The lack of any convention to govern their use, their extraordinary power and the congenital inabilty of nation states to secure them create the conditions for a perfect storm that attracts far too little recognition. This week brings some excellent examples.
On the subject of failing to secure your weapons, China is reported to have cloned a powerful US tool years before it was leaked online. Check Point says that, in 2013, the US National Security Agency designed exploits to provide administrator-level access to vulnerable Windows systems. Within two years, Chinese government hackers were using the same tool. In 2017, the exploits leaked online and Microsoft fixed the issue. As Check Point puts it, "If we told you that a foreign group managed to steal an American nuclear submarine? That would definitely be a bad thing, and would quickly reach every headline. However, for cyberweapons – although their impact could be just as devastating – it`s usually a different story". This week, China was also accused of using a malicious Firefox extension to spy on Tibetan groups.
Ukraine has accused Russia of planting documents on a government web portal to try to instal malicious software on end users' computers. "The documents contained a macro that secretly downloaded a program to remotely control a computer when opening the files. The methods and means of carrying out this cyberattack allow it to connect with one of the hacker spy groups from the Russian Federation," the National Security and Defense Council of Ukraine said. On Monday, Ukraine blamed Russia for a wide-ranging denial of service attack against government websites and strategically important enterprises. Moscow hasn't commented on the allegations, but there is ample evidence of a long running online campaign against Ukraine, which surely would qualify as cyberwarfare.
And finally, Amnesty International says a hacking group linked to the Vietnam government has been using spyware to target human rights activists both inside and outside the country. "Over the past 15 years, repression linked to online activity has intensified, leading to a wave of harassment, intimidation, physical assault, and prosecution," Amnesty reports. The spyware could compromise both Windows and Mac devices.
For an in-depth look at this whole mess, Nicole Perlroth has a tour-de-force.