Russia to orchestrate cyber attack?

United States and the UK have warned of a potential global cyber attacks that might be orchestrated by the Russian government.  In the recent years a number of large scale cyber attacks have affected critical infrastructures around the world.

Background

A cyber threat is a type of offensive maneuver that results in an unforeseen disruption of a computer network or system. This disruption could end up damaging these networks.  A cyberattack could be orchestrated by malicious players including nation-states, individuals, groups or organizations - and targets computer information systems.

In the recent years a number of cyber attacks on individual organizations like Sony Pictures has been traced back to malicious players in nations like North Korea. In 2016, Russia was accused of running a disinformation campaign against US Presidential candidate, Hillary Clinton. The emails of the Democratic National Party were also hacked and released by Wikileaks. The personal mails of French President Emmanuel Marcon (before the election) were also hacked and released.

The WannaCry attack was one of the most potent cyberattacks that took place in May 2017, paralyzing hundreds of thousands of systems across the world. The WannaCry ransomware cryptoworm, targeted computers that were running on Microsoft Windows operating system. It encrypted data in the systems and demanded ransom payments in Bitcoins.

In 2017, the Securities and Exchange Commission in America quietly admitted that EDGAR, its corporate filing system was hacked in 2016. Millions of personal information in Uber was breached in 2017.

The Russian threat

In the recent years, Western democracies have accused Russia of conducting covert operations to influence the functioning of these nations. The consensus among the intelligence agencies in the US is that Russia conducted an ‘influence’ campaign to harm Hillary Clinton’s presidential bid. Russia is said to have hacked the servers of the Democratic National Committee (DNC) and the personal email account of John Podesta, the chairman of Clinton’s campaign. The data obtained from these hacks were allegedly forwarded to Wikileaks. Russia also allegedly played a role in flooding social media platforms like Facebook and Twitter with fake news stories depicting Hillary Clinton negatively. The UK government has accused Russia of hacking elections and it has been implicated in the alleged hacks that took place during the French presidential elections.

Analysis

Tensions between Russia and western democracies are at an unprecedented high. UK, France and US among other nations have accused Russia of poisoning a British spy who previously had Kremlin ties. In addition, the nations have also openly clashed regarding the Syrian conflict. In April 2018, UK, France and the US conducted coordinated missile strikes in Syria in response to an alleged chemical attack orchestrated by the government. Russia, a staunch ally of the Assad government, has warned that any sustained attacks could potentially result in war.

“Vladimir Putin, in particular, stressed that if such actions committed in violation of the U.N. Charter continue, then it will inevitably lead to chaos in international relations,” the Kremlin statement said. U.S. Ambassador to the United Nations Nikki Haley told the CBS TV program “Face the Nation” that the United States would announce new economic sanctions Monday aimed at companies “that were dealing with equipment” related to Syrian President Bashar Assad’s alleged chemical weapons use.

Now, the US and UK, in a joint statement, said the cyber-attack was aimed not just at the UK and US but globally. “Specifically, these cyber-exploits were directed at network infrastructure devices worldwide such as routers, switches, firewalls, network intrusion detection system,” it said. “Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations. The current state of US and UK network devices, coupled with a Russian government campaign to exploit these devices, threatens our respective safety, security, and economic wellbeing.”

In 2017, the Synergia Foundation along with the Government of Karnataka hosted a round table on ‘Cyber threat- ‘Who cares & Who should I call?’? During the discussion, experts in the field discussed the need to understand the intent of an attack. A country can now use cyber warfare techniques to paralyze banks, oil companies, airports, construction companies. For a more detailed perspective on the event, click here.

Counterpoint

Russia has repeatedly stated that it wasn’t behind the influence campaign conducted during the US Presidential elections. It has also denied any knowledge of the French elections. In addition, the Russian company, Kaspersky has maintained that it does not use its technologies to spy for the Kremlin.

Russia has also accused the western democracies of trying to create division in the world. It has alleged that it was UK that was behind the Syrian chemical attack.

Assessment

Our assessment is that cyber threats in the 21st century are extremely broad based and can paralyze entire governments. Cyber attacks have the ability to neutralize banks, oil companies, airports, construction companies, etc as well as top secret government secrets that have been digitized. It is very critical that we focus on the signalling and try to understand what it really means.

As it is difficult to attribute cyber attacks or link them to a specific government, this could emerge as the new form of warfare in the 21st century. Russia has already been accused of being the mastermind behind the “NotPetya” attacks in 2017. North Korea has also been implicated in various cyber attacks including the one that took place on Sony Pictures. We believe there needs to be an intersection of policy and technology to address these key problems that arise. Cyber threats go way beyond networks and hence any threat mitigation strategy must also look at attack vectors outside networks.