Digital Conflict blog


Kevin Coleman

Digital Conflict

By Kevin Coleman

View all blogs

Sharp rise occurs in cyber espionage incidents

Espionage has been around for hundreds of years but the recent growth in these activities has raised alarms within the government, military and intelligence communities, as well as the private sector. Espionage in general, and cyber espionage specifically, has grown substantially and has its sights set on military technology, IT, clean energy and even medical technology.

In June 2012 a U.S. House of Representative's Homeland Security Committee hearing gave those in attendance a bleak glimpse of the cyber espionage problem within the United States. A report to Congress in October 2011 titled, "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace," has raised the awareness of this issue and has many businesses taking action to mitigate this risk.

“We have seen an increased interest in our continuing education modules related to espionage and cyber espionage over the last year," said Brian Martin of Spy-Ops. To verify the increase, all one has to do is search Google News for "espionage" in the past year, and that will produce as many as 19 pages of news items on the topic.

Espionage and cyber espionage have the ability to compromise a business’s competitive advantage and steal product development secrets that result in the loss of years of effort and millions to hundreds of millions of dollars in losses. Businesses in the United States are not the only ones facing these attacks. In October, a Canadian firm specializing in power grids and an unnamed energy firm in Canada experienced a cyberattack in which a piece of malware was installed that was specifically designed to steal information. This has become such a pressing issue that management consulting firms have begun warning their clients about these risks. Let there be no doubt, we have entered a new age of espionage.

Posted on Nov 15, 2012 at 12:55 PM0 comments


What should be the United Nations' cyber role?

A number of questions have been raised lately that are generating some interesting discussions about the role of the United Nations in cyber warfare and peacekeeping efforts.

While the United Nations is active in the cyber domain, its role, mission and objectives are less clear. For example, in one recent conversation a cyber warfare subject matter expert asked, "What would a United Nations cyber conflict peacekeeping force look like, and how would it respond to significant acts of cyber aggression?" 

Perhaps a better question would be whether United Nations' cyber peacekeepers would be able to keep a cyberattack from escalating into an all out cyber war. Given the United Nations' activities in arms treaties and control, is there a role here for cyber arms control?

When we consider such factors as the significant growth of cyber crime, the proliferation of cyber weapons, and the use of cyberspace by terrorist organizations to recruit, train and conduct other activities, it seems some action on the part of the United Nations is necessary. Added to this is the fact that some cyberattack attribution appears to be an exchange of weapons to fire between nations.

The Internet is a component of peace and security, global development, human affairs and has a substantial impact on International law--all areas of focus for the United Nations.  It just seems that cyber conflict is a good fit for the United Nations' portfolio of activities. That being said, addressing the numerous cyber areas listed above will be a huge challenge. That is why there is a clear need and activity in the area of cyber diplomacy. The U.S. State Department started this due to the broad range of U.S. interests in cyberspace. 

Make no mistake about it, cyber diplomacy is part of modern diplomatic relations in the highly connected world we live in. It will only grow from here.

 

 

Posted on Nov 08, 2012 at 12:55 PM2 comments


Proof of global cyber danger hard to ignore

The growing threats posed by cyberattacks are not a secret. Many government intelligence agencies in countries around the world recognize the threats that cyberattacks pose to a country’s national security.

These attacks are known to have come from individuals, political and extremist groups, insurgent groups, criminals and criminal organizations, and terrorists and rogue nation states. Reacting to that threat, the global intelligence community has begun to collect and analyze cyber intelligence and include cyber in their annual threat estimates.

The Danish Defense Intelligence Service recently produced a report titled “Intelligence Risk Assessment 2012: An intelligence assessment of developments abroad affecting Denmark’s security.” The report can be summarized by the main conclusion, which is as follows:

“The threat posed by states, groups and private individuals in cyberspace generally constitutes a security risk for Denmark and the Danish Armed Forces, including troops deployed abroad. Foreign intelligence services, terrorist and insurgent groups as well as criminal organizations and groups are increasingly using the Internet to conduct espionage activities against Denmark or damage Danish websites and web servers.”

Recent cyberattacks have highlighted how individuals, political and extremist groups, insurgent groups, criminals and criminal organizations, terrorists and rogue nation states do not show much reluctance when it comes to using this nonviolent means of warfare. In addition, many military and intelligence organizations have articulated the priority that has been given to cyber warfare by some world powers. The organizations point to the Chinese military and caution about future cyberattacks and the growing complexity of such attacks.

Given all the government, military and intelligence organizations, as well as private sector businesses in the field of cyber security keep warning about this issue, why are there so many out their claiming this threat is overblown?

Posted on Nov 01, 2012 at 9:03 AM0 comments


US critical infrastructure remains under heavy cyberattack

An executive at Kaspersky Lab just warned that global cyber warfare is in “full swing” and will probably escalate in 2013. Those are very dangerous words. This comes on the heels of a series of cyberattacks targeting the financial sector; specifically, on U.S. banks, which has entered its fifth week. The successful attacks were against the websites of some of the largest U.S. banks, and by all accounts these sites were well constructed and defended. Consider for a moment the amount of web traffic needed to overload these websites; it is not trivial, that is for sure. It is said to be one of if not the largest cyberattacks in history. This clearly speaks to the level of capabilities of the attackers as well as their determination.

As I noted in my previous blog, cybersecurity professionals have pointed the finger at Iran as the entity behind the attacks. There have been those who have expressed the view that the recent cyberattacks that have been targeting U.S. banks is retaliatory cyber fire for Stuxnet, Duqu, Flame and Mini-Flame malware that has targeted infrastructure systems (e.g., nuclear enrichment and oil production) in Iran. It should be noted that Russia also was implemented in the cyberattacks by Carl Herberger, a vice president at network security firm Radware. This seems to be supported by the claim made by an unnamed private security professional who stated that a closed-door meeting about these cyberattacks recently took place at the White House. Bear in mind that President Obama is reportedly considering issuing an executive order on cybersecurity in place of the legislation, which is stalled in Congress, as I also mentioned.

Are we in a cyber war? Just what level of cyberattack constitutes an act of war? If this is an act of war, will kinetic weapons be included in our response to these malicious cyber activities? So many questions remain unanswered.

Posted on Oct 25, 2012 at 2:46 PM0 comments


Defense Systems eNewsletters