Governments To Show ‘Public Demonstrations Of Cyber War Power’

As governments increasingly find themselves involved in cyber attacks, whether they are the perpetrators or the victims, they will start to flex their muscles more.

That’s the view of Mikko Hypponen, chief research officer at F-Secure, who thinks the cyber arms race will closely resemble the nuclear arms race of the 20th century, where nations put on public displays of firepower to frighten enemies.

“There will be public demonstrations of cyber power just to get the deterrent,” Hypponen says. And it’s something the US has already started doing, albeit indirectly, he claims.

Since Stuxnet was uncovered in 2010, disrupting Iran’s uranium enrichment processes by making centrifuges go crazy, it has become clear governments are investing in their digital arsenals. It is believed the US and Israel were behind that infamous initiative.

In the last year, the world has learned of Flame, Gauss and Duqu – all highly-advanced cyber espionage tools, all likely funded by regimes.

US fanning the cyber war flame

Much of it remains unseen, but Hypponen believes the US, which is also thought to have driven the Flame campaign, wanted the world to know it was behind that historic piece of malware Stuxnet. “You think they leaked it by accident? I don’t think so, not for a moment. It is election year,” he told TechWeekEurope. “They took the credit for Stuxnet.”

America, in talking so openly about cyber threats and in leaking information on their attacks, are attempting to deter others from making attempts on US networks, he says.

The Chinese are likely to be investing heavily too. But in a typically Chinese way, they are far more secretive than their American counterparts. Indeed, most of the information on China’s efforts come from US sources.

Is the US perhaps guilty of fuelling the debate on purpose, in order to justify retaliation, as it looks at its own cyber jus ad bellum? Hypponen was particularly suspicious of US claims that an attack on oil giant Saudi Aramco, which crashed 30,000 machines, was committed by Iran in response to the Stuxnet campaign and to US-led sanctions on the country’s nuclear projects.

“I don’t think I’m buying it. Something is missing. If they were retaliating why wouldn’t they be retaliating against the US or Israel?”

Then there is the Huawei situation. Whilst Hypponen is undecided on whether Huawei’s kit does contain purposeful backdoors, or if it is just “crappy code”, he has his own questions about US vendors’ ties to the federal government. In particular, he wonders why Intel hasn’t moved chip fabrication operations to China, as the majority of other American hardware firms have done.

“Everyone else is moving their chip fabrication to the cheapest place in China. Intel has seven chip fabrication plants in the US. I don’t think it is a coincidence.

“Business logic would have driven them to China but they haven’t and I think there is a reason.” Which is? “I don’t know,” he adds, with a wry smile.

“I was expecting to see a comment from the Chinese Chamber of Commerce to tell Chinese companies to avoid doing business with Cisco, Intel and Microsoft because of their ties to US government.”

Hypponen admitted, however, that it would be trickier for Chinese firms to ditch those vendors, given their global footprint and in China.

Evidence of cyber warfare piles up

Regardless of suspected surreptitious behaviour, evidence of government involvement in malware creation continues to pile up.

Just this week, more reports of nation state activity in the cyber space emerged. CERT-Georgia reported on a major cyber espionage campaign, which saw Georgian government bodies infected with malware. That included Georgian parliament and government departments.

The purpose of the malware was to collect confidential documents on Georgian and US security, establishing a connection with Russian security agencies, according to the report. It claimed a number of Georgian news-related sites were hacked to serve up nasty code to users, in the hope that government officials would visit those websites.

A follow-up analysis by security firm AlienVault showed how various obfuscation methods were used to hide the malware, which was also capable of recording audio over the microphone as well as video over webcams, according to CERT-Georgia.

The ‘Georbot’ campaign appears to be yet another example of regime-funded cyber espionage. And Hyponnen, whilst he backs moves to regulate the arms dealers (i.e. exploit sellers and creators), believes we have crossed the Rubicon, even if these are only antebellum movements.

“We are seeing only the very first steps in the revolution in how wars are fought and how future crises will have this cyber element.”

Are you a security guru? Try our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Mark Zuckerberg Overtakes Bezos To Become Second-Richest Man

Billionaire battle. Meta's boss Mark Zuckerberg overtakes Jeff Bezos to become the world’s second richest…

20 hours ago

US, Microsoft Disrupts Russian FSB Hackers

Internet domains used by “Russian intelligence agents and their proxies” for cyberattacks, seized by the…

22 hours ago

Mike Lynch Died From Drowning, Coroner Inquest Rules

UK's tech billionaire Dr Mike Lynch died from drowning on his superyacht, but his daughter's…

1 day ago

Tesla Recalls 27,000 Cybertrucks Over Rear Camera Issue

Another recall for thousands of Tesla Cybertrucks over delay with rear camera, with could hamper…

2 days ago

Browser Firms Press EU To Reconsider Microsoft Edge As Gatekeeper

Browser firms write to European Commission alleging Microsoft's Edge web browser enjoys an unfair advantage

2 days ago

Microsoft Invests €4.3 Billion In Italy For AI, Cloud

Data centre and AI spending spree continues over at Microsoft, with Italy earmarked for €4.3…

2 days ago