Cloud Hosting

When encountering security practitioners from espionages darker side, I often start the conversation with an initial question: how far inside our critical infrastructure might our adversaries be? And, how far inside theirs do you think we are?

What usually results is a short silence, followed by a swift rhetorical manoeuvre towards another topic.

In reality, the answer to my question might simply be unknown but the fact that experts dont seem willing to engage with the enquiry is important in itself. For example, do the Russians (or other potential adversaries) have the capability to disable our electrical power networks? Can they do this with a click of a mouse and with the same apparent ease with which Russia can turn off gas supplies across Europe?

We live in uncertain times. The war in Ukraine, concerns about Taiwans security and conflicts in the Middle East are evidence of a world thats far from stable or predictable.

In times like these, you dont need to look too far to find headlines speculating on cyber-attacks and their technicalities.

Its reasonable to expect that since the start of Russias war GCHQ, the National Cyber Security Centre, the NSA and other Western cyber-powers have all been sharing knowledge with Ukraine.

Early in the Ukraine war, NBC reported that President Biden had received a menu of options for conducting cyber attacks against Russia. The story stated the attacks would focus on disrupting networks and not harming people. Read past the headline, however, and the story reports that a US government spokesperson described the its given menu of possible cyber attacks as wildly off base and does not reflect what is actually being discussed.

Despite the spokespersons reported rebuttals, its hard to imagine that what NBC described in its story isnt already part of a longstanding strategic cyber response plan.

Russia itself is sure to have utilised, at least in some part, their significant cyberwarfare capabilities to further their intentions in Ukraine. During the 2014 invasion of Crimea Russia amped up its attacks on Ukraine, taking down government sites and social media platforms, and using spyware to track the movements of Ukrainian politicians.

Attacks went as far as physically ripping up fibre-optic cables between the Crimean peninsula and the rest of Ukraine in order to sever communications with Kyiv and give the Russian state media the monopoly on information. But the attacks made during the conflict itself were not the first: for months before the start of the 2014 invasion, Russia had been taking part in strategic cyber-espionage to gather information they could use in advance of their first strike.

Moving to the current war in Ukraine, reports continue to emerge of cyber activities. Some commentators suggest a haphazard approach by Russias cyber forces a theory which seems to line up with the invading states reportedly ineffective overall military approach to date.

Its a fair assumption that Russia will have used their cyber capabilities to assist their military objectives. It is equally fair to assume that Ukraine will have done everything in its power to prevent a Russian cyber-victory. We are unlikely to ever discover the reality of the situation, but some of the initial activity that we have observed include: various Ukrainian Government sites suffering Distributed Denial of Service (DDoS) attacks, spear-phishing activities taking place in NATO countries and a malware wiper tool erasing data from devices. Pro-Russian hacking groups have also been able to successfully disrupt businesses and government infrastructure in countries backing Ukraine, including in Lithuania, Latvia, Poland and Denmark.

The most worrying aspect in the cyber world is that, unlike the Cold War and its nuclear proliferation, there is no dtente - no international agreement or arms control. Additionally, we currently live in the cyber-wild-west where politically motivated cyber attacks arent the sole preserve of nation states. Rather, such attacks can be launched by individuals.

However you describe them patriots or vigilantes these attackers have many potent digital weapons at their disposal. Just how numerous and dangerous these software tools are became clear with the recent Vulkan Files leak: disgruntled by the war in Russia, black-hat hackers leaked a huge trove of data and insights about how Russias offensive cyber activities work.

An attackers actions also have the potential for catastrophic worldwide impact. Even targeted attacks by nation states have the potential to spill over into the rest of the world, as we saw with the Petya/NotPetya ransomware attacks carried out on Ukraine. These spread to organisations across the globe, including Maersk, Mondelez International and the UKs own Reckitt Benckiser.

The Internet of Things (IoT) is often not well-protected, leaving systems such as CCTV cameras vulnerable to attack. Indeed, there have been reports of Russian individuals hacking the dashboard cameras of Ukrainian defence forces, leading to dashcams being banned in parts of the country.

While this is, of course, incredibly dangerous for Ukrainians on the battlefield, other scenarios could see serious impacts for civilians too. Moving our discussion away from the battle field, your smart doorbell, baby monitor and smart watch data could all theoretically be used to paint a picture of your life: what you do, where you go and who you care about. These devices, which often have only basic defences against malware, could all also be used to monitor politicians, civil servants, judges or military personnel and provide hostile states with invaluable intelligence.

View post:
Could the lights go out in Europe? | BCS - BCS