On the eve of the French run-off election between Marine Le Pen and Emmanuel Macron, a treasure trove of Macron campaign documents spilled out across the Internet via the anonymous publishing site, PasteBin. The 9GB-data dump occurred just minutes before the 48-hour election blackout, preventing candidates and media outlets from discussing the impending election.
A mix of false documents, leaked emails, accounting and contracts, the attack was designed to damage the heavily favored Macron before the blackout, when he would be unable to speak out in his own defense.
The group sowing doubt and chaos in the electoral process was quickly identified as Fancy Bear, a Russian government-linked hacking group also known as Pawn Storm or APT 28. Responsible for the spring and summer hackings of the DNC and Clinton Campaign Chairman John Podesta, Fancy Bear set up a phishing domain designed to impersonate the cloud storage website used by the Macron campaign.
The Kremlin Wages War
Given the French hacking and the U.S. hacking that is now the subject of FBI and Congressional investigations, experts believe Russia will continue to try to destabilize democracies all over the world.
While the U.S. struggles to respond to Fancy Bear’s gloves-off approach, Russia has been sowing electoral discord for years in countries like Georgia, Ukraine, Poland and Syria. When Russia invaded Georgia in 2008, a network of zombie computers overloaded the website of then-President Mikheil Saakashvili and halted Georgia’s internet traffic, which mostly runs through Russia and Turkey. That same year, state-sponsored Russian hackers remotely attacked and exploded a Turkish oil pipeline.
Closer to home, the U.S. Department of State experienced an unclassified email system shutdown, while White House computers, the U.S. Postal Service and even the National Weather Service all experienced hackings linked to Russia.
Home to some of the world’s best hackers, Russia has embraced this new form of warfare, investing in cyber tactics over traditional warfare at a ratio of four to one. While the election hackings demonstrated Russia’s mastery of cyber warfare, it also undermined the U.S. electoral process and tested the boundaries of American security measures.
By linking cyber attacks with other information warfare methods like propaganda, Russia has a distinct advantage in the cyber realm because it engages the criminal underworld in its proxy cyber wars. In exchange for aiding Russian military intelligence, the Kremlin turns a blind eye to organized crime’s financial and criminal attacks waged against the West.
As a result, there are more than one million programmers and 40 Russian-based criminal rings engaged in cyber crime, making it impossible for countries like the U.S. to match the same level of manpower using just government employees.
The Rise of Cyber Warfare
Though a relatively new form of warfare, cyber terrorism is now the second biggest fear among Americans — just behind government corruption.
This very real fear is prompting governments to spend millions in the cyber arena, as international agreements and treaties with other states have proven ineffective, given Russia, China and North Korea’s willingness to use proxies to wage cyber warfare.
Without shedding a single drop of blood, these nations employ advanced technological tools and capabilities to infiltrate enemy networks for the purpose of data theft, espionage, destruction of equipment and critical defense and industrial systems.
As cyber war becomes the norm, traditional arms manufacturers like Raytheon and Lockheed Martin are expected to bolster their investments by creating both offense and defensive tools for waging cyber war.
Hacking Goes Global
In recent years, more than 20 countries have announced their intent to launch or bolster their offensive cyber capabilities, resulting in a burgeoning digital arms race that represents a real risk to the data security industry.
While Russia is currently the most prolific state hacker, in 2014 North Korea waged war against American-based Sony Pictures Entertainment. China is also investing in cyber capabilities designed to penetrate, control and destroy warring state systems. Their most famous hack to date was the attack on the U.S. Office of Personnel Management, which resulted in the theft of Social Security Numbers and sensitive information of more than 21 million people interviewed for government jobs.
Closer to home, the UK was recently accused of hacking Google and Yahoo’s undersea cables to siphon unencrypted traffic, while Israel launched an attack against the Iranian oil ministry that wiped out data and caused widespread system crashes.
Why Cyber Attacks Are Growing
Since an attack launched from a single computer can cause widespread and lasting damage, cyber attacks come at little to no cost to perpetrators.
While traditional warfare is expensive and targeted, cyber attacks are inexpensive, quick, destructive and can be waged from anywhere. These facts make cyber attacks more accessible for small nation-states who risk little in waging attacks and face few repercussions if they get caught. Given the rampant use of freelance hackers, it’s often hard to distinguish between state actors and independent groups.
A Very Real Threat
As shown during the Internet-of-Things attack that brought the web to a halt in late 2016, a cyber attack could wipe out the entire information technology and service economy — blocking access to news, communication and entertainment sources. Such attacks could also harm utilities and financial, medical and informational targets, causing a significant impact on national GDPs.
While NATO’s Cooperative Cyber Defense Centre of Excellence defines cyber weapons as a “cyber means of warfare designed, used or intended to cause injury or death of people or damage or destruction of objects,” there is very little consensus as to what actually qualifies as cyber warfare — making prosecution and enforcement much more difficult.
Many scholars define a cyber weapon as an intuitively designed software, virus or intrusion device that can disrupt the critical infrastructures of other countries — from military defense systems and communications to electric power grids, financial systems and air traffic control — some even see espionage as a form of cyber warfare.
The first known use of a cyber weapon was Stuxnet in 2009 — malware designed by Israel and the U.S. aimed at disrupting the Iranian nuclear program by impairing centrifuges and slowing down their uranium enrichment program.
While a massive cyber attack capable of causing a widespread and long-term disruption to U.S. infrastructure is remote, small-scale attacks by smaller states or non-state actors remain a growing concern.
With more than 140 countries funding cyber weapon development programs, the U.S. has created USCYBERCOM to plan, coordinate, integrate, synchronize and conduct operations “to ensure U.S./Allied freedom of action in cyberspace and to deny the same to our adversaries.”
Cyberspace is now recognized as a critical domain of operations by the U.S. military, which is why the U.S. Defense Advanced Research Projects Agency (DARPA) is investing $110 million in the development of Plan X, and the U.S. Naval Academy received $120 million to build a classified cyber warfare center in 2016.
Vulnerabilities in Our Financial System
September 2008’s collapse of Lehman Brothers sent the global financial markets into a tailspin not seen since the 1930s, proving that a rapid destabilization caused by a cyber attack could paralyze the economy — shutting down ATMs, supermarkets, pharmacies, gas stations and causing runs on banks.
Today’s megabanks have thousands of employees and services scattered across six continents, managing trillions of dollars everyday. With the rise of digitalization, very few of these records are kept offline, making a catastrophic collapse caused by hackers a very real threat.
A recent study found that bankers fear cyber attacks more than they do political interference or a faltering economy, which is why banks like HSBC and First Direct are implementing biometric voice and fingerprint recognition instead of passwords. Given the strategic importance of the financial sector, a large-scale cyber attack now represents a serious threat to the larger global economy.
The vulnerability of financial institutions, particularly mobile and online services, has prompted banks like the Bank of England to include cyber attack scenarios in their annual stress tests.
In 2016, no financial institution is safe from cyber crime, so banks need to assume a state of continuous compromise by focusing on adaptive security that detects, responds to and remediates threats.
Payment Security Protection
While the threat of global cyber warfare remains remote, small-scale attacks on payment security systems occur every day. That’s why it’s important to keep your business and your customers safe with P2PE encryption solutions that secure data from the moment a card is swiped. To keep your company safe and secure in the future, contact Bluefin today to learn more about our seamless P2PE encryption solutions.