In 2010, Iran’s uranium enrichment centrifuges were attacked and rendered useless by a computer virus that became known as Stuxnet. It was the first case in which a hacker attack, coordinated by nations (supposedly the United States and Israel), hit a major military target in the “real world”. At that moment, a worldwide race to create or acquire cybernetic weapons was taking shape.
Then-US Defense Secretary Leon Panetta warned in 2012 of the dangers of a possible large-scale digital attack against the United States with the possibility of causing death and destruction in the real world.
The threat was dubbed at the time “Cyber Pearl Harbor”. Washington promised that if that happened, it would retaliate not just digitally, but with whatever weapons it deemed necessary, including nuclear missiles.
The “Cyber Pearl Harbor”, that is, a war between nations started by a cyber attack of great proportions, did not occur.
What was configured on a global scale was a scenario of constant cyber conflicts at different levels. However, with actions more restricted to the virtual universe.
The major powers in these confrontations are today the United States, China, Russia, Iran and Israel. According to Eduardo Izycky, a researcher at the Department of War Studies at King’s College, London, these countries produce offensive cyber capabilities and manage to apply them on a global scale.
They have either operated directly or sponsored private puppet groups (in an attempt to camouflage the origin of the actions). They carry out operations such as theft of technological secrets, espionage, sabotage of critical infrastructure and dissemination of false information.
An example of this was the theft of American industrial secrets by Chinese hackers that allegedly took place between 2008 and 2013. According to a survey by Foreign Affairs magazine, this generated annual losses between US$ 200 billion and US$ 600 billion for the US and enabled China to move forward with its industrial program “Made in China 2025”.
Another example occurred between 2014 and 2015, when Russia allegedly used hackers to destabilize Ukraine’s election and bring down the country’s electricity grid, leaving more than 200,000 people without power.
Race is motivated by geopolitical disputes
Cyber conflicts do not arise from the virtual universe itself. They are based on geopolitical disputes that already take place in the “real world”.
So, seeing their rivals exploiting cyber capabilities, more and more countries outside the circle of traditional powers are starting to buy or develop their own resources. This movement has been generating, since mid-2015, a global race for cyber weapons.
Countries like Vietnam, Turkey, United Arab Emirates, France, South Korea, India and Pakistan started by buying technology from private companies and are now developing their own cyber resources. They are intended for regional disputes, according to Izycky.
But what are cyber weapons anyway?
They are called “artifacts” in military parlance, but they are computer programming code that infects systems of opposing nations. They are used to steal information, destabilize communications, destroy or disable equipment, bring down electrical networks, among other purposes.
During conventional warfare, they serve as support to extract information from the enemy, render weapons and communication systems useless, and destabilize chains of command and control.
That is, they are computer “viruses” that operate with different degrees of complexity. These are malware (malicious software), exploits (pieces of software that take advantage of a design defect in other software) and techniques such as denial of service (when a website goes down due to too many deliberate simultaneous accesses).
Nations can use anything from simple malware and techniques known and used by common cybercriminals to advanced cyber weapons. Some of these “artifacts” are extremely complex and expensive. They allow hacking into computers and cell phones without users clicking on a suspicious link or opening a file – they are called “zero clicks”. They are also hardly traceable and rely on an entire structure of equipment and personnel to function.
Low risk of retaliation spurs action
“You have a lot of leeway, which the cyber dimension provides. You harm your opponent, you have an advantage for yourself – steal technology and develop a state-of-the-art fighter, for example – and the cost of that, from a geopolitical, diplomatic or even in terms of economic sanctions point of view, is low”, said Izycky.
The most effective American response scenarios to cyber attacks to date have not involved planes, armored vehicles, ground troops, much less take the form of a nuclear mushroom.
In 2014, Sony Pictures decided to make a film satirizing North Korean leader Kim Jong-un. Hackers from Pyongyang broke into the company’s servers and made public a series of compromising e-mails from the film industry. Then they threatened to carry out more “terrorist” attacks.
Interview Wargames: Defense Industry in Brazil: Investing in order not to lose sovereignty
Former President Barack Obama has publicly blamed Kim Jong-un and lifted the first economic sanctions in history in response to a cyber conflict with North Korea. Pyongyang’s actions ceased soon after.
The following year, Obama managed to reduce theft of American technology by Chinese operators by confronting President Xi Jinping at a diplomatic meeting.
Thus, the cyber arms race appears to differ in at least one aspect from the conventional or nuclear arms race: that of deterrence.
In general, a country tries to improve its conventional military capability when it sees the neighboring nation arming itself. The idea is to avoid being attacked.
But that doesn’t necessarily happen in cyber conflict. The United States has a very high cyber conflict capability and yet it is the target of numerous attacks.
In other words, cyber conflict between nations is more similar to the dynamics of crime and espionage than to war. This is because, like crime, cyber attacks cannot be eradicated, but rather kept at acceptable levels.
Last year, a hacking group allegedly linked to the Russian government attacked an American gas pipeline. This caused panic among consumers and lack of fuel at stations.
US President Joe Biden told Russian President Vladimir Putin that attacks on US critical infrastructure were beyond the limits tolerated by Washington. Subtly, he threatened to take the same kind of cyber conflict measures against Russia.
Moscow does not allow hacking. It claims they are independent criminal groups. However, these criminals are seldom arrested, which leads international analysts to speak of collusion or even partnership.
While other smaller attacks on the US were later carried out by Russian groups, it is not yet possible to know exactly what the long-term effect of the Biden threat will be.
Destabilization of political systems
The targets of cyber weapons are not just industrial secrets, critical infrastructure and command and control systems. One of the most important aspects of conflict in cyberspace is that of disinformation.
Yes, we are dealing with “fake news” on social networks – when it is spread by governments (directly or through private or shell companies) with the aim of destabilizing rival electoral processes, discrediting foreign government systems or obtaining geopolitical advantages.
A recent example is a heavy investment in advertising on social networks made by China to spread the idea that the origin of the Covid-19 pandemic would be the United States and not Wuhan.
According to an October 2021 report by the Independent newspaper, Beijing has been claiming on social media and media linked to the country that the virus would have reached China in a shipment of lobsters from the United States.
However, the most concrete examples of disinformation campaigns were Russia’s alleged attempts to influence the outcome and discredit the American electoral process. First hacking the Democratic Party in 2016 and using social media to spread information favorable to Donald Trump. Then, trying to discredit Joe Biden’s 2020 election, according to US investigation.
American intelligence also accused Iran of having launched a covert disinformation campaign to try to prevent Trump from being elected in the last election cycle, due to its policy of total pressure against Tehran.
This type of campaign, like the one in Russia and Iran, is done through so-called “bots”, automated accounts on social networks or through teams of “human” experts who control several profiles at the same time – or even through a mixture of these two resources.
They try both to give visibility to a specific narrative, and to denounce content from political rivals en masse, so that they are excluded by the algorithms of social networks.
One of the most sophisticated of these teams is the IRA (acronym for Internet Research Agency), which became popularly known as the “St. Petersburg Troll Factory”, allegedly linked to the Russian government. It would have around 80 operators and a monthly budget of $1.2 million.
According to analysts, in addition to acting in the American election campaign, the Troll Factory would have carried out disinformation actions in the Brexit process (Britain’s departure from the European Union in 2020, approved in a referendum in 2016), in a referendum in the Netherlands in 2016. and in the German elections of 2017. It was even the target of offensive cyber actions by the United States.
According to the 2020 report by the Program for Democracy and Technology at the University of Oxford, the number of countries where companies similar to the Troll Factory are active in disinformation campaigns has risen from nine in 2017 to 48 in 2020 – including Brazil. The university makes no distinction, however, whether the actions in these countries came from national groups or from other nations.
How is Brazil?
Brazil has defense systems against cyber attacks subordinated to the Institutional Security Office, the Ministry of Defense and the Armed Forces. The idea is primarily to protect critical infrastructure, strategic military equipment and command and control structures.
The country is not involved in geopolitical conflicts, which reduces the possibility of cyber attacks from foreign nations.
However, according to analysts, nearby nations already have offensive cyber conflict capabilities, such as Colombia, Venezuela, Chile and Mexico. In most cases, the artifacts are used in the fight against organized crime, but in theory it is not possible to guarantee that they will not be used in other contexts in the future.
Brazilian public security forces have already made contact with companies that supply artifacts and infrastructure for offensive cyber actions. But there is no public information that the technology has been acquired.
Judiciary authorities are currently investigating the origin and legality of alleged disinformation campaigns in Brazil. But in general, the cyber threats that most concern citizens and businesses come from common crime, such as ransonware (lockdown of computer networks for extortion) and phishing (invasion of computers to steal data).
#Whats #stake #global #cyber #arms #race
