The bits that get ignored

Crime and Punishment in Cyberspace

In relation to the US/Russia summit occuring today, I have made predictions about what will and will not be declared after it. Although it is largely a media event, there are opportunities for addressing common interests, and Russia has been signaling for a long time, and particularly recently, one of them -- cyberwar.

I hate the term. It really is warfare to damage communications, command and control, and civil infrastructure via computer networks. It is an extremely dangerous and powerful element of warfare in that it can be devastatingly effective and attribution, just like covert operations, is extremely difficult. In my opinion it was the publication by Wikileaks of the Vault 7 series exposing cyberwar tools developed by the CIA/NSA with misattribution elements that sufficiently annoyed former Secretary of State Pompeo to urge for the extrication and indictment of Julian Assange, even though the publication of the State Department Cables years before had really riled up the US. Lots of people like to point to the horrific "Colleral Murder" video, or the war crimes documented in the Afghan and Iraqi War Diaries. I dont think the US cares much about this, but exposing diplomatic cables and active covert intelligence tools makes some people rather angry.

Russia has been calling for an international convention on the use of these cyber weapons, which the US has steadfastly refused. That refusal indicates a sense of strength, which I think is poorly based. Whilst the US does possess the greatest access to and control of global network infrastructure, that does not leave them invulnerable, particularly to attacks against civilian infrastructure which is commonly privately owned and run by companies who have no idea about how to defend it. One could look at the Colonial Pipeline interruption, or the JBS Meat infrastructure events. I am sure that Russia is happy that these events occurred to highlight US vulnerability. One of the craziest was the SolarWinds event; a software service used extensively throughout US government institutions. Its update server, the thing that controls the software being used was guarded by a password, chosen by the company, of "solarwinds123".

Whilst Russia has been calling for this, there have been great efforts in the "West" to improve reponse to these types of actions. They seem to be caused in the vast majority by either young people studying information security and doing silly things or much more commonly organised crime syndicates. It has been conferences of information security coupled with national investments into bodies like Computer Emergency Response Teams (CERTs) which has provided some response to the criminal abuse of this lack of defense knowledge in civilian industries.

It should also be noted the the greymarket for 0-day vulnerabilities which enable these types of attack is a very large industry. Additionally, just as the CIA has an information wing and an operations wing, the NSA has an offensive wing and a defensive wing. The problem for the NSA is that its offensive wing wants to hoard the vulnerabilities it has found rather than, in the case of US technology used overseas, issue vulnerability reports to have them fixed. Thus, you have a large industry and a power-play dynamic preventing the fixing of many of the potential problems.

I do not condone any offensive computer intrusion actions and have no idea who did any of the three events mentioned, but it does highlight nation wide system vulnerabilities that exist if appropriate security protocols are not understood and used by national critical infrastructure organisations. The lack of reporting in frequency of these computer network based infrastructure attacks against Russian targets indicates at least one of the following; Russia has far greater control of announcements of these incidents, and/or Russia has a better defense/incident response. I suggest quite a bit of the former and a little of the latter.

I am not sure what an International Treaty on the Use of Cyber Weapons would contain, but starting that discussion would be a welcome potential outcome of this summit.

Sources

• Taking a wider view; the Putin/Biden summit

• Putin calls for new non-aggression pact on cyberwarfare

• Putin says Russia would accept conditional handover of cyber criminals to U.S.

• THE REVELATIONS OF WIKILEAKS: No. 9—Opening the CIA’s Vault

• Colonial Pipeline attack: Everything you need to know

• Many of America’s largest meat plants shuttered after cyberattack

• What you need to know about the biggest hack of the US government in years

• Cyber Security Services Market Size Worth $192.70 Billion By 2028: Grand View Research, Inc.

• Breaking up the NSA