Loading icon

Beyond Guns, Gates and Guards

News & Features | April 9, 2013

It is often said that today we live in a global age. With the advent of the It is often said that today we live in a global age. With the advent of the It is often said that today we live in a global age. With the advent of the people and countries are more interconnected than ever before. Information can be shared instantaneously. Therefore, information can be stolen just as instantaneously. A downside to this heightened interconnectedness and information deluge is the increased chance that classified or private information will be leaked or hacked. With the increase of sensitive and valuable information online, there is an even greater opportunity and incentive for individuals and governments to create hacking initiatives The consequences of hacking have become widespread and have created both a new type of espionage and warfare. No longer do states have a monopoly on violence. The paradigms of warfare are changing. Much of it is shifting online.

On March 11th, the Obama administration openly demanded that the Chinese government adhere to “acceptable norms of behavior in cyberspace.” This request comes at a diplomatically tense time, as Washington is looking for cooperation with China in preventing North Korea and Iran from amassing a nuclear arsenal, and desperately wants to maintain stable Sino-American relations. But the Chinese have frequently been implicated in large-scale theft of information from American networks—both commercial and federal—leading the White House to decide that it was high time an official complaint be made against the Chinese. Analysts state that Chinese hackers are stealing data at an unprecedented rate. Mike Rogers, the chair of the House Intelligence Committee, stated: “China is stealing our intellectual property at a rate that qualifies as an epidemic.”

This epidemic has hit many American media outlets. The New York Times, Bloomberg News, The Wall Street Journal, and The Washington Post have all reported that they had been the victims of Chinese-based cyber attacks. In many cases, the media outlets were hacked after running an article or story on important officials in China, or if reporters had connections to classified government information. Coca-Cola was hacked by the same group as they entered into negotiations to buy out a Chinese juice company. The negotiations eventually fell through. A computer security company, Mandiant, recently did an in-depth investigative report and determined that these hacks all originated from the same place: a hacking group they call “Comment Crew.”

Comment Crew is known as one of the most sophisticated hacking groups currently operating. The Mandiant report concluded that the group is based in a building that houses the P.L.A. Unit 61398, officially known as the 2nd Bureau of the People’s Liberation Army’s General Staff Department’s 3rd Department. Therefore, Comment Crew is either a Chinese military operation or, as Mandiant stated: “the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.” China denies that any of the hacking attacks are government sponsored, but the evidence does not support this statement.

These attacks were made through e-mail and are called “spearphishing.” The group sends a bug e-mail that, once opened by one employee, gives the hackers access to the entire computer systems. Most of the e-mails were sent to low level individuals who never knew that they had any part in a hacking scheme. One click on one of the many e-mails that employees see in a day is enough to compromise the information of an entire corporation. And in a world where so much business is conducted using the Internet, that one click can compromise the information of all the clients of a company.Cyber attacks involve the common citizen in a way traditional warfare attacks could not.

Comment Crew has recently been focusing on even larger targets. There were successful attacks made on The Defense Department, the State Department, the United States’ largest defense contractor Lockheed Martin, contractors for the National Geospatial-Intelligence Agency, and the National Electrical Manufacturers Association. Another computer security company, Dell SecureWorks, states that it believes this same group of hackers was also responsible for a series of cyber attacks uncovered in 2011 that targeted the United Nations, and various government agencies in the United States, Canada, South Korea, Taiwan, and Vietnam. However, analysts say the most alarming of these incidents is an attack on a branch of the company Telvent, based in Canada. The company creates software that coordinates the power switches and security systems of oil and gas pipelines. It is unclear if these attacks were a search for industrial information that could be used for profit, or if they were the beginning of a more combatant style cyber-attack.

Hacking isn’t always about economics. Governments are beginning to use hacking in place of traditional methods of warfare, such as bombings. The United States and Israel were recently involved with one such initiative called Stuxnet. Stuxnet has widely been acknowledged by experts as the most sophisticated and complex cyber weapon ever created. The program was a cyber worm that infiltrated the computer systems of a nuclear plant in Iran. The plant contained hundreds of centrifuges that enrich uranium to be used in nuclear weapons. Stuxnet worked into the computer systems and lay dormant while it recorded the normal operations of the plant. The program then caused the centrifuges to rapidly speed up so that they spun themselves into destruction, while projecting what appeared to be normal operations on the security cameras at the plant. The attack was so sophisticated that it appeared the centrifuges were merely malfunctioning due to faulty parts. Thus, even some undamaged centrifuges were taken out of service because it was believed they too would malfunction. Some estimate the damages to the plant will push Iran’s nuclear weapon production back until 2015, although most estimates don’t predict as drastic of a lag in production.

Washington and Jerusalem are both certainly happy about this development, but both initially denied responsibility for the Stuxnet virus. However, evidence irrefutably points to the U.S. and Israel.

In retrospect, some U.S. officials worry that the Stuxnet attack will create a new precedent for cyber attack. That in the future we will be obligated to attack North Korea’s nuclear plants. That other countries will begin attacking us. That it will become a norm for oil pipelines to self-destruct because someone will have both an economic or political motivation and the tools to act.

Stuxnet is the first large-scale cyber attack of it’s kind. Yet it appears countries like China, with their highly sophisticated Comment Crew, are already beginning to test similar programs, and may soon act against American infrastructure. This is why the infiltration of companies such as Lockheed Martin and the National Electrical Manufacturers Association are so sombering.

Furthermore, there are many instances of hackings that have yet to be traced back to a certain group or government. There were hackings in July of 2009 that disabled the Web servers of the U.S. Treasury, Secret Service, Federal Trade Commission, and Transportation Department that are believed to have come from North Korea. And it is believed that the virus left “trapdoors” that would allow hackers to go back and re-access various servers and networks in the future. Israel and Palestine are also currently dealing with a series of hackings that have reached their energy and water supplies that are seemingly originating from Iran. These hacking also began as spearphishing attacks through email. Israel has even been forced to take its police force network offline.

Analysts warn that soon the world may see a new type of cold war. But instead of nuclear warheads, countries will begin an arms race of hackers and sophisticated computer viruses. Government officials state that there are currently 12 countries developing offensive cyber weapons.

Organized governments aren’t the only ones forming attacks. The hacking group Anonymous has been making headlines as of late. The group seems to be a loose collection of hackers based all over the world who have met in the depths of the internet on forums such as 4chan. The group is known for attacking certain organizations they disagree with. They’ve hit the websites of Sony’s PlayStation network, Fox television,Paypal, and the C.I.A. Most recently, Anonymous began attacking Israeli governmental and business websites: forcing the sites temporarily offline, publicly posting usernames and passwords, and deleting some online information. Though these attacks don’t seem to be as nefarious as those Israel is facing from elsewhere, they have slowed the workings of many important Internet sites and tossed thousands of unsuspecting civilians’ usernames and passwords online. No longer do sovereign states hold the key to waging warfare. Today, a loose collection of hackers can have an effect.

Another hacking tactic that analysts are wary of is what is known as Distributed Denial of Service (DDoS). This is a method wherein hackers hit Internet servers with such immense amounts of traffic that the server is rendered unreachable. The website Spamhaus, which determines if certain websites or emails are spam, was recently sieged with a DDoS attack. Spamhaus’s Domain Name System servers were targeted and deluged with false traffic. Though the website managed to remain functioning due to their many servers, the attack was at a frequency of traffic previously believed unattainable. Attacks of this magnitude could take down online government infrastructures, e-mail, and communication sites such as Facebook and Twitter, which showed their value in revolutionary movements such as the Arab Spring. In an arms race of hacking, DDoS tactics would be a simple but powerful weapon.

Analysts warn that the precedent for this cyber arms race is particularly threatening because the U.S. is incredibly vulnerable to cyber attacks. Much more so than many other big players such as Russia or China. Richard Clarke, a former counterterrorism chief to both Bill Clinton and George W. Bush, writes in his new book warning about America’s cyber fragility that China has “the ability to disconnect all Chinese networks from the rest of the global Internet, something that would be handy to have if you thought the U.S. was about to launch a cyberwar attack on you.” The U.S. has no such mechanisms available. Offices like the Pentagon often use software that is commercially bought, and thus highly susceptible to hacking. Clarke asserts that the entire U.S. infrastructure of power grids, communication satellites, oil pipelines, and even banking structures, could all be brought down within 15 minutes.

Clarke argues that if the U.S. were to separate our necessary infrastructure from the public Internet, and begin working on cyber weapon control agreements with other countries, we could avoid the whole conflict. But this doesn’t specifically prevent attacks that originate through spearphishing. And these changes can’t be enacted immediately.

Hacking and the information age have altered the paradigms of warfare. Countries can attack each other remotely. Civilian organizations can be as important players as governments with armies and navies. The examples of the Comment Crew and Stuxnet appear to be merely the beginning of a modern precedent.