Cybersecurity and geopolitics

The Cyber Conflicts that will define the next five years

Fecha

March 2021

Tiempo de lectura

Approximately 4 minutes


Alec Ross

Expert in Technology Policy and Digital Development

The first recorded incident of hacking dates back to 1903, attributed to a magician and inventor named Nevil Maskelyne. John Ambrose Fleming was at the time publicly demonstrating the advances in wireless Morse code with his Italian partner, Guglielmo Marconi, who was nearly 300 miles away. Maskelyne disrupted what was supposed to be secure wireless telegraphy to send insulting Morse code dispatches to Fleming. The message read: «There was a young fellow of Italy, who diddled the public quite prettily», referring to Marconi.

This is how hacking started — as a sort prank among the technologically-sophisticated — a way of poking fun and making harmless mischief. Those days are long behind us as the nature of cyber conflicts has evolved in sophistication and ugliness to such a degree that it is my belief that the weaponization of computer code is the single most significant development in conflict since the weaponization of fissile materials, the notable difference being that creating a nuclear weapon requires access to the scarcest of scarce scientific talent and transuranium materials whereas the creation of a cyber arm has a much, much lower barrier to entry.

Main types: attacks on a network's confidentiality, availability, or integrity

Attacks that compromise confidentiality aim to steal or release secure information like credit card or social security numbers from a given system in an illicit or unauthorized manner.

The second type of cyberattack hits a network's availability— attacks typically known as denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks. Denial-of-service attacks aim to bring down a network by flooding it with a massive number of requests that render the site inoperable. Distributed denial-of-service attacks are exactly the same except that the attacker has mobilized several systems for the attacks. DDoS attacks aim to use so many attackers (potentially hundreds of thousands) that it becomes nearly impossible to distinguish the attackers' traffic from legitimate traffic. This type of attack can also use hijacked systems to mask its origin. Hundreds, thousands, or hundreds of thousands of computers can be hijacked by hackers and coordinated to attack together, in what's known as a botnet.

Last, cyberattacks can also affect a network's integrity and it is this third type of attack that I believe is going to define cyber conflicts over the next five years. These "integrity" attacks are more physical in nature. They alter or destroy computer code, and their aim is frequently to cause damage to hardware, infrastructure, or real-world systems. Once an integrity attack has taken over a machine, the machine can end up being rendered useless and added to the waste stream.

Integrity attacks

Integrity attacks have moved from being the exclusive province of governments to what now includes likely hundreds of cyber gangs with these capabilities today. Governments used integrity attacks to shut down nuclear facilities and take oil facilities offline. Cyber gangs are using integrity attacks to get inside corporate networks and in some cases demand ransom lest they destroy the data. In other cases, once they are inside the corporate network, they take over the network's payment systems and issue a series of payments (often in the form of cryptocurrency) to accounts controlled by the gang that often exist just long enough to accept the payments and re-route them through difficult-to-trace crypto networks. The very best of these gangs are able to do this noiselessly and cover up all evidence of having made the payments in the first place by deleting the transaction data in the corporate network. It's like robbing a bank without the bank knowing anybody had ever been inside.

The cloud as cyber battlefield

Another form of cyber conflict that will define the next five years is the cloud as cyber battlefield. The COVID-19 pandemic created a massive acceleration in the adoption of cloud technologies. The pandemic ended the distinction between work and home, between personal technology and work technology. Work is done over home networks using personal devices enabled by connections to the corporation's cloud infrastructure. As what was projected to be four years of adoption of the cloud compressed into one year, the number of security holes have grown. Enterprise software and cloud applications used for remote work are being hit by critical-class bugs as more functions get moved into the cloud at such a fast pace. The cloud has usually been viewed as unhackable. After all, even the CIA and Pentagon trust it, and they should. But not all organizations have the resources and defenses of the CIA and Pentagon and even if their cloud solution is strong, it is only as strong as the security of that person accessing the cloud while working from home. Criminal cyber gangs probing for ways to access a corporation's intellectual property or other crown jewels stored in the cloud know to do so by probing employees working from home who may have relaxed their security practices.

These evolutions in cybercrime have spectacular costs. In 2021 the total cost of cybercrime is projected to hit $6 Trillion USD. Only the United States and China have economies larger than $6 Trillion. Several estimates project that number will grow to more than $10 Trillion by 2025, making cybercrime one of the defining issues and challenges for business and society in the years to come.

Alec Ross is an expert in technology policy, currently a distinguished visiting professor at the University of Bologna, and is a Board Partner at Amplo, a global firm, where he advises companies on technology, finance, education, human capital and cybersecurity. He is also the author of the New York Times best-seller The Industries of the Future, which has seen success on four continents and been translated into 24 languages. Ross has been a research fellow at Johns Hopkins University and also at Columbia University's School of Public and International Affairs. During the Obama administration, he was the secretary of State's chief innovation adviser, as well as the coordinator of the 2008 presidential campaign's Technology and Media Policy Committee. His most recent awards include the Oxford University Internet and Society Prize.

Article published in issue 7 of Shapes in March 2021.