cyberarmscontrolblog

International Agreement for Control of Cyber Weapons

Month: December, 2015

December 28, 2015

December 2015 Cyber War Coverage

December, the supposed holiday time for most of the world, was filled with substantial coverage of the world’s raging cyber war.  Newsweek Magazine carried a special edition on The Art of (Cyber) War. It noted that a federal government database had been hacked so that the highly personal information for 21 million government employees information was published. It also notes that “by 2018” we can expect that the U.S. Department of Defense will deploy a new cyber defense program that will include a “task force” to protect America. Here is some more information.  The Identity Theft Resource Center reported 641 data breaches in 2015.  It also reported that “more than 175 million [U.S. citizens] people had their information exposed in data breaches in 2015”.

Companies such as Sift Science were reporting rapid growth: “Every day, businesses worldwide rely on Sift Science to eliminate fraud, slash costs, and grow revenue. Our cloud-based machine learning is powered by 5,000+ unique fraud signals and a network of 1,500+ websites (and growing).” Sift uses “large scale machine learning technology” to analyze data and connect “thousands of seemingly unconnected clues left behind by fraudsters.”  Artificial intelligence (AI) is being used to catch Internet fraud. Machine intelligence (The Helix(TM) Security Engine) also is being used by Lookout, a security firm that focuses on the mobile phone market.

Not only the United States is concerned.  Salìh Biçakcī from Kadir Has University in Turkey reports that cyber attacks against Turkey are increasing, and that “the state is not prepared for approaching cyber wars”.  Turkey has been under a Distributed Denial of Service (DDoS) attack for most of December. Biçakcī argues that Turkey’s government is not set up for the type of coordination needed to withstand a determined cyber attack.  Many other governments must be having the same thoughts.  Biçakcī has authored such documents as The Rebirth of NATO between New War and Cyber Security and The role of information technology in responding to Terrorism. Because of ties between Turkey and ISIS, Anonymous attacked Turkey’s banking sector, according to TechWorm. Anonymous warned “Dear government of Turkey, if you don’t stop supporting ISIS, we will continue attacking your Internet, your root DNS, your banks and take your government sites down“.  Anonymous “took 400,000 [Turkish] sites offline for 7 days“.

Anonymous has published a chronology of events in its war against ISIS.  It calls the action “OpISIS”.

In India, Tarun Vijay a member of the Bharatiya Janata Party (BJP) has been demanding that India set up a separate ministry for cyber security. As reported in the Indian Express, “[I]n the last five months 50,000 cyber attacks have been reported and nearly half of India’s internet population was being hit by cyber attackers”.

The above summarizes only a few events in December. As stated earlier, cyber war and cyber weapons are multiplying.  They are one of the most important tools of today’s warfare. A set of Cyber Arms limitation talks are surely needed.

Leave a comment
December 22, 2015

Xi Jinping and Laws for Cyberspace

At the recent World Internet Conference, held in Wuzhen, Zhejiang province, the President of China Mr. Xi Jinping gave a speech setting forth priorities for Internet Governance.  The view of the Government of China is that each country should control its own Internet and set its own rules for cyberspace.

This means that the Chinese government sets a priority on monitoring the Internet to ensure that it is not used for unlawful activity.

It is hard to argue with a government that does not wish for the Internet to be used for unlawful activity.  All governments agree with this view.  The Internet should not be a free zone for criminals.

The only issue, then, is what is criminal activity.  Obviously this varies from nation to nation.  What is protected speech in one country might be illegal in another.  What is protected journalism in one country might be illegal activity in another.

This distinction is a source of conflict in debates over Internet governance.  People on outside of China might criticize Chinese monitoring of the Internet inside China, but in essence what they are criticizing is Chinese law as it is written or interpreted or enforced inside China.

An international issue arises if activities take place on the Internet outside of China, but those activities if carried out inside China would be considered criminal.  In those cases, China reserves the right to block those activities from crossing through the Internet into China.  Again, this is a question of Chinese sovereignty.

And here we are using the example of China, but national sovereignty is an important issue for all nation states.

A complication arises in cases where China cuts off entire services from being provided in the Chinese market.  For example, Facebook is not allowed in China.  This is not a question of Chinese law, but instead is a matter of non-tariff barriers to trade in services.  Many are of the view that it should be condemned because there is no reason why Facebook or any other outside provider of Internet services could not be monitored for criminal activity the same way that services inside China are monitored.

These are issues that need to be considered in negotiations concerning international trade in services.

It also is true that it is illegal to hack in China.  This means that if one is in China and they hack a Chinese website, then a law is broken.  It is not clear if it is a violation of Chinese law if a person inside China hacks a computer that is located outside of China. There might be a potential to further international discussions on this issue.

These discussions on Internet censorship and control, and its connection to national sovereignty are interesting and important, but are outside the scope of consideration regarding cyber weapons.  The reality is that development of cyber weapons will always be legal within a nation state the same way the development of any other type of weapon is legal.  Cyber weapons are an integral part of the right of self-defense of a nation.

There is a cyber arms race now, and people need to be thinking about how to control the proliferation of cyber weapons.

 

Leave a comment
December 21, 2015

Lomonosov University Information Security Institute

Lomonosov University in Moscow is more commonly known as Moscow State University. It is named for Mikhail Vasilyevich Lomonosov (Михаи́л Васи́льевич Ломоно́сов) who lived from 1711 to 1765 and discovered the atmosphere of Venus and the Law of Mass Conservation in chemical reactions.  He was a polymath (πολυμαθής), a person who masters a significant number of different subject areas.

The Information Security Institute (Институт проблем информационной безопасности) has been working on a number of information security issues.  In April of 2015, it held a Forum in Garmisch-Partenkirchen, near Munich.  One of the topics on the agenda was on Proposals on Frameworks for Adaptation of International Law to Conflicts in Cyberspace.  Other discussions focused on critical infrastructure security.  Of interest was a workshop on “Countering the threat of the use of social media for interference in the internal affairs of sovereign states (extremism, radicalization).”

The Information Security Institute managed to put to bring together a number of institutions in previous forms including (1) Lomonosov Moscow State University (LMSU) Institute of Information Security Issues; National Academy of Sciences of Belarus the United Institute of Informatics Problems; Internet Society of Bulgaria; China Association for International Friendly Contact (CAIFC); E-Government Division Ministry of Finance (Israel); Indian Institute of Information Technology in Allahabad; Cybercrime Research Institute (Germany); “MFI SOFT” LLC (Russia); State University of New York (SUNY, USA); Global Cyber Risk LLC CEO (USA); Tokai University (Japan) SPIRIT; EastWest Institute (USA); Defence Research & Development Organization (DRDO), Ministry of Defence, Government of India; PayPal Inc. (USA), Qafqaz University (Azerbaijan); The SecDev Foundation (Canada); Insubria Center on International Security – ICIS (Italy); Institute of Information Security and Cryptology (IIS&C) at the Gumilyov Eurasian National University (Kazakhstan); Institute of Electronics and Telecommunications under Kyrgyz State Technical University (the Kyrgyz Republic).

We are awaiting the results of the discussion on an international convention, or on international law.

 

Leave a comment
December 20, 2015

Cyber War or Propaganda War?

On December 15th, 2015, the Republican party held its last debate of the year.  It is near Christmas, followed by New Years, and this is a time of year when people do not pay much attention to politics.  So the candidate heading into this season with the highest poll numbers is more than likely to win at least the first few primary votes.

The United States has a complicated electoral system for electing its President.  There is nothing else like it in the world.  Each party must hold “primary” elections in each individual state.  In those primaries, delegates go to a meeting and vote on the candidate they want to represent them in the general election.  Republicans have one primary, Democrats have another.  It is an intensely local process. Then these delegates from each state go to a national convention and then vote again and confirm the nominee of their party, and then there are two candidates for the national “general” election.

During the debate, several issues regarding cyber warfare came up.

Chris Christie, Governor of the State of New Jersey

Chris Christie was asked about what should be the response of the United States to state-sponsored hacking from the People’s Republic of China.  His answer was that the United States should launch a counter-attack.  This sounds logical, tit for tat.  But what is interesting is the type of attack he suggested.

He suggested that information should be taken that shows the corruption of Chinese officials.  “The Chinese people need to be shown just what a corrupt government they have.  How the government leaders and a series of industry leaders all over the country are stealing from the Chinese people.”

There is no verification that Chinese leaders are stealing.  Whether they are is not the point here.  The interesting thing about Christie’s idea is that state-sponsored hacking can be used to collect embarrassing information about a foreign government, then the information can be leaked to the international press and used to discredit the government, leading to possible civic unrest.

This may be the first this type of cyber war strategy ever has been suggested by a political leader in the United States, potentially anywhere. It is the opposite of a kinetic strike.

Is secretly releasing information regarding the criminal activities of a foreign leader a type of cyber war, even if the information is true, but if the information has been stolen through hacking.

Donald Trump, Entrepreneur

During the debate, Donald Trump was criticized for “wanting to shut down the Internet” in response to the growth ISIS.  His response was that he never suggested shutting down the Internet, but that “ISIS is using the Internet better than we are”.  He also stated that it would be a good idea to shut down the Internet in places where ISIS is originating its hateful propaganda and recruitment efforts.

Then he said that it might be even better if the Inter were used to penetrate ISIS and find out about them “so that they can be destroyed”.

Both of these candidates offer interesting views of cyber space and how it is part of war.  Indeed, cyber weapons are on the menu for everyone.

 

Leave a comment
December 11, 2015

The Cyber Trails of San Bernadino

There continues to be a buzz in the international media and throughout the national security establishment.  How is the Internet being used for recruitment of terrorists?  If it is being used for this, then should it be “shut down”.  Current presidential candidate Donald Trump keeps making the point in his stump speeches.  “We [meaning the United States] invented the Internet, but now they are using it better than us.  They are using it for recruiting of new members”, referring to the online activities of the genocidal group Daeush.

Today it was reported that the FBI is sending underwater divers into a lake near the home of the San Bernadino terrorist criminals.  The purpose?  To locate disk drives and other cyber evidence that had been ostensibly destroyed by the murderers prior to their machine gun attack against people with disabilities.

Reports also indicate that attempts were made to destroy all of their electronic technology, including computers and mobile phones. The criminals knew that after they had been killed as a result of their murderous activities, the investigators would do a complete “cyber investigation” to determine the social system in which they were operating.  An attempt would be made to find all persons who are in a one-degree or two-degree relationship with the murderers.

In particular, there is the issue of trying to discover what other contacts this ilk had, and whether or not it links to the genocidal criminals operating overseas.

What is the implication here?  First, these international religiously motivated criminals and murderers have gone through a learning curve.  They know that the cyber world follows them everywhere they go, and consequently, they wish at all times to remain “under the radar”.  They do not wish to be noticed, and in case something happens, they do not wish for anyone to be able to follow their cyber links to others in their group.

So they destroy the cyber evidence found in their electronic Internet-enabled equipment.

Thank goodness for meta-data, and for record-keeping, and for the pen-trap statutes.  Using this information that is stored by vendors of information technology and telecommunications services, combined with traditional information such as phone records and financial records, it should be possible to piece together the Living System that supported these criminals.

Implications for a cyber convention

What is the implication for a cyber convention?

One of the key elements of any new convention must be the obligation of each nation state to assist in cyber crime investigations.  The concept of “cyber crime” would include international terrorism.

How this cooperation might take place would vary according to the type of problem, and the type of technology involved.  It might mean, for example, that security and intelligence agencies world-wide would be obligated to help each other in sharing of cyber-based information on criminals operating in cyber space.  (See the Interpol announcement.)

Since there is little or no cooperation between nations at this time, although it is increasing, the formalization of this type of mutual assistance in the form of a part of an international convention would be a giant leap forward.

 

 

 

Leave a comment