Several news outlets are reporting that Russian hackers are using an upcoming conference in D.C. as “bait” to lure high-profile security experts into a trap.
Though often thought of as a high-tech world of boffins and geeks, the way in which cyber warfare is actually conducted relies as much on old-school spy techniques as high-tech wizardry. If recent news stories are to be believed, the cyber espionage currently being conducted between the U.S., China, and Russia looks an awful lot like the Cold War.
This is not a coincidence: perhaps the most useful way of understanding cyber warfare today is to see it as the continuation of the Cold War. Some of the techniques might have changed, but the aims remain largely the same.
The most recent attack has been carried out by the hackers known as Fancy Bear and APT28, the same groups that were behind last year’s election meddling. The way it was carried out sound like a John le Carre novel, albeit with the coded communiques replaced with emails.
Those attending the upcoming International Conference on Cyber Conflict were the targets. The event takes place in D.C., and is being hosted by the U.S. Army and a NATO Cyber Defence institute. There are some pretty formidable guest speakers, and the event has attracted interest from civilian and military cyber security experts from around the world.
Good targets, in short, for the Kremlin to either spy on, blackmail, or recruit.
The implementation of the attack is amusingly amateur, but perhaps no less effective for that. The hackers sent around a flyer for the event, a Microsoft Word file called “Conference_on_Cyber_Conflict.doc.” I managed to acquire a (quarantined!) copy, and it looks pretty legitimate. It’s got the logo of the conference on it, and looks like it comes from the event organizers.
The virus is a macro script. Those of you with some experience of cyber security might have had to suppress a giggle there. I know. A macro? In 2017?
In any case, if the script is run it installs Seduploader, a piece of malware well known from recent attacks. It allows hackers to take screenshots, and retrieve basic system information. Whilst that may sound relatively benign, a well-timed screenshot can be a good way of capturing sensitive information, and even basic access to a victim’s computer allows hackers to target further attacks on those with high-level security clearance.
As I said, the attack resembles the plot of a Cold War-era thriller. This is not surprising. In many respects, the cyber conflict that the U.S. is now engaged in is a continuation of the Cold War.
The sides in the conflict haven’t really changed. The three big players in cyber warfare at the moment are the U.S., China, and Russia, just like the old days. It’s been reported that China may have as many as 100,000 cyber soldiers, and we are all aware of the recent attacks that Russia has made.
The covert nature of this warfare also resembles the Cold War. The cyber attacks we hear of in the news media represent just a tiny proportion of the secret activity going on behind the scenes. For every huge attack that affects millions of civilians — often by accident — there are dozens focused on individual agents and military installations.
There is also something approaching the same doctrine of the Cold War. If, during the 1970s, the Superpowers operated under a policy of Mutually Assured Destruction, we can call the current doctrine Mutually Assured Restraint. For the moment, at least, it seems that there is a tacit understanding between the powers: that massively destructive cyber attacks will not be launched, because this is likely to lead to an escalating chain of reciprocal attacks.
This situation is, unfortunately, going to change. One of the reasons that Russia has poured so much research funding into cyber warfare, and become so adept at the practice, is that it knows it cannot compete with the U.S. in terms of conventional weaponry.
But other nations have caught on to this idea, and they are a lot less predictable than our old Cold War allies. For countries like the DPRK and Iran, who feel themselves increasingly under threat now that Trump is president, developing cyber weapons is a cheap, fast, and effective way of evening the balance of power.
In short, though the Cold War might have ended, in terms of cyber warfare it is just beginning.
Sam Bocetta is a defense contractor for the U.S. Navy, a defense analyst, and a freelance journalist. He specializes in finding radical — and often heretical — solutions to "impossible" ballistics problems. Through Lakeview Capital, he also cultivates funding for projects — usually naval, defense, and UAV startups. He writes about naval engineering, mechanical engineering, electrical engineering, marine ops, program management, defense contracting, export control, international commerce, patents, InfoSec, cryptography, cyberwarfare, and cyberdefense. To read more of his reports — Click Here Now.
© 2022 Newsmax. All rights reserved.