NewsClick

NewsClick
  • हिन्दी
  • Politics
  • Economy
  • Covid-19
  • Science
  • Culture
  • India
  • International
  • Sports
  • Articles
  • Videos
search
menu

INTERACTIVE ELECTION MAPS

image/svg+xml
  • All Articles
  • Newsclick Articles
  • All Videos
  • Newsclick Videos
  • हिन्दी
  • Politics
  • Economy
  • Science
  • Culture
  • India
  • Sports
  • International
  • Africa
  • Latin America
  • Palestine
  • Nepal
  • Pakistan
  • Sri Lanka
  • US
  • West Asia
About us
Subscribe
Follow us Facebook - Newsclick Twitter - Newsclick RSS - Newsclick
close menu
×
For latest updates on nCOVID-19 around the world visit our INTERACTIVE COVID MAP
Politics
India
International

As US Loses its Edge, Game of Cyber Chicken Could Have Deadly Consequences

‘…all countries have offensive and defensive capabilities and ‘stealing” data and knowledge from other countries are time-honoured tasks of spook agencies. It becomes an act of war only if it leads to physical damage to critical equipment or infrastructure.’
Prabir Purkayastha
27 Mar 2021
As US Loses its Edge, Game of Cyber Chicken Could Have Deadly Consequences

Two major hacks—SolarWind and Microsoft Exchange Server—have affected a whole range of computers systems. Both are supply-chain hacks, meaning what appeared to be a routine software upgrade to a particular component in the system, instead inserted malicious code. In the SolarWind hack a backdoor in one such component was downloaded to systems of 18,000 organisations, including even the US Treasury, Commerce, Homeland Security and State Department.

In the Microsoft Exchange Servers hack, an estimated 250,000 machines might have been affected by a vulnerability which allowed hackers to control the machines and even infect other systems in the internal network of the targeted companies. Four vulnerabilities in Microsoft Exchange Servers were reported to Microsoft in early January. Unfortunately, Microsoft plugged these vulnerabilities only in early March. These vulnerabilities were used by the hackers during the period that Microsoft had either not released the patches, or in the time companies had not upgraded their systems and installed the patches.

In the SolarWind hack, the US authorities and security companies that work closely with the US government have blamed Russian intelligence agencies for the hack. In the Microsoft Exchange Server hack, the Chinese have been blamed. It is unlikely that either the Russians or Chinese spy agencies would execute such a widespread attack on systems. Their interests are better served by targeting a few critical systems and compromising them rather than infecting systems on such a wide scale.

The scale of the attacks multiplied exponentially, particularly after Microsoft announced the four vulnerabilities and released their patches. As email servers of a large number of organisations use Microsoft Exchange servers, a number of them, particularly small companies, were slow to apply the patches. This allowed a huge number of rogue hackers to get into the act, setting off a feeding frenzy of hacking such unprotected systems.

There have been calls for retaliating against Russia and China, even declaring these hacks to be acts of war. What such claims forget are that all countries have offensive and defensive capabilities and ‘stealing” data and knowledge from other countries are time-honoured tasks of spook agencies. It becomes an act of war only if it leads to physical damage to critical equipment or infrastructure.

Any identification of the kind that it is either Russian or Chinese is based on the evidence of supposed Russian or Chinese “signatures” in the software. The NSA tools dumped by Shadow Brokers on the internet in 2017 show that NSA can spoof signatures of other countries in their software. This problem is further compounded by NSA’s hacking tools being dumped on the Internet in 2017 by Shadow Brokers and now accessible to all hackers. This means that identifying the origin of software from such code “signatures” is conjecture, at best.

Why does the US expect Russia or China not to hack other country’s systems, when we all know that the NSA and CIA have been routinely hacking systems from all over the world? The Snowden revelations showed that the US and its Five Eyes partners did everything and more than it today is accusing Russia and China of doing. XkeyScore and Prism, two of the largest NSA programs, showed how systems across the world had been hacked or compromised. The NSA’s Tailored Access Operations hacked hardware that went to different countries, providing the NSA with physical backdoors into equipment in foreign networks. Not only did the US hack the rest of the world, including India, but it also did not spare even its close NATO allies like Belgium and Germany! In Belgium, NSA hacked its largest telecom company, then called Belgacom, which operates a large number of data links internationally. It serves millions of people, including top officials from the European Commission, the European Parliament, and the European Council. In Germany, the NSA had even bugged Angela Merkel’s communications.

The US has mounted a worldwide campaign against Huawei being a security risk for global networks and how a clean network means no Chinese equipment. On March 22, 2014, The New York Times and Der Spiegel, in a joint publication reported on an NSA program Shotgiant that hacked into Huawei systems and its network to find a link between Huawei and the Peoples Liberation Army. The NYT report says: “But the plans went further: to exploit Huawei’s technology so that when the company sold equipment to other countries—including both allies and nations that avoid buying American products—the N.S.A. could roam through their computer and telephone networks to conduct surveillance and if ordered by the president, offensive cyber operations...Many of our targets communicate over Huawei-produced products. We want to make sure that we know how to exploit these products... to gain access to networks of interest” around the world.

The NSA document above shows that it not only conducted surveillance operations in other countries networks, but also carried out offensive cyber operations. So if NSA or CIA compromises computers, routers or other equipment of a country, they not only exfiltrate data out of these networks, but also have offensive capabilities of inserting logic bombs in the target network or equipment to bring these down.

In a re-enactment of Obama’s campaign in 2013-14 against China and Russia on cyberwar and cyber espionage, the Biden administration is attributing all the major cyber hacks in the world to ‘evil’ Russian and Chinese actors. Obama’s campaign had to be aborted with the damaging Snowden revelations. The US appears to believe that the world by now has forgotten about Snowden. The time is ripe again for a renewed offensive on hacking against the Russia and China, and the Biden administration’s continuing Trump’s confrontationist policies with China and Russia.

The question is with growing offensive capabilities, can we continue to play this path of confrontation? Can we play this reckless game of cyber chicken without suffering devastating consequences? Can cyber offensive capabilities lead inadvertently to an attack that has physical consequences and therefore, a physical war?

With the Stuxnet attack on Iran’s centrifuges, a line of not causing physical damage using cyberweapons—the cyber Rubicon—was crossed. Dress it up any way we want, an attack on equipment processing radioactive material that could lead to possible radioactive leakage was the first use of a cyber weapon.

In a repeat of the atom bomb era, where the US thought that it had a long-term monopoly of nuclear weapons, the US considers its cyber dominance to be long term. Commenting on the US rejection of any proposal to ban cyber weapons, Mary Ellen O’Connell and Louise Arimatsu explained that the US’s resistance to proposals for a treaty may have been related to “US plans to use the Internet for offensive purposes […] U.S. officials claim publicly that Cyber Command is primarily defensive, but the reluctance to entertain the idea of a cyberspace disarmament treaty is raising questions about the true U.S. position.”

The US and its NATO allies have turned down every attempt within the UN framework for banning cyber weapons. Russia, China and many other countries tried for a UN process to discuss such a cyber peace treaty. In 2009, Russia proposed a treaty modelled on the Chemical Weapons Convention that would ban cyber weapons, a call it has repeated in the UN. The US has turned it down every time, arguing instead that every country should accept the Tallinn Manual. Tallinn Manual is a non-binding academic study sponsored by a group of NATO countries on how international law should be interpreted for cyberspace. It does not call for a ban on cyber weapons, only defines what it is and where its use would violate international law. Clearly, a far cry from a treaty on maintaining cyber peace and banning cyber weapons.

Cybersecurity threats are emerging as one of the most serious challenges of the 21st century. The Russians and the Chinese are not the only ones promoting a cyber peace treaty; or at least negotiations of do’s and don’ts in the cyber era. With the leak of the NSA’s tools and in the wake of Wannacry ransomware attacks, even tech giants like Microsoft started talking about nation-states—read the NSA in this case—not stockpiling and exploiting vulnerabilities in systems.

The reality that the US refuses to accept is that it is no longer the sole cyber hegemon. The Belfer Center of Harvard Kennedy School, Cambridge Massachusetts ranks cyber power of countries by both offensive and defensive capabilities. While the US is still the leading player in both, China is in second place and catching up fast. Russia, UK and others are still some distance behind, while India is way behind in the 21st place.

With computer systems and networks underpinning the global infrastructure, the risks of cyber weapons to the world are greater than ever before. We either work for cyber peace or we will inevitably tip over to a ruinous cyber exchange and possibly the splintering of the global internet with hard borders. If we do not enter the even more dangerous territory of a hot war that initially starts as a cyberwar.

Get the latest reports & analysis with people's perspective on Protests, movements & deep analytical videos, discussions of the current affairs in your Telegram app. Subscribe to NewsClick's Telegram channel & get Real-Time updates on stories, as they get published on our website.
Cyberwarfare
Microsoft Exchange Server Hack
SolarWind Hack
stuxnet
Cybersecurity
NATO
Related Stories
Kashmir: Fifteen of 39 Youths Arrested for Stone-Pelting to be Charged with PSA

Kashmir: Fifteen of 39 Youths Arrested for Stone-Pelting to be Charged with PSA

Zalmay Khalilzad. Photo : Wikimedia Commons

20 Years After Invasion, US Proposes a New Afghan Government That Includes Taliban

chinese

India’s ‘Forever Wars’ and ‘Forever Warriors’

US-Indian Strategic Construct of Western Indian Ocean Runs into Headwinds

US-Indian Strategic Construct of Western Indian Ocean Runs into Headwinds

Rioters stormed US Capitol, Washington, Jan. 6, 2021

Whither American Democracy?

Makeyev Rocket Design Bureau

US Risks Confrontation with Russia?

Medium and Small States in the Time of Multipolarity

Medium and Small States in the Time of Multipolarity

President Putin with then Kyrgyz President Askar Akayev during inauguration ceremony at Russian airbase at Kant, Oct. 23, 2003

An SCO Scuffle with US in Central Asia

Sri Lanka’s President Gotabaya Rajapaksa (R) received US Secretary of State  Mike Pompeo (L), Colombo, October 28, 2020

Lankan Dreams: India's 'Naivete' May Cost in the Long Run

Launch of a Tsirkon hypersonic cruise missile from Russian frigate Admiral Gorshkov during a test in the White Sea, Oct 7, 2020.

New START: Putin’s ‘Win-Win’ With Trump

Share on FacebookShare on TwitterShare on WhatsAppShare via EmailShare on RedditShare on KindlePrint
Share
Share on FacebookShare on TwitterShare on WhatsAppShare via EmailShare on RedditShare on KindlePrint
Share

Related Stories

M.K. Bhadrakumar

A ‘Win-Win’ for US, Turkey in Hindu Kush

12 April 2021
The zeal with which Washington is soliciting Turkey’s services to plot the pathway leading to the mainstreaming of Taliban in Afghanistan
Newsclick Team

With Cyber Offensive Capabilities Increasing, Why Not Ban Cyber Weapons?

10 April 2021
Newsclick Editor-in-Chief Prabir Purkayastha talks about two recent major cyberhacks, the increasing cyber offensive capabilities at the nation sta
M.K. Bhadrakumar

Ukraine: Frozen Conflict is Heating up

04 April 2021
The terrible beauty of “frozen conflicts” is that it takes hardly any effort to turn up the heat and re-escalate them into hot violence, but pressi

Pagination

  • Next page ››

More

  • Oxygen cylender

    COVID-19: Multiple Delhi Hospitals Allege Haryana Govt. Not Allowing Vendors to Supply Oxygen

  • Inter-caste Relationship: 19-year-old Girl Approaches HC

    Door-to-Door Vaccination not Possible, Centre tells Bombay HC

  • Oxygen Cylender

    Maharashtra: 22 COVID-19 Patients Die after Oxygen Leak Cuts Supply

  • Rona Wilson

    Bhima Koregaon: New Forensic Analysis Reveals Further Evidence Planted Against Activists

  • Load More
Subscribe
connect with
about