Tag: cyber crime

The Virus in the Digital Domain: How Governments Can Respond To Coronavirus-Themed Cyberattacks

Courtesy of US Navy, used under Creative Commons license.

This is a guest post by William Akoto, a postdoctoral researcher jointly appointed at the Sié Chéou-Kang Center for International Security & Diplomacy at the Korbel School of International Studies, University of Denver, and the One Earth Future Foundation. In the fall, he will begin a tenure-track appointment at Fordham University. 

As people have become consumed with concern about the coronavirus, organized cyber criminal groups are actively exploiting uncertainty, doubt and fear to target individuals and businesses in a variety of ways. Reports of cyber phishing attacks using coronavirus themes started appearing in early February 2020, but these attacks have since become widespread. The explosion of coronavirus-related scams, range from fake storefronts hawking fake vaccines to sophisticated phishing scams that take advantage of the uncertainty around the pandemic. For instance, Google’s threat analysis group reported in late April 2020 that they find an average of 18 million malware and phishing messages per day related to COVID-19. This is in addition to more than 240 million COVID-related daily spam messages that are automatically deleted by Gmail spam filters. 

Analysis by industry experts show that a significant portion of these attacks are carried out by state-sponsored hackers, some of whom are targeting coronavirus-related research. Responding to these state-sponsored attacks poses a significant challenge to targeted states as they seek to navigate the foreign policy and international relations implications of retributive action. While technical solutions provide the best bet for responding to these attacks, government policy could play a crucial supporting role. In this post, I review modalities of COVID-19 themed cyberattacks and outline some options available to governments as they seek to deal with them.

Continue reading
Share

SOTU: Cyber What?

In last night’s State of the Union Address, President Obama briefly reiterated the point that Congress has an obligation to pass some sort of legislation that would enable cybersecurity to protect “our networks”, our intellectual property and “our kids.” The proposal appears to be a reiteration that companies share more information with the government in real time about hacks they are suffering. Yet, there is something a bit odd about the President Obama’s cybersecurity call to arms: the Sony hack.

The public attention given over to the Sony hack, from the embarrassing emails about movie stars, to the almost immediate claims from the Federal Bureau of Investigation (FBI) that the attack came from North Korea, to the handwringing over what kind of “proportional” response to launch against the Kim regime, we have watched the cybersecurity soap opera unfold. In what appears as the finale, we now have reports that the National Security Agency (NSA) watched the attack unfold, and that it was really the NSA’s evidence and not that of the FBI that supported President Obama’s certainty that North Korea, and not some disgruntled Sony employee, was behind the attack. Where does this leave us with the SOTU?

First, if we believe that the NSA watched the Sony attack unfold—and did not warn Sony—then no amount of information sharing from Sony would have mattered.   Sony was de facto sharing information with the government whether they permitted it or not. This raises concerns about the extent to which monitoring foreign attacks violates the privacy rights of individuals and corporations.   Was the NSA watching traffic, or was it inside Sony networks too?

Second, the NSA did not stop the attack from happening. Rather, it and the Obama administration let the political drama unfold, and took the opportunity to issue a “proportionate” response through targeted sanctions against some of the ruling North Korean elite. The sanctions are merely additions to already sanctioned agencies and individuals, and so functionally, they are little more than show.   The only sense that I can make of this is that the administration desired to signal publicly to the Kim regime and all other potential cyber attackers that the US will respond to attacks in some manner. This supports Erik Gartzke’s argument that states do not require 100% certainty about who launched an attack to retaliate. If states punish the “right” actor, then all the better, if they do not, then they still send a deterrent signal to those watching. However, if this is so, it is immediately apparent that Sony was scarified to the cyber-foreign-policy gods, and there was a different cost-benefit calculation going on in the White House.

Finally, let’s get back to the Sony hack and the SOTU address. If the US was taking the Sony hack as an opportunity in deterrence, then this means that it allowed Sony to suffer a series of attacks and did nothing to protect them. If this is the case, then the notion that we need more information sharing with the government may be false.   What the government wants is really more permission, more consent, from the companies it is already watching. Protecting the citizens and corporations of the US requires a delicate balance between privacy and security. However, attempting to corrupt ways of maintaining security, such as outlawing encryption only makes citizens and corporations more unsafe and insecure. If the US government really wants to protect the “kids” from cyber criminals, then they should equip those kids with the strongest encryption there is, and teach good cyber practices.

Share

Cyber Shrinkage: Loss and Cyber Security

scared duckThe nature of cyber discourse concerns me, and this is a point I have written about extensively with Ryan Maness (Valeriano and Maness 2012a, Valeriano and Maness 2012b, Valeriano and Maness 2014).  The idea is that threats we see materialize from cyberspace seem to vastly outweigh any other threats we have faced, ever.  Some argue this cyber threat is different, faster, and bigger.  I question this conventional wisdom.  Is the cyber threat really any different than any other threat we have faced?

Continue reading

Share

© 2020 Duck of Minerva

Theme by Anders NorenUp ↑