In this article we will focus on interesting cyber conflicts evolving between nations. this will be two parts article covering some of the interesting events between nations.
Conflict 1 – United Kingdom vs Russia
Protecting critical infrastructures and citizens are of great concern to the government and public of the UK. In 2017, the wannacry cyberattack took down large portions of the National Health Service and caused many other damages, which led to the UK being particularly sensitive about cybercrime.
Recently, the UK has begun to blame Russia for trying to target its critical infrastructure, or for supporting other cyber attacks aimed at the UK.
Working together with the US, the UK released a joint statement accusing the Kremlin of being behind cyber attacks which targeted the critical infrastructure in both countries.
The UK has specifically pointed at the GRU, Russia’s military intelligence service, as the government entity standing behind those attacks.
British Intelligence helped the Netherlands army track down 4 GRU officers in their country and deport them for espionage. The GRU officers were found near the Organisation for the Prohibition of Chemical Weapons building with a car containing sophisticated computing equipment.
Later, the Russian Foreign Ministry claimed in a statement that the four men had been sent to test the IT security of the Russian embassy’s computer network, not to hack into the computers used by the OPCW.
The British were able to help locate the officers after they were suspected to have unsuccessfully hacked the UK Foreign Office in March and Chemical Weapons facility in April. This caused UK Intelligence to begin tracking them.
This same unit that was stopped was also blamed by British officials who said that the unit had travelled to Malaysia to attempt to hack the investigation into Malaysia Airlines flight MH17, which investigators have said was shot down by a Russian military missile, killing all 283 passengers and 15 crew on board.
And still after all of that, no country tried to stop them. The officers returned safely home after being expelled from the Netherlands.
The cyber relations between these two countries are developing. This confrontation could escalate, leading to campaigns of cyberattacks sponsored officially by the governments of these nations. Stay tuned for more.
Conflict 2 – USA vs. China
This sort of conflict isn’t new.
The US and China have been blaming each other about cyber incidents for many years now.
Since there are so many events, we will only focus on one of the latest, and keep expanding on it in the future.
We already discussed the big hack that was exposed by the US: China performing a successful chain of supply attack and getting highly sensitive intelligence. We also covered the aviation industry’s cyber security in dedicated podcasts, so let’s focus on that.
Lately, the U.S. Department of Justice said it had arrested and indicted a spy for China‘s Ministry of State Security on charges of economic espionage and attempting to steal trade secrets from several U.S. aviation and aerospace companies including GE Aviation, one of the world‘s largest aerospace firms.
The Washington Post reported the Chinese operative was lured to Belgium by U.S. agents, detained, and extradited to the United States.
This looks like an escalation in the cyber activities because the US was able to identify, track down, and detain a person that was in China to bring them to the USA.
The indictment said he has targeted aviation firms since around December 2013. It also said he recruited experts to travel to China, often for the initial purpose of delivering a university presentation, and paid their costs.
Former U.S. President Barack Obama and the Chinese President had reached an understanding in 2015 to not perform cyber espionage campaigns.
Chris Painter, the former U.S. State Department official who negotiated the agreement at the time, said in a Twitter post it was “not surprising that now the relationship has deteriorated, so has the agreement.” (he just forgot to mention the suspected espionage activities started before 2013 and continued till recently).
There is much more to discuss about these two countries. We will follow them in future as well.
This is only one incident that happened lately and appears to be another escalation in the cyber cold war taking place these days. Stay tuned for more.
Stay safe and see you at the next time.
www.cybercure.ai for the latest podcasts and cyber intelligence.