Back in the spring of 2014, the U.S. Department of Justice filed indictments against five officers of the Chinese military, in connection to the illegal hacking of multiple U.S.-based companies along with the International Steelworkers Union.
This week, the Justice Department filed indictments against three Russian and one Kazakh national, in connection with the massive hacking of Yahoo, which also took place in 2014. In this case, two of the Russian nationals are members of Russia’s Federal Security Service, more commonly known as the FSB. The FSB is the modern-day successor of the Soviet KGB. The other Russian and the Kazakh appear to be known cybercriminals, working in concert with these FSB operatives. The Kazakh was arrested in Canada, where he was residing.
What this all signals is what many already know: Cyberspace has become the new battlefield. Electronic warfare is certainly nothing new. I’m sure you remember in the first Gulf War in 1991 the first attacks were not by traditional means. The electric grid and communication systems were disrupted using new technologies, to render the target dark and unable to communicate while the more traditional military assault began.
Today, we are seeing a definite rise in cyber crimes designed to test nations, economies and even societal norms. There is a school of thought that says the next major conflict between world powers will be fought online and not on the streets of the actual countries. We know, for example, that terrorists have been highly successful recruiting and radicalizing individuals using online means. We now know the 2016 presidential election fell victim to hacking. What we don’t know for certain is whether these hacks actually influenced the outcome of the election in terms of actual results. It certainly influenced events, but also points to the fact the actual impact of hacking may be difficult, if not impossible, to properly qualify.
In the Chinese case from 2014, this was the first time actors of a foreign nation were implicated in a cyber attack that had tangible results. The case revolved around negotiations between U.S. corporations and the Chinese government. The hacking was done by a known unit of the Chinese People’s Liberation Army, specifically Unit 61398 based in Shanghai. The hackers were able to obtain commercial secrets that gave the Chinese government an unfair and until now, unknown, advantage in the negotiation of business transactions. This harmed U.S. economic interests in a tangible way.
Similarly, the new indictment stemming from the Yahoo hack, is likely to reveal significant impact to the economy as the result of the hack. The Yahoo breach is the largest cyber crime in history, exposing information on more than a half billion user accounts. That information was used to gain access to email not just on Yahoo’s systems, but Google and others are well. That information was then scanned for confidential information that allowed the hackers to access to credit card accounts, in some cases open new accounts as well as facilitating spamming and other nefarious activities.
If it were not clear already, cyber crime is a threat not just to us personally, but to our economic and national security. It remains far too easy for hackers to access confidential information and then use the new information gathered to enact more and more dangerous attacks.
While these two instances involve countries the United States is often at odds with, let’s keep in mind that our country is active in this area as well. It would be naive to think U.S. Cyber Command does not possess the same capabilities and hopefully more. I say hopefully, not because I want us engaging in hacking for nefarious purposes, but so that we, as a nation, maintain an appropriate offensive and defensive cyber capability to give our adversaries pause before they look to do us harm. In the realm of international relations, I’m sure other nations have the exact same intent. In cases where the capabilities are used for criminal activity, I’m glad to see our Justice Department making these indictments. While they will likely not result in any prosecutions, it does put hackers on notice that our country has the capability to identify their activity and make it known. It’s a new form of deterrence on the new battlefield.