Cyberwar, US, Russia and the non-State Actors: Frenemies with Benefits?

Cyberwar, US, Russia and the non-State Actors: Frenemies with Benefits?

The past year has been compounded with multiple events and mounting evidence to suggest that the USA and Russia have entered ever-escalating cyber hostilities. Private email accounts of politicians have been hacked and released to the public, bank accounts have been hijacked, DDoS attacks are prevalent and prominent elected officials have claimed foul cyber play to manipulate elections.

If Putin did indeed ‘assist’ Trump to get into power, surely now all bets are off and we will move into the Glasnost era where all arms are laid to rest.

Setting the cyberwar scene

Dr. David Strupples, Director of the Center for Cyber Security Sciences at City University of London, revealed that Russia had been preparing a holistic approach for cyber conflict, since 2007. Russia designed a multifaceted cyberattack plan combined with other methods, such as propaganda masquerading as news, funding NGOs to seed political instability and massive investments in electronic cyber tools.

Through these three methods, Russia is (or was?) aiming to achieve what they call "reflexive control" (i.e. psychological warfare) to sow confusion, thus bringing their enemies to make wrong decisions. In a clever move, Russia also built a massive army of over one million programmers, who are affiliated with over 40 cybercrime gangs nationwide.

Through this massive network of illegal organizations, Russia can continue to attack whoever it wants, while feigning innocent. They can easily blame the attacks on "the criminals"while not only turning a blind eye, but commissioning them to commit the attacks. It was no wonder that in 2008, the United States pointed fingers at Russia for using a malware called Agent.btz to steal data from the NSA.  Even as late as mid February, President of the Ukraine, Petro Poroshenko, accused Russia of committing 6500 cyber attacks against its country in the last two months alone. So, there is certainly room for concern. 

The US Elections

According to the CIA, Russia did indeed try to use reflex control to meddle in the US elections. A senior US official stated that there is now a consensus in the intelligence community that Russia hacked and released many thousands of private emails belonging to Hillary Clinton and the Democratic National Committee to sway US public opinion before the presidential election.

Additionally, the CIA report pointed to Russian use of third party entities to both hack and distribute sensitive materials to WikiLeaks. It should be noted that Julian Assange, WikiLeaks Founder, confirmed that the materials were not received from the Russian Government itself, but from third party sources. Russia officially denied the CIA report and Russian Foreign Minister Maria Zakharova even declared that Russia would cooperate in any ongoing investigations.

Meanwhile, this past November, the United States is suspected to have involved a Ukrainian hacking group known as the "Ukrainian Cyber Alliance" to hack into Kremlin emails, the first attack of its kind. Victor Zhora, the head of Infosafe, provided several reasons that he believed pointed to US involvement in the attack, despite US denials. First the group provided a sophisticated video providing in-depth analysis of the attack, translated fluently into 5 languages.

Secondly, the attack itself was too sophisticated to be conducted by a previously unknown amateur group. The same month the Kremlin was cyber-hit, a mass DDoS attack involving over 20,000 IoTs from 30 countries disrupted Sberbank and Alfa Bank among others. And a month later in December hackers stole $30M from the Central Russian Bank by using false credentials. The FSB (Federal Security Service of the Russian Federation) stated that the attackers used servers in the Netherlands, which were registered under BlazingFast, located in Ukraine.

The cyberattacks coincided with cyber retaliation warnings by US Vice President Joe Biden. Biden stated that the US would hit Russia "at the time of its choosing and to have the greatest impact". Considering the Infosafe analysis of recent events, the US is certainly trying to match Russian third party attack methods in tit for tat.

A new dawn for cyber relations between Russia and the US?

Outgoing President Obama called for an immediate investigation into the US election interference by Russia, while President Donald Trump called for the country to move on from the issue. Trump even ridiculed the CIA allegations by comparing them to George Bush's WMD allegations against Saddam Hussein.

It is irrelevant whether Trump is trying to focus on more pressing issues or just trying take the focus away from his allegedly tainted victory, but at the end of the day he might just succeed in cooling the cyber spirits between the countries. Despite this, accusations continue to fly that Russia is on an information warpath. In early February, UK Defense Secretary Michael Fallon made waves when he accused the Kremlin of weaponizing information to increase its influence and destabilize alliances.    

What remains to be seen is, if Russia and the US decide to lay the keyboards to rest, could the wide networks of cyber criminals that they created ever be contained? Have the underhanded cyber tactics changed the cyber landscape as we know it?