KILL WITH A BORROWED KNIFE
By Victoria Loewengart (Partner, TBI, www.insidertalk.net)
02 Jun 11. “Kill with a borrowed knife” – …./….- is one of 36 Chinese Stratagems. (i)
Is hacktivism such a knife? Granted, governments cannot really control what hackers are doing and their entrepreneurial drivers, but can that be influenced? Governments, being aware of the strengths and weaknesses of their adversaries, are hurriedly forging Cyber Warfare conventions and agreements. (ii)
Although everyone is aware of the threat, nobody wants to be engaged in full-blown cyber warfare with a technically-savvy adversary. Besides, engaging in cyber warfare on a state level may constitute a declaration of war, and conventional war, especially among the super-powers, is highly undesirable to all. (iii)
There is a way, however, to maintain deniability and yet engage in a cyber conflict through the deeds of “rogue hackers.” This could be done through indirect influences, such as propaganda, relaxed or non-existent laws regarding creating and distributing malware, and making tools of hacking directly available to the less technically-savvy masses when the time is right.
The phenomenon of hacktivism could be manipulated and turned against the state adversary while the government can deny an act of cyber war. (iv) The scale and magnitude of cyber attacks on Estonia and Georgia using DDoS attacks suggests that many individuals were involved in the attacks, and it also suggests that somehow the tools of these attacks were readily available to them. In the case of Estonia and Georgia, the malware attacks were conducted in one cyber carpet bombing effort, and the hacktivist leaders claimed responsibility while the Russian
government actively denied participation. (v)
The same is happening now between China and the West. It started in a slow deliberate motion, and now it is steadily gaining momentum. Did we get to the point of no return? Since 2003 an extensive cyber-penetration effort by Chinese hackers called Titan Rain has continuously been targeting U.S. research, military, and commercial networks. (vi) Now we are bombarded with cyber attacks from China. Lockheed Martin and RSA Tokens (vii), Northrop Grumman (viii), Gmail accounts breach (ix), and many more, all within last couple of weeks. Titan Rain turned into Titan Storm…. The attacks are getting more brazen and more sophisticated, and the worst is yet to come. They are just testing the waters.
There is a large variety of commercial and free malware toolkits available for wannabe hackers in China who are backed by Maoist ideology and no recourse for infiltrating of Western military and civil infrastructures… as the Chinese government self-righteously denies the involvement. (x)
What to do about it? Reactive defenses, such as fire-walls and anti-virus checks are no longer effective. The only way to deter the hackers is to turn their weapons against them. It means actively striking back using specialized botnets, viruses and software agents directed at the hackers, following their trails, trapping then with honeypos and honeynets (xi), striking them at the source, exposing their identities and disabling their own computers and networks.
References:
i Carr, Jeffrey. Insider Cyber Warfare. O’REILLY, 2009, 174.
ii Rauscher, Karl Frederick, and Andrey Korotkov. The Russia-U.S. Bilateral on Critical Infrastructure Protection
Working Towards Rules for Governing Cyber Conflict Rendering the Geneva and Hague Conventions in Cyberspace.
An advance publication of this paper was presented at the Munich Security Conference, February 4-6, 2011., New
York, NY: The EastWest Institute, 2011.
iii Schneier, Bruce. “Cyberwar.” Schneier on Security. June 4, 2007.
http://www.schneier.com/blog/archives/2007/06/cyberwar.html (accessed May 20, 2011). and Lt. Com Matthew
Skeletov via Carr, Jeffrey. Insider Cyber Warfare. O’REILLY, 2009, 47
iv Krapp, Peter. “Terror