What's up with the cyberwar between Russia and the US? - Security in the cyberspace

I don't think there's anyone reading this who hasn't at least once heard of the seemingly never-ending cyberwar between Russia and the US, however, how many of us actually know what goes down in cyberwars and how the issue of security in the cyberspace has influenced many diplomatic relations. This article will not get too technical on the details, after all, we are not a programming magazine, however, we are going to explore, through the prism of diplomatic relations how the appearance of cyberspace and, later on, cyber threats, have created a new area of international security which needs to be addressed by DISEC.

And then there was...cyberspace

Even before the appearance of the internet, back in 1983 (yes, I know, people who are just 37 years old are older than the internet, it's honestly quite shocking), cyberspace was already a part of people's lives, even though the term did not appear long before the appearance of the internet. The term 'cyberspace' was first used by an American-Canadian author in 1982, in a story published in 'Omni' magazine and his book 'Necromancer'. The word referred to a computer network and that is essentially the meaning it has kept to today. If we were to give a formal definition, cyberspace is the virtual medium created trough links between computers, Internet-enabled devices, servers, routers, and other components of the Internet’s infrastructure. (It's a very pompous definition, I know.)

Since the first large-scale computer network was created in 1969, the world has been experiencing cyberspace. At first, access to computer networks was limited to government institutions such as universities and these networks existed independently from one another, creating a multitude of cyberspaces, which were generally quite small in nature, at least compared to the level such networks have reached today. However, this restrained access ended when the internet was created, which had the main purpose of connecting computer networks together.

At first, the internet was to be strictly used by the government and government bodies and its use for commercial purposes was strictly forbidden. In spite of that and thanks to the lack of a clear and objective definition of commercial use, the first internet service provider companies were formed in the late 1980s and, with the invention of the world wide web in 1989, cyberspace expanded into a unified network connecting almost the entire world, not just academic or government networks anymore.

As the internet evolved, with more and more people connected through it, cyberspace became no longer something that could be easily regulated, as was the case of computer networks before. Some users of the internet thought that cyberspace should be under the jurisdiction of no country and that it belonged to its users, who would establish their own rules, would manage conflicts without resorting to the laws or judiciary system of any country and, maybe most important of all, grant complete freedom of expression to its users. In this sense, John Perry Barlow published in 1996 “A Declaration of the Independence of Cyberspace”, however, as both analysts and governments strongly advocated for and showed the relevance of both national regulations and international agreements to govern cyberspace. As time passed by, it is clear that such regulations were necessary for reasons we are soon going to explore.

When the issue of security started

When cyberspace first appeared, digital security was not something to be considered necessary, since computers were connected to others that they trusted and there was no actual threat to be encountered in the cyberspace. However, that soon changed with the appearance of computer malware.

The first-ever computer malware was born from a research project in 1971, when a man named Bob Thomas realized that it was possible for a computer program to move across a network, leaving a trail wherever it went if programmed to do so. He made a program named 'Creeper', which was designed to travel through the servers of an early computer network and leave the following message "I'm the Creeper: catch me if you can!".

After seeing it, another programmer named Ray Tomlinson (yes, the same guy who invented the email) tinkered with it and was able to make it self-replicating, hence creating the very first computer-worm. However, he did not leave the program to roam for too long on computers and was quick to create what was also going to be known as the first-ever piece of antivirus software, named 'Reaper', in order to get rid of Creaper (honestly, not only are these names kind of hilarious on their own, but after watching "The 100" I am outright concerned).

When looking at the first computer malware, we could hardly call it a security threat, as it is, more than anything, a digitalized form of graffiti, that came to be out of academic pursuits. However, once people realized that such programs could be created, it didn't take long for some to develop such programs that have caused much more damage and, later on, had illicit purposes. In 1984, due to concern that crimes committed in the cyberspace would go unpunished, the United States adopted, under the Comprehensive Crime Control Act of 1984, Title 18, a computer fraud law, which was later amended, by adding the Computer Fraud and Abuse Act (CFAA) in 1986, which prohibits accessing a computer without authorization, or in excess of authorization. The first-ever person to be charged under this law was Robert Morris, now a tenured professor at MIT, who tried to discover the depth of the internet by using a self-replicating program designed to propagate through networks. Naturally, not only was this conflicting with the CFAA, but it also reduced the internet's speed to barely a crawl, having infiltrated a massive amount of computers.

In the '90s, there were about tens of thousands of known computer malware sample, however, by just 2007, there were being produced over 5 million such samples a year and it is estimated that nowadays half a million new samples are being produced every day. Not only this, but computer malware is constantly evolving by each day, however, thankfully for us, the ordinary people, we are not the targets to the most malicious of them and, whereas malware technology is evolving by each day, so does antivirus software, which is becoming better at preventing even us encountering such a piece of malware.

However, it is unfortunately not always enough for us to have the most advanced piece of antivirus software, something proved by pretty recent cyberattacks, such as the WannaCry ransomware attack, which used an exploit of the Microsoft Windows operating system, that, in spite of having been addressed in several patches, it still was not eradicated from all computers, hence allowing its spread. The attack lasted for only four days and it was resolved thanks to a series of emergency patches released by Microsoft, but, at that point, it had already affected over 200,000 computers in 150 countries and amounted to total damages ranging from hundreds of millions to billions of dollars.

Let the cyberwarfare begin

If you thought the usual cyberattacks mentioned in the previous section were bad enough, then you are definitely not going to be pleased with what you're going to read next. Naturally, as absolutely any other aspect of our lives, cyberthreats and cybersecurity soon became areas of interest to international interest. Rapidly after the invention of the first computer malware sample, Creeper, nations started to exploit such pieces of computer code into what came to be known as cyberwarfare. According to the U.S. Congressional Research Service, cyberwarfare "is typically conceptualized as state-on-state action equivalent to an armed attack or use of force in cyberspace that may trigger a military response.” The very-first cyberattack was conducted by the United States in 1982, altering a software of the Soviet Union in order for it to make the Trans-Siberian pipeline explode, in response to learning that the Soviet Union was planning on stealing software from a Canadian company in order to control the pipeline.

Naturally, things only went downhill from there. In 1986, a German computer hacker by the name of Marcus Hess managed to hack an internet gateway at the University of California at Berkely and used that connection to access the Arpanet. He then hacked into the 400 military computers, including the mainframes at the Pentagon, with the intent of selling the state secrets discovered to the KGB. Fortunately (for the United States at least), a physics researcher named Clifford Stoll detected the intrusion into the university's servers and managed to track down the hacker.

From then on, cyberwarfare separated into two main categories: intelligence- gathering threats and actual attacks. Even though the first one may seem less dangerous than the other, both of these can inflict much damage to the targeted country and provide the attacker with a clear edge on the international scene. For example, just this year, a North Korean hacking group has been accused of conducting a cyber espionage campaign against government entities in South Korea, Japan and the United States, with the purpose of collecting intelligence on national security issues related to the Korean peninsula, sanctions and nuclear policy. The information collected through these attacks could very well compromise the security of the affected countries, by providing a foreign country with much at stake vital information to bargain over them.

The clash between two world powers - US and Russia

When you are one of the world powers, it is natural for any matter concerning you to be highly mediatized, however, that is even more the case when you are the United States or the Russian Federation.

The US and Russia have never had the best diplomatic relations, however, in this day and age, conflicts all around the world have started to shift to the cyberspace, inflicting damage on the intelligence agencies of a country and its infrastructure, rather than through annexing its territories. That is the case here as well, both countries allegedly making use of the plausible deniability provided by the cyberspace in order to carry out attacks against each other, most notably interfering in each other's elections and infrastructure.

Let's take for example one of the most notable events for the United States: the elections, more specifically, in this discussion, the 2016 election. Aside from all the controversy surrounding both candidates who were running for the presidential seat, the media quickly picked up on certain allegations that the Russian Federation was working to manipulate the elections. The goal of these cyberattacks, as determined by the US intelligence community and the evidence gathered by Special Counsel Muller, was to undermine Clinton's campaign, boost Trump's chances at being elected and to undermine American democracy as a whole. Even though the US intelligence agencies have concluded that Russia did not alter actual votes during the 2016 election, they have targeted voter registration systems or state websites in at least 21 states prior to Election Day, and through doing so they managed to steal, according to Special Counsel Mueller, information on over 500,000 voters, including names, addresses, partial Social Security numbers, dates of birth and driver's license numbers. In addition to this, a report published by the Senate Intelligence Committee has stated that the Russians “were able to gain access to restricted elements of election infrastructure” and “were in a position to, at a minimum, alter or delete voter registration data.”

However, that is not to say that this has been a one-sided war, because that has certainly not been the case. Recently, the United States has conducted quite aggressive cyberattacks against Russia's power grid, in response to the public warnings from the Department of Homeland Security and the FBI that Russia had inserted malware that could sabotage American power plants, oil and gas pipelines, or water supplies. Even though it might seem like a legitimate defence, this action risks to further escalate the seemingly never-ending cyberwar between the two countries. Ever since 2012, or even before that, the United States has put reconnaissance probes into the control systems of the Russian electric grid, however, their approach has become particularly aggressive, with the placement of potentially crippling malware inside the Russian system. This mainly has the purpose of a warning, however, in case a full-fledged on conflict erupted between Moscow and Washington, it could very well prove to be a crushing weapon. As Robert M. Chesney, a professor of law at the University of Texas, has stated, this is the "21st-century gunboat diplomacy", however that does not say much about the evolution of democracy, does it?

Role of DISEC and the future of cybersecurity

As all matters pertaining to security, DISEC is the UN committee that handles cybersecurity. Aside from ensuring the safety of cyberspace and dealing with the cyberattacks between countries, the First Committee has also come to deal with cyberterrorism, which is becoming one of the largest threats in today's world. As the world keeps evolving, so does every aspect in it, and it seems that we will soon no longer fight wars using guns and soldiers but by standing behind a super-computer and fighting our way into the enemy's mainframe. One of my favourite quotes puts this ever-changing world of diplomacy into perspective quite well I think: "I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones." - Albert Einstein.