The Limited Times

Now you can see non-English news...

The next world war is already here, but you do not feel it. Still - Walla! TECH

2020-10-01T05:41:40.736Z


When we talk to you about cyber, you actually mean a war spectrum that has moved from the tangible battlefield to the virtual arena. From sabotage and espionage to economic crime, Yotam Gutman explains how this business works and why the "axis of evil" does not intend to let go and will continue to endanger us in the coming years


  • TECH

  • Cyber

Everything in cyber

The next world war is already here, but you do not feel it.

Yet

When we talk to you about cyber, you actually mean a war spectrum that has moved from the tangible battlefield to the virtual arena.

From sabotage and espionage to economic crime, Yotam Gutman explains how this business works and why the "axis of evil" does not intend to let go and will continue to endanger us in the coming years

Tags

  • Cyber

Yotam Gutman

Thursday, 01 October 2020, 08:23

  • Share on Facebook

  • Share on WhatsApp

  • Share on general

  • Share on general

  • Share on Twitter

  • Share on Email

0 comments

  • Surround a system

  • Trump in an attack on military commanders: pushing for wars to ...

  • Launch of REALME in Israel

  • PlayStation 5

  • Trump signed a presidential decree banning deals with my husband ...

  • Trump revoked Hong Kong's economic status 15.7.20

  • Disturbing picture of a star and her stepfather

  • Bella Thorne joins OnlyFans

  • Netanyahu: The closure will last three weeks, and it is possible that he ...

  • USA: Apple, Google, Amazon and Facebook were questioned in Congress about ...

  • Sound Bar JBL

  • Xbox X

In the video: Training of the new IDF division that will operate deep in enemy territory (Photo: IDF Spokesman)

Prussian military theorist von Clausewitz's famous statement "war is nothing but a continuation of policy by other means" has taken on a different meaning in recent years, with offensive cyber operations taking the place of physical (kinetic) war and complementing diplomatic relations between states and powers.

In recent months, there has been a marked increase in cross-border cyber activity - Spain, Britain and the United States have accused Chinese hackers of trying to steal information from laboratories developing vaccines for corona.



The U.S. Department of Justice announced that it had indicted five Chinese hackers and two Malaysians who attacked more than 100 companies, organizations and individuals in 14 countries.

Another indictment was filed against three Iranian citizens on charges of hacking into US airlines and space and spying on opponents of exile regime, and another indictment was filed against two other Iranian hackers for vandalizing sites in pro-Iranian propaganda following Suleimani's assassination last January.

More on Walla!

NEWS

Hackers, criminals and everything in between: your cyber directory

To the full article

A threat hovering over countries at any given moment.

Korean researcher examines possible cyber invasion of China into South Korea's banking system (Photo: Gettyimages)

The surge in this cyber activity is not a momentary trend, but a growing trend.

The attack activity of countries has increased not only in terms of volume but also in scope and sophistication.

The problem was exacerbated by the corona plague and its impact on the world economy and international relations.



Moreover, from a relatively negligible subject, usually discussed in the professional press of the cyber industry or in research bodies dealing with strategic relations, cyber is currently in the headlines.

Evidence of this can be seen in statements by officials in the US, UK (Secretary of State Dominic Rab often addresses the issue) and most recently, by Australian Defense Minister Linda Reynolds. The defense minister said malicious cyber attacks against Australian businesses and government agencies by a state actor, apparently he China, have increased in the last two months.

Reading all of these headlines can be confusing.

Who attacks whom, why and how?

Let's try to dismantle the various activities of the nation state in cyberspace.

Terminology

  • "Offensive cyber": Offensive

    operations carried out by state actors in cyberspace.

    Offensive cyber differs from cybercrime in the sophistication and power of the tools used, in the selection of victims, in motivation (which is not purely financial motivation).

  • APT:

    Abbreviations for "Advanced Persistence Threat".

    This means a sophisticated and sponsored offensive campaign, carried out by state attackers.

    Such campaigns can last for many years until they are discovered.

  • "State attackers":

    In the cyber world, it is not customary to directly accuse states and military bodies of hacking.

    First of all, it is very difficult to prove a connection between an assault and the assailant.

    The more skilled the attackers, the more successfully they manage to blur their tracks.

    Moreover, the geographical location of the server from which an attack is made has little significance in the cyber world - you can easily take over a server in Israel and attack an entity that is in Germany, for example.

  • "Attack groups":

    In the cyber world, the boundaries are blurred.

    We are used to thinking that the rest of the world operates in the Israeli format, that is, they have a central "8200" unit, which carries out cyber attacks against enemy countries.

    The reality is more complicated - many countries have a mix of military, state bodies (such as "institutions"), civilians and semi-official militias engaged in cyber activities.

    Therefore, in most cases cyber researchers will give an attack group a name or number (such as APT 1 - Chinese Attack Group, first exposed to the world), indicate its relationship to officials (in the case of APT 1 Unit 61398 of the Chinese Army), the tools it uses and its motivation (In this case, industrial espionage after Western companies).

    Within these "attack groups", people can work in a legitimate job and at the same time assist their country in cyber activities.

    An example of this can be seen in the Iranian security researcher Muhammad Reza Aspergam, who was a respected security researcher with an active Twitter account who even lectured at international conferences.

    A recent indictment revealed that he works with the Revolutionary Guards and assists them in developing hacking and attacking tools.

Cyber?

he?

What suddenly (Photo: Reuters)

So who attacks whom and how?

From the most aggressive to the weakest

  • Sabotage: The cyber dimension can break into the real world when countries use cyber means to damage other countries' computer systems or physical systems.

    Attacks on critical infrastructure have increased greatly in the last two years.

    As you may recall, this trend began a decade ago with an attack (attributed to Israel and the US) on nuclear facilities in Iran, continues with Russian attacks on electricity infrastructure in Ukraine in the recent conflict between the two countries and continues to this day in a duel between Israel and Iran: Iranian attack on Israel's water infrastructure For Israeli revenge against the port of Shahid Rajai.

  • Spying: A good old spy is a much more common activity than sabotage.

    Nations have been spying on each other since time immemorial, but today much of the espionage activity is conducted in cyberspace.

    Data theft is easier, cheaper and relatively risk-free when you stand behind a keyboard and intrude to serve in another country when you are protected by your country's laws and defense systems.

  • Influence and Psychological Warfare Campaigns: Countries have always used psychological warfare techniques to gain an advantage over other countries, but cyberspace has given them the means to do so on a scale never dreamed of.

    Nations can intervene in political processes in other countries without fear and very easily (and at a negligible cost).

    For example, Russian intervention in the Scottish independence referendum, Russian intervention in the Brexit referendum in the UK, and of course Russia's gross involvement in the 2016 US presidential election, and unfortunately the upcoming US election for 2020.

  • Regional politics: Countries also want to use force in cyberspace to resolve (or escalate) regional conflicts.

    In the summer of 2020 Chinese cyber attacks on Indian entities occurred immediately after a clash between the two armies that resulted in dozens of deaths in the Ladakh mountainous border area.

    Ukrainian security services reported in 2019 that Russian hackers were attacking military and police elements in Ukraine.

    According to reports, the Russian attack group "Gamardon" has attacked at least 482 critical infrastructure targets in Ukraine in a campaign supported by Russia.

    This, of course, without risking overt military action.

  • Industrial espionage: Unlike 'classic' espionage, this activity is specifically aimed at closing the economic gap between countries, by stealing intellectual property and then using it to copy technology or gain another unfair commercial advantage.

    China has been widely blamed by Western companies, universities, government agencies and technology companies for just this. For example, when China realized it would not be able to build its own stealth bomber, it stole the proven design of the American F-35 to shorten development and now flies in China. -20, an aircraft that is an almost perfect replica of the United States F-35.

  • Economic crime: Some countries are in extreme financial distress, which is getting worse due to international sanctions, so they are resorting to cybercrime to fill their coffers.

    North Korea is notorious for using cybercrime for such purposes, and recently launched another campaign designed to steal money from US banks and ATMs. The UN estimates that North Korea stole more than $ 2 billion in 2019 alone - money to fund the country's nuclear and ballistic missile program.

North Korea, the senior partner of the Axis of Evil, fills the coffers with theft from US banks and ATMs (Photo: Reuters)

2020: Test year

The corona plague has created a powerful incentive for countries to break in and spy on each other.

The race to be the first to obtain a vaccine has led to a number of espionage incidents related to the theft of vaccine-related knowledge from various research laboratories around the world.

Based on the latest trend, we will likely see more campaigns trying to take advantage of the security vulnerabilities, which stem from the transition from office work to home and back for goodness sake.



Aside from the pandemic, 2020 is a year that "invites" widespread political, social, and economic disruption in the United States, and to some extent in the United Kingdom and Europe. All of these will play into the hands of cyber-attackers, who will seize every opportunity to leverage topical events And crime. And of course, the upcoming US election is likely to lead to an increase in cyber activity, such as attempted hacking against politicians, political parties, voter registration, polling stations and voting machines.

what the end will be?

It is to be expected that state activity in cyberspace will continue from now until forever.

It is hoped that over time rules and regulations that apply to offensive operations in the kinetic dimension will also apply in the cyber dimension.

For example, the United States has imposed personal sanctions against 45 Iranian hackers working under the auspices of the Iranian Ministry of Defense and Intelligence, the EU has imposed personal sanctions (including foreclosure and travel bans) against six hackers from China, North Korea and Russia for involvement in the 2017 Wannacry operation. For the EU to impose sanctions on Russian hackers who hacked into the email accounts of the Bundestag and Chancellor Merkel in 2015. It is to be hoped that such actions will calm the area and create more or less fair playing conditions - although it would be naive to expect "cyber-evil" countries (Iran , China, Russia and North Korea) will completely cease their activities in this area.



Yotam Gutman is the VP of Marketing for the cyber company SetninelOne

  • Share on Facebook

  • Share on WhatsApp

  • Share on general

  • Share on general

  • Share on Twitter

  • Share on Email

0 comments

Source: walla

All tech articles on 2020-10-01

You may like

Trends 24h

Tech/Game 2024-03-27T18:05:36.686Z

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.