There is no doubt that the methods that governments use for gathering intelligence have changed over the past century. More information than ever is being stored on computers and is sent via the Internet-- much of this information is secured, but for as long as information has been valuable, there have been people who are sophisticated in the methods necessary for acquiring it. In the past, this may have been spies or cat burglars stealing physical documents, but today, it comes mainly in the form of information technology (IT) professionals who are adept at cracking into computer systems and retrieving information stored inside.
The use of the Internet by governmental authorities has changed the way governments interact with each other, and the way information is stored and stolen. The problem with having information available remotely-- even if it is protected-- is that the information is available to anyone with the proper skillset and an Internet connection. The world of information theft via cyber attacks is a world in an arms race: the people trying to protect information create new ways of protecting the information, while those trying to steal it develop new ways around the protections as quickly as possible (Detica Cabinet Office, 2011).
The use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. (Jacobson and Figliola, 2009)
This is, of course, a very broad definition and many different things can be included into this definition as “cyberterrorism,” but it is still a useful definition when discussing the different actions that groups take against other governments or citizens for the purpose of furthering a political or social cause.
As computers become more sophisticated and the average individual becomes more sophisticated with their usage, so too do the type of attacks that the individual or group can perpetuate. Many governments are fearful of cybercrime attacks and cyberterrorist attacks, but the changing nature of the Internet has made it difficult to anticipate what type of attack may come at any time (Jacobson and Figliola, 2009). Here, two types of cybercrime and cyberterrorism will be discussed at length: government-to-government cybercrime and group-to-government cybercrime.
China and the United States have a tenuous relationship. While the two countries recognize that they must get along for the sake of politics and economic success, there is constant, underlying, low-level tension between the two nations. Recently, China has become one of the largest offenders in terms of cyberattacks against United States computer systems, and the latter has become increasingly concerned about the nature and purpose of these attacks (Inserra, 2013).
The problem with government-to-government attacks, such as the Chinese on American attacks is that there is no real international law governing these types of attacks. In the same way the spy community is governed entirely by secrecy and founded in deception, the cybercrime and Internet information theft game is protected by geography and a lack of jurisdiction (CRI, 2013).
There are a wide variety of impacts that can be had on the American government due to cyberterrorism and cyber espionage from government to government. Inserra (2013) quotes the Heritage Foundation when he writes: “Examples [of Chinese cyberterrorism and cybercrime] include the first known large-scale act of cyber espionage, Titan Rain, in which China-based hackers broke into the networks of the Departments of State, Defense, Energy, and Homeland Security, as well as the networks of defense contractors Additional espionage campaigns are thought to have infiltrated thousands of computers across dozens of countries and international organizations to steal information for the PRC” (Inserra, 2013). If this is true, then the Chinese have access to American state secrets regarding national defense, and also information on its citizenry and various different technological and trade secrets (Inserra, 2013).
However, the effects of attacks like the Chinese are difficult to examine because they are, by their very nature, shrouded in secrecy. Other attacks, sometimes termed “activist attacks” by cyberterrorism and cybercrime experts, are much more visible (Jacobson and Figliola, 2009). One interesting study in the realm of activist cybercrime is the group that is known as “Anonymous.” Anonymous is a group of unknown size and makeup that has carried out a number of cyberattacks on various groups, companies, and even countries since 2006. However, Anonymous’s recent attacks on the North Korean government are unique and worth an in-depth discussion.
Anonymous has a long history of attacking sites and computer networks belonging to individuals or groups that it feels are corrupt and must be brought to the public’s attention, but their attacks on North Korea are unique in a number of ways. First, the political situation in northeastern Asia is tenuous at best right now-- the North Korean government has never been a particularly stable or forward-thinking entity, but the regime change and continuing cyberattacks on the government has led to more instability in the region (Phelan, 2013).
The discussion of Chinese policies regarding cybercrime is important when considering the Anonymous attacks on North Korea, particularly because the anonymity of the Internet and cyber attacks makes the distinction between an entire nation-- the United States, for example, or China-- and a group within the borders of that nation very difficult to determine (Phelan, 2013). Anonymous does not, as far as any experts are aware, work for the American government in any capacity. Indeed, Anonymous has been responsible for attacks against the American government in the past (Phelan, 2013). However, the North Korean’s relative unsophistication with cyberterrorism and cyber attacks combined with a cultural willingness to believe that the American government is making attempts to attack them at every opportunity has led to heightening tensions in the northeast Asian region (Phelan, 2013).
The Anonymous attacks on North Korea have been relatively innocuous in the sense that no major intelligence has been gathered or leaked; instead, Anonymous has focused on a different kind of very visible attack designed to embarrass the North Korean government (Graziano, 2013). Phelan (2013) writes, “Notably the hackers posted a cartoon wanted poster of Kim Jong Un with a list of his alleged crimes, including ‘threatening world peace with ICBMs and nuclear weapons,’ ‘wasting money while his people starve to death,’ and ‘concentration camps and the worst human rights violation in the world.’ North Korea's supreme leader was drawn as a pig, with a huge tattoo of Mickey Mouse. Other images showed the Anonymous hacker collective's iconic Guy Fawkes mask covering the North Korean flag” (Phelan, 2013). There is no intention, here, to steal secrets from the North Korean government or to destabilize the government by obtaining military secrets; instead, they are meant to demoralize and irritate the leader into some type of action.
The problem with the actions that Anonymous has taken regarding North Korea are multifaceted and interesting due to their applications in the discussion of both cyber security and geopolitical conflict. The Chinese, according to the United States government, have participated in actions to hack into a number of American systems and obtain intelligence from those systems; the American government strongly suspects that the Chinese government is complicit in the actions of these groups (Inserra, 2013). However, without proof, diplomacy requires that both governments act as though the Chinese were not complicit in the cyber attacks.
The North Korean issue is different. Anonymous is, without a doubt, a group that contains highly talented computer experts; they have managed to hack into far too many systems for this not the be the case (Phelan, 2013). However, the North Koreans are relatively unsophisticated in their use of computers and computer security, due to their self-imposed sequester from the world and their unwillingness to send any of their students abroad to study.
Compared to the sophistication of some of the other countries that have had their systems hacked by Anonymous, the fact that Anonymous was able to hack into North Korea’s main propaganda page, Flickr account, and Twitter account is not entirely astonishing or indicative of a high level of security. What it does demonstrate, however, is the incredible impact that activist hacking can have on geopolitical issues. The fact that Anonymous was able to access all the names and passwords for the North Korean news site was a demoralizing action for the North Koreans, and prompted them, at least partially, to respond with a greater show of force. The vulnerability on the site was, according to Anonymous, a simplistic security system (Phelan, 2013). Instead of re-acquiring access, North Korea merely disabled the feed, but not before the personal information of thousands of users was acquired by Anonymous (Phelan, 2013).
The geopolitical meltdown occurring in northeast Asia has been exacerbated by the actions of Anonymous, and it is unclear what actions Anonymous will take in the future to further irritate the North Korean government, as they have recently released plans to start “phase two” of their attacks on North Korea (Phelan, 2013). North Korea, for their part, have warned the world that if Anonymous refuses to halt their attacks, there will be “grave consequences” for the actions taken against the government (Phelan, 2013).
The Anonymous attacks on North Korea and the Chinese attacks on the United States underscore a major issue when it comes to cybercrime and cyberterrorism: nothing is sacred on the Internet, and no one is safe. Information on the Internet can be accessed if an individual or a group has enough desire to access it; it is not a matter of if the group can access the information, but rather when they gain access to it, and how they use it once they have gained access. The arms race of cybersecurity rages on today, but those fighting their way into secure systems have the upper hand because it is almost always easier to dismantle something than it is to build something in the first place.
References
CRI (2013). China, US Agree to Combat Cyber Crime. [online] Retrieved from: http://www.ebeijing.gov.cn/BeijingInformation/BeijingNewsUpdate/t1138000.htm [Accessed: 5 May 2013].
Detica Cabinet Office (2011). The Cost of Cybercrime. [report] Surrey: Detica.
Graziano, D. (2013). Anonymous threatens cyberwar on North Korea, steals 15,000 passwords. BGR News, April 2.
Inserra, D. (2013). China: Cyber Attacks Demand U.S. Action. [online] Retrieved from: http://blog.heritage.org/2013/05/01/u-s-should-stand-up-to-china-on-cyber-attacks/ [Accessed: 3 May 2013].
Jacobson, G., and Figliola, P. (2009). Cybersecurity, botnets, and cyberterrorism. New York: Nova Science Publishers.
Mcdonald, H. (2013). On the frontline of the fight against cybercrime. The Guardian, 5 May.
Parr, R. (2000). Circle the Wagons Against Cybercrime. New York Law Journal.
Phelan, J. (2013). Hackers hijack pro-North Korea website Uriminzokkiri. Global Press, April 4.
Unknown. (2009). Cybercrime Loss Valuations. [online] Retrieved from: http://instructional1.calstatela.edu/dryan/ACCT535/Crumbley%20Homework/4Ed_CCH_Forensic_and_Investigative_Accounting_Solutions_16.pdf [Accessed: 4 May 2013].
