The US has accused 12 Russian military intelligence officers with cyber attacks aimed at undermining the Democratic Party to influence the 2016 presidential elections.
But representatives of the cyber security community say that without international rules and consequences for breaking those rules, the US move is nothing more than a gesture.
The US indictment made public on 13 July outlines evidence to support the view of US intelligence agencies that Russia attempted to influence the 2016 presidential elections.
No US citizens were charged, but the indictment shows that unidentified Americans – including a person close to the Trump campaign and a candidate for Congress – communicated with the Russian intelligence officers.
Deputy attorney general Rod Rosenstein told a news conference that units of Russia’s GRU intelligence agency had stolen emails from the Democratic National Committee and Hillary Clinton’s campaign, and then released them ahead of the vote.
In a second operation, he said Russian officers targeted election infrastructure and local election officials, which involved setting up servers in the US and Malaysia under fake names. They paid for these operations using cryptocurrency that had been “mined” under their direction.
The Russian officers are accused of stealing user names and passwords of volunteers in Clinton’s campaign, including its chairman, John Podesta.
Read more about cyber war
- UK urged to up spending on cyber defence.
- UK government must improve cyber defence efforts, say MPs.
- Terror groups are more likely than nation states to unleash cyber weapons and critical infrastructure is the most likely target, warns Kaspersky Lab chief.
- Veteran investigative reporter Ted Koppel says a cyber attack on the US power grid is likely, but preparations for such an event are not up to scratch.
- There is a lot of “fog” surrounding cyber weapons and cyber war because there is no way of knowing the true capability of any country, says security expert Mikko Hypponen.
The charges include conspiracy to commit an offence against the US, aggravated identity theft and conspiracy to launder money.
Special counsel Robert Mueller, who was tasked with investigating Russian election interference has secured indictments against three entities and 32 individuals, including more than two dozen Russians, and secured five guilty pleas, according to Bloomberg News.
Mueller’s investigation has also highlighted other internet-based methods Russia used to influence the US election, charging 13 other Russians and three Russian entities on 16 February with sowing discord among US voters through social media by impersonating US citizens and coordinating with unwitting US activists.
Richard Ford, chief scientist at cyber security firm Forcepoint said that what the Russian intelligence officers did and how they did it is less important than how the international community will respond to these types of “asymmetric” attack that impact the core of democracy.
“While an indictment is a nice gesture, it has little real consequences beyond drawing yet more attention to the issue,” he said.
Cyber security knows no borders
Cyber security knows no borders, and so, according to Ford, it is “relatively easy” for a nation state or even an enthusiastic group of individuals to launch attacks from the safety of their own country that can be impactful, but carry very little personal risk.
“How we decide to treat these offensive cyber operations is one of the most pressing questions of our time, and those questions cannot be answered by governments alone. Attacks often involve third-party infrastructure, and vulnerabilities in this infrastructure have to be addressed by those in the commercial world,” he said.
According to Ford, it is time for the international community to come together and determine not only what constitutes acceptable behavior online at the nation state level, but what checks and balances can be meaningfully put in place to those states that refuse to adhere to these agreed upon practices.
The onus on governments
He believes this is necessary so that the world does not end up facing a black swan incident impacting someone’s CNI in the next decade.
“This could be the unintended release of malicious code into the wild because nation states have shown they are not fully in control of their cyber weaponry,” Glenny told Computer Weekly in March 2018.
“WannaCry demonstrated how easy it is to impact national infrastructure when you are not even trying,” he said.
Initiatives towards an international cyber cooperation framework, such as the Tallin Manual and the Budapest Convention, have failed to meet their objectives because they do not have the support of Russia, which at present is prepared to work only through the United Nations.
However, Glenny said the Budapest Convention continues to be useful as a roadmap for those parties who are willing to engage with the convention. “But that does not include the Russians, who essentially want a multi-lateral commitment that guarantees their ability run the Russian internet the way they want to run it, effectively signing into international law the balkanisation of the internet,” he said.