Cyber-Operations Now a Permanent Part of Global Conflicts: FireEye

The global availability of the Internet makes it certain that all countries will resort to various kinds of cyber-operations in future conflicts, says a FireEye report.

Cyber spy

Trade tensions between China and the United States have fueled long-running economic espionage campaigns; the civil war in Syria has resulted in Website defacements by the Syrian Electronic Army; and the rhetoric on the Korean peninsula has led to destructive cyber-attacks on the South.

While global conflicts before the Internet era have had no cyber component, almost every conflict will overflow into the online world in the future, according to a report by threat-protection firm FireEye.

As the Internet has become more common worldwide, countries with a significant level of unrest have turned online access into a tool for getting the word out, stealing secrets from adversaries and finding dissidents inside their borders.

During the ongoing Syrian civil war, for example, the country dropped off the Internet at least six times. In fact, there is unlikely to be a regional conflict that will not have a cyber component, Ken Geers, senior global threat analyst for FireEye, told eWEEK.

"Now that the Internet has taken off in most parts of the world, you will see more and more examples of how, in every conflict, there is a cyber dimension, where the impact and the side effects are hard to predict," he said.

Each region is developing its own approach to cyber-operations. Asia-Pacific attackers, for example, organize into large groups, such as the Comment Crew, and use widespread and fairly unsophisticated attacks to compromise selected targets, Geers said. While many attacks have focused on conducting espionage in the United States, the China-linked attackers have also targeted other countries, such as India, Japan, South Korea and many European nations.

"China employs brute-force attacks that are often the most inexpensive way to accomplish its objectives," the report stated. "The attacks succeed due to the sheer volume of attacks, the prevalence and persistence of vulnerabilities in modern networks, and a seeming indifference on the part of the cyber-criminals to being caught."

While China is the most obvious attacker in cyber-space, it's not the only one. Russia is active in cyber-operations, as well, but uses much more sophisticated and stealthy approaches. In addition, its attacks tend to be more focused on its own citizens, Geers said.

"One ironic aspect of nation-state cyber-attacks—especially in authoritarian countries—is that many of them are inward-facing," the report stated in its section on Russia's capabilities.

In 2008, when Russia and Georgia came into armed conflict, many Georgian sites were attacked by what seemed to be patriotic hackers. In 2012, Russian security firm Kaspersky Lab revealed that an espionage network, dubbed "Red October," had been used to spy on many Russian citizens and citizens of newly independent regions of the former Soviet Union.

The United States still leads in terms of sophistication and the preparation that goes into its attacks, the report said.

"One possible telling aspect of U.S. cyber-attacks: They require such a high level of financial investment, technical specification, and legal oversight that they will stand out from the crowd," the report stated.

Robert Lemos

Robert Lemos

Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's...