Actionable news
0
All posts from Actionable news
Actionable news in PANW: PALO ALTO NETWORKS INC,

Cyberwar Ignites a New Arms Race

Defensive cyber operations at Petersen Air Force Base in Colorado Springs, Colo.

Countries toiled for years and spent billions of dollars to build elaborate facilities that would allow them to join the exclusive club of nations that possessed nuclear weapons.

Getting into the cyberweapon club is easier, cheaper and available to almost anyone with cash and a computer.

A series of successful computer attacks carried out by the U.S. and others has kicked off a frantic and destabilizing digital arms race, with dozens of countries amassing stockpiles of malicious code. The programs range from the most elementary, such as typo-ridden emails asking for a password, to software that takes orders from a rotating list of Twitter TWTR 1.75 % handles.

The proliferation of these weapons has spread so widely that the U.S. and China—longtime cyber adversaries—brokered a limited agreement last month not to conduct certain types of cyberattacks against each other, such as intrusions that steal corporate information and then pass it along to domestic companies. Cyberattacks that steal government secrets, however, remain fair game.

This comes after other countries have begun to amass cyberweaponry on an unprecedented scale. Pakistan and India, two nuclear-armed rivals, regularly hack each other’s companies and governments, security researchers said. Estonia and Belarus are racing to build defensive shields to counter Russia. Denmark and the Netherlands have begun programs to develop offensive computer weapons, as have Argentina and France.

In total, at least 29 countries have formal military or intelligence units dedicated to offensive hacking efforts, according to a Wall Street Journal compilation of government records and interviews with U.S. and foreign officials. Some 50 countries have bought off-the-shelf hacking software that can be used for domestic and international surveillance. The U.S. has among the most-advanced operations.

In the nuclear arms race, “the acronym was MAD—mutually assured destruction—which kept everything nice and tidy,” said Matthijs Veenendaal, a researcher at the NATO Cooperative Cyber Defence Centre of Excellence, a research group in Estonia. “Here you have the same acronym, but it’s ‘mutually assured doubt,’ because you can never be sure what the attack will be.”

Governments have used computer attacks to mine and steal information, erase computers, disable bank networks and—in one extreme case—destroy nuclear centrifuges.

Nation states have also looked into using cyberweapons to knock out electrical grids, disable domestic airline networks, jam Internet connectivity, erase money from bank accounts and confuse radar systems, experts believe.

Large conventional militaries and nuclear forces are ill-suited to this new kind of warfare, which evens the playing field between big and small countries. Cyberattacks are hard to stop and sometimes impossible to trace. The West, as a result, has been forced to start reconfiguring its militaries to better meet the threat.

Access to cyberweapons, according to U.S. and foreign officials and security researchers, is far more widespread than access to nuclear weapons was at the height of the nuclear arms race, a result of inexpensive technology and the power of distributed computing.

More than two dozen countries have accumulated advanced cyberweapons in the past decade. Some Defense Department officials compare the current moment to the lull between the World Wars when militaries realized the potential of armed planes.

“It’s not like developing an air force,” in terms of cost and expertise, said Michael Schmitt, a professor at the U.S. Naval War College and part of an international group studying how international law relates to cyberwarfare. “You don’t need to have your own cyberforce to have a very robust and very scary offensive capability.”

For example, hackers aligned with the Syrian government have spied into the computers of rebel militias, stolen tactical information and then used the stolen intelligence in the ongoing and bloody battle, according to several researchers, including FireEye Inc. FEYE 1.24 %

Most cyberattacks linked to the U.S. and foreign governments in recent years involve cyberspying—breaking into a computer network and stealing data. More-aggressive covert weapons go further, either erasing computer records or destroying physical property.

“With some countries, we’re comfortable with knowing what their capabilities are, but with other countries we’re still lost,” said Andre McGregor, a former cyber special agent at the Federal Bureau of Investigation and now the director of security at Tanium Inc., a Silicon Valley cybersecurity startup. “We don’t have the visibility into their toolset.”

The Military Balance, a widely read annual assessment of global military powers published by the International Institute for Strategic Studies in London, tallies tanks, battalions and aircraft carriers. When it comes to national cyberforces it says “capabilities are not assessed quantitatively.”

In the U.S., the National Security Agency, Central Intelligence Agency, FBI and others all play roles in combing through intelligence.

U.S. officials say their biggest concerns are the cyberweapons held by the Chinese, Russians, Iranians and North Koreans, countries that have deployed advanced attacks that either dug inside U.S. government networks or targeted top U.S. companies. Even Israel, a U.S. ally, was linked to hacking tools found on the computers of European hotels used for America’s diplomatic talks with Iran, according to the analysis of the spyware by a top cybersecurity firm. Israeli officials have denied spying on the U.S.

Cyberarmies tend to be integrated with a country’s military...


More