Logo

Logo

Dangers that lurk

Data gives us power, but it creates vulnerabilities of which the DarkSide and Mumbai attacks gave us a foretaste. Who would set the new world order in the digital age? Techno-autocratic nations like China and Russia or the world‘s democratic nations, the US, EU, Japan, India and others? There can be no freedom without vigilance

Dangers that lurk

Representation image [Photo:SNS]

The term cyberspace was coined by William Gibson in his 1984 science fiction work Neuromancer ~ a dark social universe. But America created cyberspace, the Internet, based on its democratic value system ~ free, open, decentralized, distributed, and self-governing.

What if the Internet had been created in China or Russia? architecture and algorithms would have been very different, geared more toward creating a surveillance society than enhancing democratic values. Unfortunately, its very openness and freedom have become the source of its susceptibilities to surveillance.

Authoritarian nations find the freedom of cyberspace very threatening to their hold on power. While they have built firewalls to protect their societies from free speech and free flow of information, they use cyber weapons to attack others’ critical infrastructure.

Advertisement

A most attractive feature of cyberspace is that its entrance threshold is so low that an ingenious self-taught person could create apps and new platforms, and become rich. Or, become a hacker and get into infrastructure, financial or military systems.

Rogue states and well-organized digital terrorist groups use footloose hackers to steal intellectual property, and pry into diplomatic and strategic plans. Most cybersecurity attacks are unobtrusive, stealthy, and insidious. There are no rules of the road to protect cyberspace, the domain in which all our activities, military, economic, commercial, political and cultural, are being done now.

Power grids, financial systems, defense networks could be brought down by not only hostile states but also non-state actors acting alone or in collusion with their state governments.

Based on Google’s research findings, the Wall Street Journal wrote, “State-sponsored hackers from China have developed techniques that evade common cybersecurity tools and enable them to burrow into government and business networks and spy on victims for years without detection.”

In 2021, Chinese espionage group hit tens of thousands Microsoft customers. The 7 May 2021 ransomware attack on Colonial Pipeline, one of America’s largest fuel suppliers, was carried out by a criminal hacking group DarkSide’s affiliate that crippled its computer system and for which it had to pay the ransom in cryptocurrency, 75 Bitcoin, or about $4.4 million, according to media reports.

Cryptocurrency based on Blockchain technology is a possible future for global finance. The US Department of Justice was able to recover 64 bitcoins. In October 2020, a cyber-attack shut down the electrical grid of Mumbai, India’s financial capital, plunging millions into darkness.

The New York Times argued that it was a Chinese cyber-attack as a warning that China could not only fight India in the Himalayas but also in its financial hub. One of America’s most precious assets, intellectual property, is under constant threat.

Chinese hackers have been accessing the designs of some major US weapon systems to modernize the country’s military. Perpetrators conceal their location due to the anonymous nature of the Internet, which makes the attribution of cyber attacks problematic.

But technology is being developed to locate perpetrators. Mandiant, a Google’s computer security company, was able to pinpoint that a unit of the People’s Liberation Army, located in Shanghai, had “systematically stolen hundreds of terabytes of data” from American corporations, organizations and government agencies.

They stole “product blueprints, manufacturing plans, clinical trial results, pricing documents, negotiation strategies and other proprietary information from more than 100 of Mandiant’s clients, predominantly in the United States.” But what can be done with hackers if they originate from Russia, North Korea or China?

The Commission on the Theft of American Intellectual Property, an independent commission, said in its March 2021 report that “IP-intensive industries support more than 45 million US jobs. IP theft costs the US economy hundreds of billions of dollars annually and reduces U.S. companies’ R&D investment and innovation.”

China continues to be the largest origin of IP theft today, a situation that has not changed since the Commission’s first report a decade ago when it said, “Intellectual Property (IP) theft needs to have consequences, with costs sufficiently high that state and corporate behaviour and attitudes that support such theft are fundamentally changed.”

Its most intriguing recommendation included that “companies that experience cyber theft ought to be able to retrieve their electronic files or prevent the exploitation of their stolen information.” And furthermore, the report recommended, “both technology and law must be developed to implement a range of more aggressive measures that identify and penalize illegal intruders into proprietary networks….”

America’s National Security Agency conducts surveillance under the authority of the Foreign Intelligence Surveillance Act. It collects metadata from telephone companies and Internet data from Internet Service Providers. It watches the crossborder data flow. With so much data collected through its surveillance power, the NSA should have known through its Early Awareness System about the DarkSide’s ransom attack before it occurred. One would think that Silicon Valley tech wizards should have developed foolproof encryption to protect the nation’s data.

But they haven’t done so yet. Cyberspace, in the ultimate analysis, is nothing but data. Data is power, as Dartmouth Tuck School’s Dean Matthew Slaughter and David McCormick of Bridge Associates, argued in Foreign Affairs. With 5 G technology and the Internet of Things that would turn everything into a networked object, data would expand exponentially. They say data is “non-rivalrous” in the sense that “it can be used simultaneously and repeatedly by any number of firms or people without being diminished.”

True, but how dangerous is that in practical terms! Just consider: The Pentagon spends hundreds of millions of dollars of American taxpayers’ money in R&D for the development of advanced defense systems, which are nothing but data. If data is “non-rivalrous,” the Pentagon shouldn’t worry when hackers copy the weapon design system based on which China could develop a competitive advanced defense system, saving millions of dollars and years of research and development; and pose a threat to America.

Pfizer and Moderna vaccine patents are “non-rivalrous” data, but they wouldn’t share this with anyone. Cyberspace has been called the fifth domain: land, air, water, space, and now cyberspace, for which the United States established Cyber Command, the Pentagon’s offensive cyber force that was elevated in 2017 to a separate unified military command to strengthen cyberspace operations. America like India and other technologically advanced nations has become a data nation.

Data gives us power, but it creates vulnerabilities of which the DarkSide and Mumbai attacks gave us a foretaste. Who would set the new world order in the digital age? Techno-autocratic nations like China and Russia or the world’s democratic nations, the US, EU, Japan, India and others? There can be no freedom without vigilance.

(The writer is affiliated with the Diplomacy and International Program at the Graduate College, Norwich University and is the author of Indian In A New Key: Nehru To Modi. He publishes the podcast Freedom Public Square)

Advertisement