Cyber Warfare, Intelligence & Malware

Digital disruption is sweeping through the world’s of espionage and is altering all aspects of intelligence collection. There is a realisation that some of the jobs for spy agents are becoming redundant as cyberspace becomes the main arena used to monitor and spy on the seas, skies, streets and on individuals.  

Drones can be used to assassinate, machines can spy on systems, people and even on a leader’s mobile conversations, texts and emails. AI can be used to monitor the intelligence services information and their correspondence open sources and classified information. All of this information and data can be collected and analysed by machines.

Espionage techniques have evolved beyond the old methods of bugging rooms or tapping phone lines; today’s Watergate wouldn’t come from breaking into a hotel room, it would come from cracking an email server or a corporate network. This is similar to what has been recently done by European Police operations that broke into and monitored EncroChat and took down a large group of criminal murderers and drug dealers.

Already, we’re seeing these threats escalate in the political world, from the Democratic National Convention (DNC) email hack, to a spear-phishing campaign targeting US officials, to an ongoing surge of sophisticated cyber-monitoring of government departments.

Cyber-attacks have made it increasingly possible for foreign governments, international and local hackers to even alter local election results.

Internet protocols are now nearly 30 years old and the Web has grown dramatically in scale; it has acquired hundreds of additional protocols and extensions, making it increasingly complex to manage. Around 48% of the world population now has an Internet connection compared with 1995 when it was less than 0.5%. That pace of growth can be expected to continue

The Next Ten Years

In the next decade, the number of people using the Internet will grow to almost 7 billion. This is significant because like previous industrial geo-political and macro-economic revolutions, this one reminds us that the age of connectivity is in its infancy and most of the changes have yet to come. 

By the end of this year, there will be around 50 billion connected things, everything from smart cars, smoke detectors, door locks, industrial robots, streetlights, heart monitors, trains, wind turbines, even tennis racquets and toasters. 

As digital technology continues to spread to the poorest parts of the world, criminal and extremist groups will also increasingly gain access to the new technology.

Malware & Spyware

Malware - short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems and can engage in many other options including displaying unofficial counter-advertising. Malware is defined by its malicious intent, acting against the requirements of the computer user, and does not include software that causes unintentional harm due to some deficiency. Malware' is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan Horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other types of spy software. Some categories of malware are:

Virus - Software that can replicate itself and spread to other computers or are programmed to damage a computer by deleting files, reformatting the hard disk, or using up computer memory.

Adware - Software that is financially supported (or financially supports another program) by displaying ads when you're connected to the Internet.

Spyware - Software that surreptitiously gathers information and transmits it to interested parties. Types of information that is gathered includes the Websites visited, browser and system information, and your computer IP address. It is deigned to gather information about a person or organisation without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge.

Spyware can collect almost any type of data, including personal information like internet surfing habits, user logins, and bank or credit account information. Spyware can also interfere with user control of a computer by installing additional software or redirecting web browsers. Some spyware can change computer settings, which can result in slow Internet connection speeds, un-authorised changes in browser settings, or changes to software settings. 

Spyware  is sometimes found embedded in programs supplied officially by companies, e.g.., downloadable from websites, that appear useful or attractive, but may have, for example, additional hidden tracking functionality that gathers marketing statistics. In 2016 Yahoo was  exposed as having  secretly scanned millions of its users' email accounts on behalf of the US government using specially created  software to comply with a US classified request.

Browser Hijacking Software - Advertising software that modifies your browser settings (e.g. default home page, search bars, toolbars), creates desktop shortcuts, and displays intermittent advertising pop-ups. Once a browser is hijacked, the software may also redirect links to other sites that advertise, or sites that collect Web usage information.

Intelligence agencies use malware and spyware in many different environments, technologies and military equipment and vessels currently at sea.

Cyber Warfare

Cyber Warfare involves the actions by a nation-state or international organisation to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or denial-of-service attacks. Cyberwar remakes old assumptions about national security and military engagement. Old metrics such as troop numbers or missile inventories become outdated. Cyber-warriors aren’t as easy to track as nuclear weapons or naval warships. Unlike in the Cold War, when the US and the Soviet Union were the only powers capable of exacting serious damage, cyberwar is inexpensive. Any nation might emerge as a threat, and the identities of the true combatants are never quite clear.

The new era of cyberwar became public knowledge in 2012, when US intelligence officials leaked details of the malware Stuxnet, which took place a few years before the leak, was a piece of malicious software that American and Israeli forces developed to sabotage Iran’s nuclear weapons development.

Voting Systems

Another problem for democracies is the use of electronic voting systems. More often than not, electronic voting systems are nothing but bare-bone, decade old computer systems that lack even rudimentary endpoint security. Despite the recurring discussion on electronic voting vulnerabilities that occurs every four years, only limited attention is given to the systemic problem undermining American democracy.

To hack an election, the adversary does not need to exploit a national network of election technology. By focusing on the machines in swing regions of swing states, an election can be hacked without drawing considerable notice. Voter machines, technically, are so riddled with vulnerabilities that hacking an election is easy.

The electronic voting systems popularised in the United States in the early 2000s have been repeatedly proven vulnerable and susceptible to attacks. However, some of these are so unsophisticated, a few years ago a high school student could compromise a crucial county election in a pivotal swing state with equipment purchased for less than $100, potentially altering the distribution of the state’s electoral votes and thereby influencing the results of the Presidential election.

The United States e-voting system is so vulnerable that a small group of one or a few dedicated individuals could target a lynchpin district of a swing state, and sway the entire Presidential election. If the attacker has access to the administrative card or if they can infect a machine with malware that will spread onto the administrative card, then they can spread malware onto multiple machines and increase their sway over an election.

This next  revolution will challenge the economic implications of the nation state. It will focus on the injustice that follows from the fact that, entirely by chance, some are born in poor countries and others in rich countries. The consequence of this for the concept of the nation state remain to be seen.

Warwick University:   MI5:    Century Link:   TechJury:   Washington University:     

Centre for Protection of National Infrastructure:

You Might Also Read: 

Sustained Cyber Attacks Are The New Normal:

« The Growing Cyber Threat To Renewable Energy
Russian Ransomware Group Hacked US News Company »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

CionSystems

CionSystems

CionSystems provides identity, access and authentication solutions to improve security and streamline IT infrastructure management.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

ARCON

ARCON

ARCON offers a proprietary unified governance framework, which addresses risk across various technology platforms.

Ciphertex Data Security

Ciphertex Data Security

Ciphertex is a leading data security company that specializes in portable data encryption and privacy protection storage systems.

Debevoise & Plimpton

Debevoise & Plimpton

Debevoise & Plimpton LLP is a premier law firm with market-leading practices in areas including Data Strategy & Security.

BCyber

BCyber

BCyber is a Swiss Cyber Security company that provides security products, training, and managed services to protect diverse IT and OT environments against cyber, physical, and cyber-physical threats.

SensCy

SensCy

SensCy is a Trusted Guide for Sensible Cybersecurity for small and medium-sized organizations.

Beyon Cyber

Beyon Cyber

Beyon Cyber offer a complete portfolio of advanced solutions & services for cyber security in Bahrain.

Elba

Elba

Employee security needs to be reinvented. SaaS security needs to involve end-user and awareness needs to be actionable. Meet elba, the 5-in-one cybersecurity hub with no compromises.

BSS

BSS

BSS is a solutions and services business based in the UK with a focus on Cyber Security, Data, Financial Crime, Internal Audit, Change, Risk and Resilience.

IONIX

IONIX

IONIX (formerly Cyberpion) is the attack surface management solution that uses Connective Intelligence to shine a spotlight on exploitable risks across your supply chain.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.