Cyber has come of age and now has the ability to threaten whole states in ways that, until very recently, were unimaginable. Simon Michell explains how the politics, economics and infrastructure of nation states is coming under fire from hostile cyber forces

The trouble with cyber threats is that no one really understands them or is able to predict their full impact until it is too late. Even senior military figures will admit that they do not know what a full, all-out attack on a military network or unit might look like, or what it could achieve.

This is a massive problem, especially as cyber intrusions are increasingly being used in conjunction with the awesome power of social media. The implications of this are slowly becoming clear. The unauthorised access into the United States Democratic National Committee computer network has been attributed to Russian hackers carrying out a coordinated attempt to influence the outcome of the 2017 US presidential election. This is the first known occasion that a foreign state has attempted such a devious plot against the US. It is difficult to ascertain whether the cyber campaign was successful or not, and even if it was in fact a state-sponsored activity. Nevertheless, it has been focusing minds in Europe ahead of critical national elections, such as those recently concluded in France and Germany.

Germany has concluded that a hybrid campaign, designed to destabilise the political foundations of the country, may well have been in progress for some time. Part of this operation included the very deliberate ‘Lisa’ scandal that played out at the beginning of January 2016. False allegations that a Russian-German 13-year-old girl from Berlin, Lisa, was abducted and raped by immigrants of a ‘southern’ complexion resulted in protestors taking to the streets to rail against the dangers of the rapidly growing immigrant population. The erroneous reports of the alleged incident, which were broadcast by television journalist Ivan Blagoy on Russia’s TV Channel One, circulated like wildfire on social media and the internet.

DESIGNED TO DESTROY

A year prior to the ‘Lisa’ scandal, France witnessed the potential catastrophe that a well-targeted and planned cyberattack could bring about. TV5Monde was on the brink of being completely taken off air by a sophisticated cyberattack. The director general of the French TV channel, Yves Bigot, confirmed in an interview with the BBC that, “We were a couple of hours from having the whole station gone for good.” The attack was coordinated and designed to destroy the station. Originally thought to have been perpetrated by Islamic fundamentalists, it has since been suggested that the attack was the work of the Russian APT28 group, also known as FancyBear or Sofacy.

APT28 was identified by the American cybersecurity company FireEye as far back as 2007. According to FireEye, APT28 is a very active and well-organised cyber unit that appears to have evolved its tactics into prosecuting “information operations commensurate with broader strategic military doctrine”. The head of the German Domestic Intelligence Service, BfV (Bundesamt für Verfassungsschutz), Dr Hans- Georg Maaßen, told the BBC that he believes that APT28/Sofacy has attacked the German parliament, as well as Angela Merkel’s CDU (Christian Democratic Union of Germany) party, in order to destabilise the German political system. Bruno Kahl, president of the German Federal Intelligence Agency (BND), agrees, saying, “We have evidence of cyberattacks that have no other purpose than triggering political uncertainty.”

Two days before Christmas 2015, a cyberattack on Ukrainian SCADA (supervisory control and data acquisition) systems belonging to three energy organisations left more than 225,000 customers without electricity for hours. The attack was carefully planned, conducted with precision and enabled through months of cyber reconnaissance of the energy companies’ IT networks. When the attack was triggered, not only was the primary power system neutralised, back-up systems were also deactivated.

Nobody has claimed responsibility for the attack, and there is much speculation as to the reason it took place. Ominously, the attack was not designed to destroy the grid, but merely to take it offline temporarily. It was a reminder to Ukraine that its ability to provide heat and light to its citizens was no longer guaranteed. This is a message that could have been much starker had the attack chosen to obliterate the grid entirely.

There is no doubt that the cyber threat, initially aimed at individuals or companies primarily for financial gain, has morphed into something much more damaging. State-sponsored hackers are not only stealing other nations’ secrets, they have now begun to undermine their democratic frameworks. In a speech at St Andrews University about the cyber threat, the UK’s Secretary of State for Defence, Sir Michael Fallon, warned, “Russia is clearly testing NATO and the West. It is undermining national security for many allies and the international rules-based system.”


Projecting Stability | ATA special publication for the Brussels Summit 2017

For the occasion of the NATO Special Meeting in May 2017, ATA has published a dedicated monograph where high level policy makers and experts tackle the strategic issues of the summit. This publication was distributed to all the delegations and representatives that were taking part to closed-doors discussions and parallel meetings that took place before and during the Summit.

The publication is available in its entirety here:  Projecting Stability | ATA special publication for the Brussels Summit 2017