14 October 2014

It’s Russia’s cyber warfare we should fear

ALASTAIR MACGIBBON
30 SEP 2014 



Talk of uninviting Vladimir Putin from the G20 may be reason enough to bolster Australia’s cyber defences.  Photo: AFP

Guest opinion

ALASTAIR MACGIBBON

The rusty cannons and stone fortresses dotting harbours across Australia were largely designed to deter a feared Russian invasion in the 1800s. As we know, they were never used in anger; that invasion never eventuated.

Russia featured in our Cold War thinking too – with a lot more justification – but for the last 20 or more years, that has diminished.

Russian actions in Ukraine have certainly brought it back into focus.

When Australian cybersecurity experts consider nation-state cyber aggressors, they tend to think of China. Russia follows a distant one or two countries behind.

Interestingly, when you speak to western European security counterparts, the order is reversed. It’s easy to put the difference down to geography and spheres of influence. But there’s more to it.

Absolutely, China has been, and remains, a significant threat to Western nations in terms of their cyber capacity: espionage and audacious acts of intellectual property theft are routinely traced back to China.

No doubt electronic warfare would be a key weapon in the unlikely event of a shooting war, that’s clear. But in terms of outright nation-state online aggression, it’s hard to go past Russia.

It is widely accepted Estonian and Georgian computer systems fell foul of Russian nationalists and intelligence agencies after sleights to Russian interests. These serve as examples of how nations can strike others through cyber means. And we should take heed.

Estonia was knocked offline and critical systems disrupted for three weeks in April 2007 as tensions between Estonia and Russia increased, symbolically around moving a Soviet-era WWII memorial statue of a Russian soldier in Tallinn.

July to August 2008 saw cyber attacks, influenced – and probably orchestrated by – Russian intelligence agencies against Georgia, stemming from conflict over South Ossetia.

NEW THREATS

Both cases illustrate how Russian government agencies either directly, or indirectly, use cyber means to exert pressure on foreign states, even when no armed conflict is involved. Increased Australian sanctions against Russia and talk of uninviting Russian President Vladimir Putin from the coming G20 meeting in Brisbane may just be enough provocation for those same Russian attackers to pay more attention to Australia.

I attended a talk by Dmitri Alperovitch, co-founder of US cyber-intelligence firm Crowdstrike (and a friend) at firewall giant Checkpoint’s recent conference in Canberra and Melbourne.

Alperovitch and his teams have dissected and catalogued the nation-state threat and paint a compelling, granular, picture of the capabilities and the personnel behind them.

The capacity to bring an entity (personal, public or private) to its knees already exists – in the hands of most aggrieved states. It’s just that their motivation, lack of impetus, hasn’t been aroused enough by us to exercise that capacity. Yet.

I’m not suggesting the government deviate from any thinking it’s conducting on the matter of Russia and Putin, but I am suggesting its investment in cybersecurity, and those of key corporations, should continue and be enhanced.

According to Alperovitch, it’s not just Russia and China we need to pay attention to, but also countries like Iran and North Korea.

No surprises there. Then, of course, there are other groups such as the Syrian Electronic Army who have been on the radar here.

BOLSTERED DEFENCE

Increasingly nations and other vested interests will rattle cyber sabres to influence the actions of governments.

Governments shouldn’t detour from doing what’s considered in the national interest, but they do need to ensure our (cyber) defences are bolstered. In recent announcements made around NATO’s new rapid reaction force, increased NATO cyber defence capacity and co-operation were conspicuous.

European leaders have lived through first-hand how physical a cyber attack can be. Australia would do well to consider the same.

As maligned as the “Five Eyes” intelligence club (US, UK, Canada, NZ and Australia) may be after Edward Snowden’s revelations of electronic surveillance, those complaining may yet appreciate Australia being an active member, especially given our allies’ impressive cyber arsenals.

After all, poking a bear can bring consequences.

Alastair MacGibbon, is director of the Centre for Internet Safety at the University of Canberra and the security general manager for Dimension Data Australia.

No comments: