The new frontier: Even Developing Nations Do Cyber Spying

Summary: Revolutions in military technology allow rising powers to supersede the old ones, not just because the new tools provide asymmetric advantages, but because the military leaders of dominant love their obsolete big toys. As do military experts in general; compare the coverage of new carriers and aircraft vs. cybersecurity. Will this pattern play out in cyberspace? Emilio Lasiello explains how emerging nations aggressively exploit this new terrain of conflict. {1st of 2 posts today.}

Video Wall
A 21st century equivalent to the Battleship.

Even Developing Nations Want Cyber Spying Capabilities

By Emilio Iasiello from DarkMatters, 27 August 2015
Posted with his gracious permission.

Although governments like China and the United States are seeking to establish norms of behavior for nation states in cyberspace, there is increasing literature indicating that there is mounting interest in acquiring cyber espionage capabilities, even among less technologically advanced countries. An October 2015 report by Citizen Lab, a Canadian-based organization, found 33 likely customers of FinFisher – malware able to read encrypted files, e-mails, and listen in to voice over Internet Protocol, and activate webcams. Client information was exposed in a data breach that targeted Gamma International Ltd, a Munich-based company that made FinFisher and sold it exclusively to governments and law enforcement organizations.

These developments come at a time when governments are seeking to curb the volume of hostile activity occurring in cyberspace. Revelations of suspected U.S. global surveillance and China’s rampant commercial cyber espionage have brought talk of creating a baseline for accepted actions for governments to take in cyber space. China and Russia, as well as the United Nations Governmental Group of Experts on Information Security have developed proposals addressing these very concerns.

Adding to this trend for nation state responsibility, in April 2015, the United States established “cyber sanctions” that granted authority to the Department of Treasury to sanction “individuals or entities” that pose a cyber threat to the “national security, foreign policy, or economic health or financial stability of the United States.” In a landmark agreement in November 2015, governments of the 20 leading global economies – including China – pledged not to engage in cyber-enabled commercial espionage for profit.

Yet despite this progress, revelations exposed with the Gamma breach, as well as the one suffered by Italy’s Hacking Team in July 2015, continue to demonstrate that states desire to acquire offensive cyber surveillance capabilities, even if they can’t develop them indigenously. Some of the customers identified in data were notably states that are neither considered cyber powers, nor considered leading economies. Some of the governments identified in data taken from the breach include Bangladesh, Kenya, Macedonia, and Paraguay. In two of these cases, the intelligence agencies of the governments were linked to FinFisher products.

While these states may not use these capabilities in order to conduct cyber espionage, some of the governments exposed in the data breach are those that Reporters without Borders have identified as “Enemies of the Internet” for their penchant for censorship, information control, surveillance, and enforcing draconian legislation to curb free speech. National security is the reason many of these governments provide in ratcheting up authoritarian practices, particularly against online activities.

Indeed, even France, which is typically associated with liberalism, has implemented strict laws fringing on human rights. In December 2013, the Military Programming Law empowered authorities to surveil phone and Internet communications without having to obtain legal permission. After the recent terrorist attacks in Paris, French law enforcement wants to add addendums to a proposed law that blocks the use of the TOR anonymity network, as well as forbids the provision of free Wi-Fi during states of emergency. To put it in context, China, one of the more aggressive state actors monitoring Internet activity, blocks TOR as well for its own security interests.

Cyberspace has been called “the great equalizer” because it is an environment that can be leveraged by smaller, less industrialized nations in order to compete with larger ones. The Snowden document leaks and rampant, unchecked cyber espionage have created an environment in which all governments—regardless of size—want a modern, relatively inexpensive capability indicative of their ability to keep pace with the times.

Despite the lead taken by larger governments to reach consensus on some unacceptable actions in cyberspace, Pandora’s box may have reached an aperture too great to close. Whether these poorer nations use the tools they obtain for legitimate national security or law enforcement reasons, or to oppress and keep populations in check will largely rest on perception and interpretation.

————————————————–

Emilio Iasiello

About the Author

Emilio Iasiello has more than 12 years’ experience as a strategic cyber intelligence analyst, supporting US government civilian and military intelligence organizations, as well as a private sector companies. He has delivered cyber threat presentations to domestic and international audiences and has published extensively in peer-reviewed journals.

See his other articles on the Dark Matters website. He now posts at Dead Drop (of LookingGlass Cyber Threat Intelligence Group).

For More Information

If you liked this post, like us on Facebook and follow us on Twitter.  See all posts about Cyber-espionage and Cyber-war! — especially these about Parsing Cyberwar by Marcus Ranum…

  1. The Battlefield.
  2. The Logistical Train.
  3. Synergies and Interference.
  4. The Best Defense is a Good Defense.

2 thoughts on “The new frontier: Even Developing Nations Do Cyber Spying

Leave a Reply