While there are growing fears over a Cold War in the relations between Russia and the United States, there is already a Cold War in cybersecurity, according to FireEye Inc. CEO Dave DeWalt.
Dave DeWalt is one of the greatest experts in the cybersecurity industry, who had led McAfee up to the moment the company was acquisitioned by Intel Corp.
The United States, Russia and China are all taking part in “a superpower struggle,” which is likely to include the recent breach of U.S. federal personnel records in which Chinese hackers were blamed, according to the executive. Even though the Chinese government dismissed the accusations that it was Chinese hackers, Washington still believes it was them.
DeWalt also mentioned cyberwar groups in Syria, Iran and North Korea, which he calls “totalitarian states that won’t tolerate that action without some linkage” to the government.
As for North Korean hackers, they are believed to have carried out a large-scale 2014 cyber-attack against Sony Pictures over the movie that depicted the assassination of North Korea’s leader, Kim Jong-un. The cyber-attack included a leak of a great number of ‘uncomfortable’ information and emails.
DeWalk believes that the majority of cyber attacks are initiated by groups affiliated with a government entity.
“There’s a grand chess game being played out in cyber,” he said.
Russian hackers target the Pentagon
Just two weeks ago, The Daily Beast obtained an email notification that the Defense Department sent a warning that “at least five” DOD computer users were targeted in a cyber attack.
Hackers that were linked to Russia and had been earlier involved in cyber attacks to penetrate into the White House and State Department networks, have now shifted their focus to the Pentagon, according to The Daily Beast.
“And this time the hackers are using more sophisticated technologies that make them exceptionally hard to detect and that allow them to cover their tracks,” the author of the article, Shane Harris, noted.
“The sophistication of this attack far surpasses anything we have seen to date from any state actors,” said Michael Adams, a cyber security expert who served over twenty years in the U.S. Special Operations Command.
The author noted that in the latest cyber attack campaign, which the notice said had been detected on July 8, the victims received emails that looked like those coming from the National Endowment for Democracy, a well-known non-profit organization in Washington that receives congressional funding.
The National Endowment for Democracy supports global efforts aspiring for democracy, including in such countries as Russia and China, where it is believed most of the hackers are based.
“The emails contained a link that, when clicked, takes recipients to an infected server on the organization’s network. It then downloads malicious software on to the victim’s computer,” Harris explained.
U.S. is not able to counter cyber attacks
U.S. military department have repeatedly blamed both Russia and China in cyber espionage with the goal of obtaining U.S. secrets that would harm the country’s national interests.
Russia and China consider themselves as strategic competitors of the U.S. and are the most active states in collecting U.S. economic and technological secrets.
However, neither the Americans nor Britons are able to organize efficient counter actions that would stop cyber spies from obtaining national secrets. It is a proven fact: no matter how hard you try to develop your anti-ballistic missile systems and build up your military contingent, if you are vulnerable to cyber attacks – you are a weak state and big sharks sense that weakness like blood.
Just one cyber attack on U.S. secret information can do much more damage to the country and its citizens than the work of dozens of spies that work by old traditional methods.
For example, at the end of May, hackers obtained access to approximately 100,000 tax accounts on Internal Revenue Service website. The tax accounts contained tons of valuable financial information that would be of high interest to foreign intelligences.
According to Rep. Peter Roskam, chairman of a House subcommittee that oversees the U.S. tax agency, the cyber attack was carried out by hackers in Russia. Roskam did not say whether the Russian government had any involvement in the attack.
U.S. spies are in danger
The U.S. used to blame mainly Russia in massive large-scale cyber espionage, but now China stands at the same level as Russia. According to U.S. Department of Justice, Chinese officers spied on American firms in cyberspace in order to gain advantage for Chinese governmental companies.
At the beginning of July, Chinese hackers are believed to have carried out two successful cyber attacks on computers of U.S. government’s personnel management agency.
A total of 22.1 million people were affected by both hacks, or almost 7 percent of the U.S. population. Chinese hackers now have their hands on not only Social Security numbers of people affected, but also their full names, dates of birth, home addresses as well as logins and passwords to access their computers. As many as 1.1 million of stolen data also contained fingerprints.
Therefore, the Chines intelligence can now use the obtained data to expose U.S. spies around the world. Such fears are expressed by U.S. government, according to The New York Times citing several sources.
Special forces of both China and Russia can thus find out the names of those working undercover or those who worked undercover in the past by using elimination approach as well as analyzing a great deal of big data. Besides, the interested parties in Russia and China can cross-reference the stolen data with the data obtained through other channels.
The New York Times explains that “Chinese intelligence operatives could run searches through the database on everyone granted visas to work at American diplomatic outposts in China.”
“If any of the names are not found in the stolen files, those individuals could be suspected as spies by a process of elimination.”
If the Chinese manage to identify former and current spies, even those who have already came back to the U.S. soil will be in danger.