Politically Motivated Hacking: Ramifications And Defences

Advantages and Disadvantages of Using Online Services

Discuss About The Journal Of Internet Banking And Commerce.

In the past few decades, the technology has grown at a substantial rate. People and organisations rely on modern technologies in order to perform their work. One of the most important advancement has been the popularity of the internet and online based services. Due to ease of access to a stable and fast internet connection, corporations rely on them to perform their basic operations. People also rely on the internet for performing their work and entertain themselves. With the increase in the number of online users, the number of data stored online has grown significantly. There are a number of advantages which people and corporations receive due to use of the internet to perform their operations such as ease of use, global connections, faster speed, unlimited storage, and others (Bamrara, 2015). However, there are many disadvantages of the use of internet and online based services as well such as data privacy concerns, cyber-attacks, data breach, reliance on internet connection, downtime of servers and others.

Along with the popularity of the internet, the risk of cyber-attacks has grown substantially. The internet is a global platform due to which cybercriminals from all across the globe focus on hacking into the servers of organisations and people in order to gain unauthorised access and collect their data. Recently, the number of politically motivated hacking has increased significantly which increases the concern of people and organisations around the world. The objective of cybercriminals in politically motivated hacking is to leak the confidential information about a political group or an organisation rather than focusing on gaining personal benefits (Green, 2015). The threat of politically motivated hacking attacks is growing as the global political environment remained unstable. In this report, the ramification of politically motivated hacking will be discussed by evaluating relevant media articles. Furthermore, this report will evaluate different examples of politically motivated hacking attacks in order to assess their impact on organisations and the society. This report will also evaluate the current defences against it along with their effectiveness.

Hacking is referred to an act of gaining unauthorised intrusion into a company in order to gain an unfair advantage. Cybercriminals hack into the servers of organisations to collect their confidential data and shut down their operations. In past few years, the number of politically motivated hacking attacks has grown substantially. These attacks are a part of Hacktivism is referred to an act of hacking for politically or socially motivated purposes; the people who conduct Hacktivism are called hacktivists (Vegh, 2013). Generally, the purpose of hackers is to collect confidential information or unauthorised access to the servers of a company for personal gain or causing harm to others. On the other hand, the purpose of hacktivists is to raise awareness regarding social or political issues by leaking confidential data of an organisation. The Hacktivism attacks are considered as more dangerous than compared to other hacking attacks because the main aim of hacktivists is to demolish the reputation of a political figure or party and management them humiliate in front of everyone rather than gaining personal profit (Declan, 2016). Recent media articles have shown that the threat of politically motivated hacking has increased substantially and it is affecting the political environment across the globe.

Rise of Politically Motivated Hacking

In politically motivated hacking attacks, the hackers are not interested in earning profits rather they wanted to make a political statement by hacking into the account or servers of global political leaders or parties. In June 2017, an international cyber-attack hit many parts of Asia, Europe and the United States. Due to the cyber-attack, tens of thousands of computers in hospitals, government offices and banks started to fail to work across the globe. The New York Times posted a story on the attack which provides that over 200,000 computers were crippled by the hack in over 150 countries (Goldman, 2017). The attack affected the companies in the United States less than compared to other nations because a British cybersecurity expert stopped the attack from the spread in the US-based organisations. It was revealed that the hackers found a flaw in the Microsoft Windows operating system, and they exploited such flaw which was first discovered in the US National Security Agency (Wong and Solon, 2017). In the first instance, it was found out that the purpose of the hack was to collect profit from all these organisations because the hackers were demanding a ransom of $300 in Bitcoin (Goldman, 2017).

Experts provided that the hackers might be able to collect more than $1 billion from individual across the globe whose computers were hacked. The hack affected many large organisations such as the Russian Interior Ministry, Britain’s National Health Service and FedEx. It was later found out that the attack was conducted through a virus called “wiper” and it was spread in the computers of these organisations purely for destructive purposes. It was later revealed that the malware was originated in Ukraine on the Constitution Day of the country and one computer scientist provided that the purpose of the attack was to cause chaos rather than earning money. It was provided in the news that many Ukrainians provided that they suspect Russia is the culprit for this cyber-attack. Computer scientists provided that cyber-attacks have always been there, and they are continuously affecting organisations across the globe. However, the difference is their motivation which has become more social or political oriented. William Robertson, an assistant professor in computer science, agreed with this statement, and he provided that there is an increase in nation-state malware cropping based on which the cyberspace is becoming more militarised to achieve geopolitical objectives (Kornwitz, 2017).

Other than this attack, a WannaCry Ransomware attack occurred in May 2017 in which the hackers used hacking tools which were stolen from the National Security Agency. The hacking tools were leaking online by a cybercriminal group called the Shadow Brokers. In this attack, the WannaCry malware affected more than 300,000 computers in over 150 countries across the globe and during this process the hacker group made over $80,000. It was revealed that the hackers behind the wiper, dubbed “Petya”, have generated less than $10,000 from the attack by stating that money was not their primary objective (Hern, 2017). It is another good example in which the hacking was focused on negatively affecting and crippling the operations of government agencies rather than focusing on generating profits. According to Robertson, during these attacks, victims should not pay any ransom to the attackers because it will not assist them in getting their data back (Kornwitz, 2017).

Examples of Politically Motivated Hacking and their Impact

In case of Australia, the politically motivated attacks are a new threat which is quickly spreading and crippling the political organisations in the country. Stewart (2016) provided that the country faces a new threat of politically motivated cyber-attacks which are conducted by foreign powers in order to undermine the government of Australia and to embarrass the decision makers and senior politicians. Generally, the threat includes hacking into the private emails and data of political entities and parties in order to leak their data and to embarrass them at a global level. According to Australian security agencies, the threat of cyber warfare is increasing at an alarming rate, and it focuses on political and social aspects whereas traditionally it was focused on strategic and economic targets. For example, in June 2016, after leaking of over 19,000 private emails of Democratic National Party in Washington resulted in leaking the information about political games which run in the background of these parties (Timberg et al., 2017). The leak led to a global level humiliation due to which the Chairwoman of DNC, Debbie Wasserman Schultz, resigned from her post. According to Dan Tehan, cybersecurity assistance of the Prime Minister of Australia, these attacks represent a new type of cyber-attacks which are called cyber influencing in which the purpose of the hackers is to influence the political environment by leaking confidential information rather than gaining personal gain (Stewart, 2016).

He further told that the attack on DNC in the US was a good wake up call for Australia to take appropriate cybersecurity measures to take guard against this threat. He told that it is less likely that the foreign powers will use cyber espionage in order to manipulate or infiltrate the political environment in Australia; however, the most likely candidates are China and Russia (Stewart, 2016). For example, China attempts to influence the political environment in Australia through donations and other benefits which resulted in the resignation of Sam Dastyair from Labour’s frontbench. According to the security intelligence of Australia, Russian and Chinese hackers are the most persistent which it comes to taking attempts for infiltrating or breaching the cybersecurity of government agencies in Australia along with private business operating in the country for economic or strategic intelligence (Uhlmann, 2015). As per Mr Tehan, the Australia government has taken appropriate steps in order to prevent the potential threat of politically motivated cyber-attacks (Stewart, 2016). The government is investing in increasing its defence against the cyber-attacks which are motivated to cripple the political environment in the country and adversely affecting the political entities.

Politically Motivated Hacking in Australia

The attack on the Democratic National Committee in which the hackers stoles over 19 thousand private emails and leaked them to Wikileaks. The purpose of the leak was to reveal information about Bernie Sanders who was the main rival of Hillary Clinton. After the incident, Debbie Schultz, chairwoman of DNC, was forced to resign from her post (Hosenball et al., 2016). The information leaked by the hackers includes information about the donors of the party including their name, email address along with credit card information.

Another example of politically motivated cyber-attacks is operation cleaver in which cyber criminals attacked critical infrastructure of 16 nations around the world, and the attack was linked to the Iranian hackers. After the incident, Cylance, a cyber-security firm, documented the Operation Cleaver and investigated the incident for a period of two years. It was revealed that the attack affected over fifty targets from different critical industries which include oil and gas, airlines and airports, universities, telecommunications companies and government agencies (Vijayan, 2014). Later, it was revealed that the hacking team which was involved in the operation cleaver was based in Tehran. During the hack, a large amount of data was extracted and breached by the hackers. In this data, sensitive information regarding the employee information and schedule, information about the airport and aircraft security, PDFs of networks, identification photos, and housing electricity and telecom diagrams were leaked (Khandelwal, 2014).

In this attack, an espionage operation was conducted by the Shadow Network which stole classified documents from the government of India, the office of Dalai Lama and many others agencies. The classified documents include information about the embassies which are situated abroad, details regarding security system of India and NATO troop activities which are conducting in Afghanistan. In this attack, the Shadow Network used the cloud computing platforms and social networks to collect the classified information. The details regarding the cyber-attacks were collected by the Information Warfare Monitor which is based on the Palantir technology (Danchev, 2010). The technology was able to identify that the cybercriminals who were from China conducted the attack.

Following are few defences available against the politically motivated cyber-attacks, and these recommendations can protect politicians and political parties from these attacks.

• The government agencies should increase their budget of cybersecurity in order to implement new security technology for protecting themselves from the cybercriminals. The heavily rely on the online-based technology and in order to protect their data online, they should install security software and firewalls to keep their data secure (Amoroso, 2011).
• The government officials should focus on improving their cybersecurity by learning about the appropriate security measures which they can take to prevent themselves from cyber-attacks. They should use strong security passwords and take other security measures such as two-step verification and security checkups to protect their data which is stored
• The government should take strict actions against the cybercriminals who use their resources to hack into the data of political parties and leak such information online. The government should implement strict policies in order to prevent cyber-attacks, and they should take precautionary measures to avoid such cyber-attacks.

These defences can be taken by politicians and political parties, however, it should be admitted that there is no “silver bullet” solution to prevent the threat of politically motivated cyber-attacks. However, taking appropriate security measures and increasing the awareness about the issues can assist in mitigating the risk and potential impact of politically motivated cyber-attacks. Thus, these defences are not effective to protect politicians and political parties across the globe.

Effective Defences Against Politically Motivated Hacking

Conclusion

From the above observations, it can be concluded that the number of politically motivated cyber-attacks has increased substantially in the past few years. These attacks are more dangerous than compared to other cyber-attacks because the primary purpose of these attacks is to demolish the reputation of political parties and to leak their confidential information to the public. The increasing threat of politically motivated hacking has been well documented by the recent media which spread the awareness about the issue at a global level. Many cyber-attacks have resulted in leaking the classified information about government agencies in the public which negatively affects the reputation of the agency along with its members. A good example is the leak of emails of the Democratic National Party which resulted in the forced resignation of its chairwoman. The threat of these attacks is increasing globally, and the government agencies are required to take appropriate securities measures in order to protect themselves and their data from leaking on the web.

Various defences against the cyber-attacks are provided in the report which can assist the government agencies and their agents to protect their private data from breaching. They should increase their cybersecurity budget in order to install the latest security software and firewalls to protect their data from the online breach. The government officials should take appropriate security measuring such as the use of strong passwords and two-step verification to protect themselves from cyber-attacks. The government should implement strict policies to prevent politically motivated cyber-attacks. accounting, these defences are not effective, and they should admit the fact that it is difficult to prevent these attacks. The growth in politically motivated cyber-attacks creates new potential threats for government agencies across the globe which increases the requirement of effective cybersecurity infrastructure.

References

Amoroso E (2011) Cyber attacks: awareness. Network Security, 2011(1), 10-16.

Bamrara A (2015) Evaluating Database Security and Cyber Attacks: A Relational Approach. The Journal of Internet Banking and Commerce, 20(2).

Danchev D (2010) Researchers expose complex cyber espionage network.Economics, Available from: https://www.zdnet.com/article/researchers-expose-complex-cyber-espionage-network/ (accessed 29 May 2018).

Declan O (2016) Politically motivated attacks. Socialist Lawyer, (74), 46.

Goldman R (2017) What We Know and Don’t Know About the International Cyberattack. The New York Times, Available from: https://www.nytimes.com/2017/05/12/world/europe/international-cyberattack-ransomware.html?mtrref=undefined&gwh=25E6CBE59A24178ACA05CCC169EA9971&gwt=pay (accessed 29 May 2018).

Green J (2015) Staying ahead of cyber-attacks. Network Security, 2015(2), 13-16.

Hern A (2017) WannaCry, Petya, NotPetya: how ransomware hit the big time in 2017. The Guardian, Available from: https://www.theguardian.com/technology/2017/dec/30/wannacry-petya-notpetya-ransomware (accessed 29 May 2018).

Hosenball M, Volz D and Landay J (2016) U.S. formally accuses Russian hackers of political cyber attacks. U.S., Available from: https://www.reuters.com/article/us-usa-cyber-russia-idUSKCN12729B (accessed 29 May 2018).

Khandelwal S (2014) Operation Cleaver — Iranian Hackers Targeting Critical Infrastructure Worldwide. The Hacker News, Available from: https://thehackernews.com/2014/12/Operation-Cleaver-cyber-espionage.html (accessed 29 May 2018).

Kornwitz J (2017) Why politically motivated cyberattacks might be the new normal. News.northeastern.edu, Available from: https://news.northeastern.edu/2017/06/30/why-politically-motivated-cyberattacks-might-be-the-new-normal/ (accessed 29 May 2018).

Stewart C (2016) Politically motivated cyber-attacks the new threat for Australia. The Australian, Available from: https://www.theaustralian.com.au/national-affairs/defence/politically-motivated-cyberattacks-the-new-threat-for-australia/news-story/66d5425856ddfbc1c51af30d409c1e3a (accessed 29 May 2018).

Timberg C, Witte G and Nakashima E (2017) Malware, described in leaked NSA documents, cripples computers worldwide. Washington Post, Available from: https://www.washingtonpost.com/world/hospitals-across-england-report-it-failure-amid-suspected-major-cyber-attack/2017/05/12/84e3dc5e-3723-11e7-b373-418f6849a004_story.html?utm_term=.b5fdb94fe8eb (accessed 29 May 2018).

Uhlmann C (2015) China blamed for 'massive' cyber attack on BoM computer. ABC News, Available from: https://www.abc.net.au/news/2015-12-02/china-blamed-for-cyber-attack-on-bureau-of-meteorology/6993278 (accessed 29 May 2018).

Vegh S (2013) Classifying forms of online activism: The case of cyberprotests against the World Bank. Cyberactivism, 81-106.

Vijayan J (2014) With operations Cleaver, Iran Emerges As A Cyberthreat. Dark Reading, Available from: https://www.darkreading.com/attacks-breaches/with-operation-cleaver-iran-emerges-as-a-cyberthreat/d/d-id/1317861 (accessed 29 May 2018).

Wong J and Solon O (2017) Massive ransomware cyber-attack hits nearly 100 countries around the world. The Guardian, Available from: https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs (accessed 29 May 2018).