There was another in a long series of articles about Russian hackers having their magic fingers caught in the cookie jar of a political system, much like the Democratic National Committee a few months ago. This time it was the Germans and most particularly, the major parties in opposition and the party of Angela Merkel. There is nothing new in hackers going after political parties because just about every intelligence service in the world wants to know what these parties are up to and should make them targets. [See http://www.wsj.com/articles/german-parties-targeted-in-cyberattack-1474470695
What we should be wondering is why the Russians are getting caught. I know that sounds strange, but hackers who are good at what they do, especially ones who work for governments, do not usually get caught. They use tools that would not be traceable to their own government; they are careful and do not get in a hurry. The main reason for this is plausible deniability, the ability of a government to say, "It wasn't me." Most intelligence collection requires this ability because all countries that are advanced spy on one another, but the honor code of thieves of information requires that governments do it covertly, i.e without getting caught and with the ability to deny such a thing occurred using resources of this country. Even when it is hard to do, we still need plausible denial. So, how is it that Russian hackers who are getting into governments and political parties get caught? I think these are the best reasons that is happening:
1. We have to believe that the Russian intelligence services, especially the FSB and GRU, want to be seen to be attempting to influence elections of other countries. This is an odd use of Information War but one that does have an effect. The Chinese did this when they helped North Korea steal email from Sony and selectively release some those documents. It is a warning of what can be if the same thing happens to them. If you try to influence our election process, which took place last week, we will try to influence yours. To be of much use, the recipient has to know they are being hacked by a known entity. OK, we know who you are.
2. Maybe the FSB and GRU are not very sophisticated at hacking, so they stumble through these attacks and get caught. It is possible, but unlikely. There are probably more skilled hackers in Russia and China than in any two other countries in the world. They are both thick with them. With that many, there has to be some pretty good ones that can train or work with others who might not be so good. Eventually, their workforce is skilled and good enough to not get caught. So, maybe they are in that transition period when they are not yet skilled enough. Those who believe that, hold up your hand.
3. Maybe the world is wrong about the source of these attacks and it is not really Russia, but somebody using tools developed and hosted in Russia. That is a possibility since there are a few places in Russia that will handle that for you, giving the operation safe haven and tools to do the work. The Russian government knows where these places are, and can limit what that work entails and who is doing it. They could cooperate with some countries and not others.
Or, it could be a combination of those things. If we look at the mostly likely idea of why they are getting caught, it seems to be the first one. We will find out soon, because the Russian elections are over and it is time for them to move on. If it is just a warning of things to come, the main reason for continuing is now past. If the attacks continue, we might need to look for other alternatives.
No comments:
Post a Comment