{"id":7121,"date":"2010-01-14T14:41:36","date_gmt":"2010-01-14T14:41:36","guid":{"rendered":"http:\/\/www.indexoncensorship.org\/?p=7121"},"modified":"2010-01-20T12:06:00","modified_gmt":"2010-01-20T12:06:00","slug":"google-china-hacking-cyberattacks","status":"publish","type":"post","link":"https:\/\/www.indexoncensorship.org\/newsite02may\/?p=7121","title":{"rendered":"Skullduggery in cyberspace"},"content":{"rendered":"

\"Tim<\/a>
\nCyberattacks against Google introduce us to a new lexicon. Is this grassroots hacktivism or state-sponsored cyberwarfare? Asks Tim Stevens<\/strong>
\n
\nIn 2006, Google sold its freewheeling, geeky soul in exchange for the rights to market its search products in the rapidly expanding internet market of China. \u201cDon\u2019t Be Evil\u201d became \u201cDon\u2019t Search For the Three Ts\u201d-Tiananmen, Tibet and Taiwan – and the California giant entered into a tense few years of Chinese operations. This week it decided enough was enough, and citing \u201cmalicious cyber activities\u201d<\/a> stopped its self-censorship of search results, forcing the Chinese government either to allow internet users free access to previously barred material, or to revoke Google\u2019s right to operate in China. Google\u2019s meeting last week with Secretary of State Hillary Clinton, and President Obama\u2019s speech next week on internet democracy, can surely not be unrelated to Google\u2019s upping the ante<\/a>. <\/p>\n

Google did not explicitly point the finger at the Chinese state, but its assertions that its networks had been consistently hacked in a bid to disrupt and gather intelligence on human rights activism clearly implied that a concerted effort had been made against it, and that China must have been aware at the very least. Although this is the clearest example yet of a cyber showdown between two global economic giants, the alleged skulduggery revealed by Google is nothing new to watchers of cyberspace. The terms cyberespionage, cybercrime, cyberwar and cyberterrorism are cropping up in security briefings and policy documents more often than ever before.<\/p>\n

The menacing-sounding Iranian Cyber Army<\/em> has attracted substantial media attention in recent weeks. First, they subverted Twitter<\/a>, then the Chinese search giant Baidu<\/a>. On each occasion, users were taken to webpages displaying a green Islamic flag and the words \u201cThe Party of God Will be Victorious\u201d. This has been widely interpreted as a form of pro-Iranian \u201chacktivism<\/a>\u201d, the harnessing of computer hacking activities to a political agenda. We may never know who was actually responsible but they achieved the aim of all political campaigns: publicity. A bit of technical know-how can disrupt internet platforms so effectively that it gets the world talking about possible political motives. It can also provoke counter-attacks, it looks like a low-level conflict between Iranian and Chinese hackers is taking shape<\/a>. We\u2019ve seen these sorts of activities before notably during the Israel-Gaza conflict<\/a> in 2008-09. <\/p>\n

In this globally connected era, the internet is used to rapidly disseminate information and disinformation, and to organise physical protests and other forms of political expression. It is commonly assumed therefore that the internet is a driver of democracy. This explains why, in June 2009, the US State Department requested Twitter suspend maintenance activities<\/a> to allow unimpeded use by Iranian anti-government protesters. In the relatively egalitarian environment of cyberspace however, what\u2019s good for the goose is often just as good for the gander. Grassroots \u201chacktivism\u201d of this sort is common these days but states and their security agencies are only a whisker behind. <\/p>\n

Facebook\u2019s Mark Zuckerberg recently claimed<\/a> there should no longer be a presumption of privacy in internet communications. His company\u2019s profligacy with its users\u2019 personal details<\/a> is inexcusable, but he does have a point, and it\u2019s not a new one. If activists broadcast on relatively open channels like Twitter and Facebook, as during the Iranian protests, then the state will surely be listening. Coupled with geolocative data that identify individuals\u2019 whereabouts, the advantages for rapidly \u201cswarming\u201d crowds are not much greater than the state\u2019s own surveillance opportunities. The information streams upon which protesters rely can be sown with disinformation and engineered remotely. Cellphone cameras and handheld video provide on-the-spot visual evidence of people\u2019s actions and identities. It may have taken a little time for governments to realise this, but far from being disadvantaged relative to more agile and dispersed networks of dissent they can, with skill and experience, use these data flows to their advantage<\/a>. <\/p>\n

When high-profile hacktivism occurs journalists and pundits are quick to ask, \u201cis this cyberterrorism?\u201d, to which, in this case, the answer is almost certainly \u201cno\u201d. Governments are, however, deeply concerned about two types of cyberterrorism. First, that terrorists will remotely attack and degrade critical infrastructures like power, water and transport systems. The possibilities are endless, the likelihood low. Second, the use of the internet to radicalise and recruit people to terrorist movements like al-Qaeda and global jihadism. Evidence from a stream of recent court cases suggests the internet often plays a role in the passage of individuals from peace to violence. The internet may not be the cause of violence per se but as a vehicle for some unsavoury ideas its importance is hard to dispute. Few countries, including in the West, have not considered or implemented measures to suppress this type of online behaviour, and these numbers will increase.<\/p>\n

So far, we have discussed what, in the security literature, are referred to as non-state actors, and the reactions of governments to them. But what of inter-state conflict? The tools and techniques of hackers and hacktivists could in theory be used by states against one another in order to disable critical networks, disarm military systems, and coerce a country and its citizens into submission. An \u201carms race\u201d is underway and military spending on \u201ccyberwar\u201d grew to $8.12bn last year, the majority attributable to the US<\/a>. Other countries with known offensive cyberwar capabilities include China, UK, Russia, France, South Korea and Israel, and many more have similar abilities. <\/p>\n

Although well below the public radar, there are active discussions about cyber arms control<\/a>, cyber deterrence, and the militarisation of cyberspace as a means to combat various undesirable actors<\/a>. It\u2019s a murky business. If we cannot attribute responsibility, against whom should we react when attacked? If State A outsources its hacking capabilities to cybercriminals, can State B retaliate against State A\u2019s citizens? What are the thresholds for declaring cyberwar, and what rules govern its conduct? There is currently no firm legal framework that satisfactorily deals with this complex and transnational multi-actor environment, and no well-documented examples provide lessons as a basis for one.<\/p>\n

What is clear is that conflict has definitely come to cyberspace. The wave of national cybersecurity strategies unveiled in 2009 and coming on-stream in 2010 all demonstrate governments\u2019 desires to defend against a variety of criminal, terrorist and military attacks, and to develop their own offensive capabilities too. The legal, moral, ethical and political implications are poorly understood, and the social ramifications problematic. Cyberspace technologies hold great promise for the future of average citizens, but their potential will also be exploited by governments and the bad guys.<\/p>\n

Tim Stevens is an Associate Fellow of the International Centre for the Study of Radicalisation and Political Violence, King’s College London<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Cyberattacks against Google introduce us to a new lexicon. Is this grassroots hacktivism or state-sponsored cyberwarfare? Asks Tim Stevens<\/strong><\/p>\n","protected":false},"author":14,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_mi_skip_tracking":false},"categories":[4,1],"tags":[7364,986,263,1628],"_links":{"self":[{"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=\/wp\/v2\/posts\/7121"}],"collection":[{"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7121"}],"version-history":[{"count":9,"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=\/wp\/v2\/posts\/7121\/revisions"}],"predecessor-version":[{"id":7275,"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=\/wp\/v2\/posts\/7121\/revisions\/7275"}],"wp:attachment":[{"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.indexoncensorship.org\/newsite02may\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}