Digital warriors fight in internet hell


When the International Consortium of Investigative Journalists (ICIJ) released the Pandora Papers on October 5, it claimed responsibility for the biggest leak in media history. More than 600 journalists from 140 news organizations in 117 countries worked for months on 12 million documents from 14 sources.

The files mainly came from various law firms and revealed the financial transactions of the rich and famous. Specifically, these people hid their assets in a way that evaded taxes, which seemed to be the motivator for journalistic efforts, as was the case with the Panama Papers in 2016 and the Paradise Papers in 2017.

Despite the hype and involvement of global media giants like the BBC, New York Times and Washington post, the last installment was a fizzer. Unlike the Panama Papers – which claimed a scalp, Icelandic Prime Minister Sigmunder David Gunnlaugsson – Pandora’s Box did not contain any new substance.

The use by dictators and monarchs to hide their ill-gotten gains in the West is no secret, while denouncing the legal affairs of private citizens does little more than fuel jealous tax demands and potentially hamper law enforcement. economic growth. Stories quickly got out of the news cycle, and local angles, such as those published in New Zealand, were so dated that they were irrelevant.

Great powers

This is not the case with the work of investigative journalist Huib Modderkolk, who writes for a Dutch national newspaper, From Volkskrant. He has spent the past six years on a much more serious mission: that of cyber warfare between the great powers that has far more serious repercussions on global economies than tax evasion.

Huib Modderkolk writes for the Dutch national newspaper De Volkskrant.

Rather than working from leaked documents, Modderkolk searches for sources in person, doesn’t record conversations lest they surface elsewhere, and keeps his notes in encrypted form. He distinguishes between exposing the work of official intelligence and security agencies that monitor communications around the world and how, with the constraints of privacy and surveillance laws, they fight state-backed hackers in a unequal war. Their opponents – mainly the authoritarian states of Russia, China, Venezuela and Iran – have no such rules.

Huib sums up his dilemma: “To protect society from foreign spies and hackers, agencies need surveillance powers that strain a free society. He would be the first to ask for the purpose of the leaked Pandora documents and who made them available.

It is likely, based on his knowledge of global hacking operations, that they aim to destabilize and reduce confidence in the institutions of Western and other democratic societies.

In the world of espionage, it is the same as disinformation, as described in Thomas Rid’s story, Active measures.

Hacking events

Modderkolk There’s a war going on but no one can see it covers the major hacking events since 2015 and some of the successful attempts by Western agencies to thwart them. The book is based on 110 face-to-face interviews and is viewed from the point of view of operations in the Netherlands.

After the United States, the United Kingdom, Russia and China, the Netherlands is considered the fifth cyber power. It has two government agencies, AIVD and MIVD, operating in the national and military intelligence sectors respectively. The Netherlands also has the largest concentration of digital businesses in Europe and is a key center for global internet traffic.

Ministry of the Netherlands
This Dutch ministry is home to the AIVD, the internal security intelligence agency.

Modderkolk first became interested in cyberwarfare through Glenn Greenwald, the journalist who brought the world’s attention to Edward Snowden with his treasure trove of stolen US military files that then ended up on WikiLeaks. But it was the hack of a Dutch payment certification company, DigiNotar, that put Modderkolk on a different path.

DigiNotar issued certificates which guaranteed the veracity of websites and were used by major web browsers such as Google, Microsoft, and Firefox. The breach was quickly identified and corrected, but it was years before the full story of an isolated hacker with ties to Iran came to light.

Dig deep

By that time, Modderkolk had dug deep into this hell of competing agencies and several other incidents, including the hack of the largest Dutch telecommunications company, KPN. A success story made it possible to identify the suicide bombers at Brussels airport who killed 35 people in March 2016 and their link with the terrorist attacks in Paris a few months earlier.

However, counterterrorism victories are a by-product of most cyber-surveillance. Most of the mundane job is dealing with daily attacks on government and private organizations. Routines differ from country to country.

China broke into at least 141 companies from 2006 to 2013, stealing passwords and then data. Such penetrations can harbor malware for years before being detected. According to Modderkolk, the Chinese employ tens of thousands of hackers to launch mass attacks, while the Russians are more sophisticated. “They are smarter, more disciplined and better at covering their tracks. They are incredibly good at looting infected systems.

Red Square
The AIVD spied on hackers operating from buildings like these in Moscow’s Red Square.

The Russians are also more tactical, often launching attacks to distract from events such as the seizure of Crimea from Ukraine in 2014. Ukraine was the main target of the NotPetya virus in June 2017 which swept through the computers of the companies of this country and immobilized a large part of its industry. This turned into a global shutdown in shipping, first hitting Maersk container operations and the port of Rotterdam. Ultimately, it hit hundreds of businesses in dozens of countries, with total damage to the global economy, including New Zealand, estimated at $ 10.6 billion.

It was no coincidence that this happened just after British authorities leaked details of those responsible for the poisoning of former KGB agent Sergei Skripal and his daughter in Salisbury, England.

The Dutch have also noticed increased Russian activity in using Twitter and other social media after a rocket shot down Malaysian Airlines flight MH17. The Russians had gained access to Spanish software, SNAP, which gave political parties and others the ability to manipulate Twitter’s algorithms in their favor. In the case of MH17, it was to spread the false news of Ukrainian involvement in the missile attack.

Colorful characters

Modderkolk asks SNAP developers how their software found its place in Russia, Iran and Venezuela. In 2019, researchers at the University of Oxford reported the use of “computer propaganda to shape public attitudes via social media” in 70 countries, an increase of 150% in two years. He also hunts down other colorful characters, such as the Dutch anti-hacker Ronald Prins and his nemesis, Evgeniy Bogachev, the Russian virus creator described as “Pablo Escobar of the digital age”.

In a rare breakthrough, the AIVD managed to penetrate security camera footage that observed a high-level hacking team at work in a Moscow university building on Red Square. They were part of operations dubbed Cozy Bear, led by the SVR security service, and Fancy Bear, led by the GRU, Russia’s military intelligence arm. An error by the American authorities accidentally revealed this spy message, excluding the AIVD.

The SolarWinds hack was the “biggest cyber incident in American history”.
The SolarWinds hack was the “biggest cyber incident in American history”.

Still at work

But the Bears are still at work. Cozy Bear has been identified as the hacker of SolarWinds, an American network management company. Republican politician and former House Intelligence Committee chairman Mike Rogers described it as “the most significant cyber incident in American history.” SVR had collected data on some 300,000 SolarWinds customers for 10 months.

Cozy Bear also hacked into the European Medical Agency looking for information on Covid-19 vaccines. This was then used to spread doubts in the West about the effectiveness of the two most widely used vaccines.

Sadly, Modderkolk sees no end to this unequal war, as democratic people’s cynicism mounts against levels of government oversight and politicians hesitate to get ahead of public opinion. A Dutch referendum in 2018 narrowly opposed giving more powers to security and intelligence agencies.

“To protect society from spies and foreign hackers, agencies need surveillance powers that strain a free society.”

“Snowden Fatigue” is a term that describes the public’s indifference to whistleblower stories, just as people are more than willing to post personal data on Facebook, Twitter, Instagram, and TikTok. If the public easily becomes jaded in the face of cyber attacks – even when they hit hospitals like Waikato earlier this year – then it’s no wonder that Pandora has not lived up to its name.

There is-a-war-in-progress-but-no-one-can-see-it

There’s a war going on but no one can see it, by Huib Modderkolk. Translated from Dutch by Elizabeth Manton (Bloomsbury).

Nevil Gibson is a former editor of NBR. He has written film and book reviews in various publications.

This is content provided and not paid for by NBR

Source link

Leave A Reply

Your email address will not be published.