Cyberwarfare, Russia-USA

(To Andrea Puligheddu)

The 14 June 2016, during the NATO summit in Warsaw, cyberspace was recognized as the "fifth strategic dimension" in which powers will necessarily have to learn to move, defining terms, resources and methods of intervention in case of threat.

What is happening in recent months between Russia and the United States is certainly one of the most interesting dynamics to understand the impact area of ​​cyberwars: a silent clash is taking place, consisting of both real offensives and situations of mutual deterrence.

As in every battle between powers, the areas involved are many and sometimes different from the strictly military one. In addition to the resounding e-mail theft of the Democratic candidate for the run-off to the White House Hillary Clinton (for which the US 7 October 2016 formulated an official indictment against Russia), a further episode generated a certain bewilderment and prompted to wonder about what and what kind of risks of inadequate protection of information may be for States.

Everything starts on the eve of the Olympics held in Rio in August 2016. Some Russian athletes (quite a substantial quantity) had been accused, in November 2015, of having made massive use of doping substances and consequently, after a rather rapid disciplinary procedure, they had been excluded from the Games. Decisive in this sense was a Report of more than 97 pages built by an "Independent Commission" of WADA, the World Anti-Doping Agency, which, in support of the allegations made, also deposited the related documentary evidence, referring to the Sochi 2014 games. In the end, as is known, the decision of the IOC (International Olympic Committee) was to admit "with reserve" the entry of part of the Russian team, placing it from then on under the constant and particularly watchful eye of the international anti-doping.

Later, when the Olympics ended, the scenario changed.

The 13 September, online and mainly through social media, begin to circulate health documents registered to WADA. Within them, among the various data and voices, there are reports of numerous doping and stimulating substances (Methylphenidate, Dexroanfetamina, Prednisolone etc.) resulting from clinical examinations carried out by the anti-doping association; these results are combined with some legendary names in Olympic sports: Simone Biles, Elena Delle Donne, Serena and Venus Williams: all athletes of US nationality. In the following days, further names began to circulate, including European ones (among them some Italians) which however turned out to be mostly authorized or, in some cases, absolutely unrelated to the story.

Naturally, the greater emphasis of the question has been placed on the American side of the sportsmen involved, which, in hindsight, consists of much more than a mere combination.

these leaks have been claimed by a hacker cell called Fancy Bears, which according to what is written by the New York Times would be under the direct control of the GRU, or the Russian military secret services (the same ones held responsible for the theft of many emails and documents to the computer system of the American Democratic Party, which took place in February 2016 and whose effects are still visible and in progress ). According to the feedback provided by the forenser Americans, hackers would have entered into WADA servers, copying their contents with regards to certificates and exemptions from the use of performance-enhancing drugs by Olympic athletes. On the sidelines of the affair, the leaders of the Foreign Affairs and of the Russian Government promptly declared themselves to be extraneous to the facts, considering "out of the question" that the Russian presidency or services were somehow involved in the attack.

Beyond the merit of the attack (the respective Federations of the athletes have confirmed to be aware of what has been revealed, and to have granted the assumption of those substances in a controlled manner for real medical purposes that do not alter the competitive nature of the competition), it remains evident that a real new conflict between powers is underway. In it, the use of information stolen from the opponent has become the new "secret weapon", Capable of generating damage to the sometimes irrepressible opponent and which develops precisely on the most important front of all, namely public opinion.

In fact, such a clash has generated a new framework of the strategic objectives targeted, which can be deduced from the repeated attacks against the new "Fort Knox" of the twenty-first century containing something far more precious than gold: personal data. Some of these attacks have been disclosed, although the damage they caused is unknown (since it is incalculable). These are half a billion accounts hacked on Yahoo (the most devastating attack we know of, although probably not the work of a state) and over about 400 millions of users violated in the most used cloud-services platforms (Dropbox, Amazon) and mail service providers (Hotmail, Gmail). The 2016 is likely to go down in history as the worst year ever on the cybersecurity side, and the alarm generated by the owners of this data is palpable. This is because security is no longer only territorial or conceived as a guarantee of accessibility of resources, but it develops and structures all the fundamental aspects that make a person free: among them, in this digital century, the guarantee of maintaining control over your data and the "virtual" value held. If even the tech companies most developed on the planet have such security flaws in their security, why trust the systems of an insurance, a bank or a hospital? What are the real guarantees that these structures can offer on the data, mostly sensitive, that they keep?

In an increasingly connected world in which "onlife" is lived, what remains evident is a perennial feeling of precariousness of one's data, of substantial uncertainty and essential unreliability. But a country considered unreliable in protecting the most intimate and important information of its inhabitants, is considered vulnerable primarily by the latter.

It should also be considered that the attacks that followed one another from the 1999 onwards (the year of the first IT offensive to the fore, the Moonlight Maze) have increasingly integrated the offensive and structural character of military operations. In particular, precisely at the level of macrostructure, the offensive initiatives implemented in the cyber domain have gradually begun to have similar goals with respect to traditional military offensive operations, namely:

  • la conquest of a territory;

  • la reduction of resources available to the opponent;

  • information acquisition adversary;

  • generate a diversion for to encourage the enemy to control different strategic objectives from that of interest;

  • prevent or hinder the restructuring of resources and of the opposing units;

  • restrict or totally cancel the offensive capacity opponent.

Secondly, in the scenario just described, two radically divergent conceptions of the instrument-network (and to some extent therefore also of cyberspace) come into conflict: on the one hand, the almost libertarian one of the United States, which sees in the Internet an instrument of democracy yet at the same time they use the network for mass surveillance for security purposes; on the other hand the Russian-Asian one, which certainly sees the network as an opportunity, but an opportunity to approach it through a partial filter of content and a strong maintenance of the territorially produced data (in this sense Russia in the 2014 has developed its own ad-hoc law, the Data localization law). Finally, a last point of fundamental importance: the objectives. In the series of attacks followed, there is a clearly evident strategic design such that it is possible from now to distinguish future targets. Energy, communication, transport, finance, health, environmental services, logistics and the production of consumer goods: these are the natural goals of a nation that targets offenders virtual, generating damage instead clearly visible on the real plane.

Of course, to prevent cyber attacks against the critical infrastructures mentioned above, there is no absolute answer, just as there is no definitive way to guarantee the defense of traditional spaces within which, from the dawn of civilization, we fight. The matter, moreover, is absolutely in total evolution and is in full phase of study. How nations will move, community bodies and international? How have they already moved? Overseas, the United States moved with a series of step decisive, summarized partly also by the recent document elaborated masterfully by POTOMAC Institute, "United States of America Cyber ​​Readiness at a glance", Which proposes a complete synthesis of the key elements and policies hitherto faced by the American government in the cyber sphere and to be integrated in the organization of its infrastructures. What will be the protocols, policies and aspects of organizational restructuring to be followed for a "safety culture" also in Europe?

Some attempts are already underway (the NIS Directive, the QS in the field of cybersecurity) while others are remitted to the initiatives of the infrastructures themselves or of those who for them deputy to the management of the values ​​that they generate daily, with a view to public-private partnership. The first step in fact, to avoid the risk of damage, is precisely to prevent it through a change of attitude that identifies security as a value, a asset to which strive to strengthen productivity and not, as too often happens, a marginal or the most bureaucratic aspect from which one must in turn defend. Finally, the provision of an infrastructure, even of a military nature, that constantly assists the key companies of the country system could be - and probably will be - the most decisive response that will soon be put in place: future developments will undoubtedly be monitored and analyze over time.

(photo: USAF)