During the two days of Cybertech Europe (v.articolo), within the famous "cloud" of the new congress center of Rome, the French philosopher Paul Virilio has been mentioned several times. In particular, referring to the difficult challenges inherent in the cyber security, the following sentence contained in a book was commented: "When you invent the ship, you also invent the shipwreck; when you invent the plane you also invent the plane crash; and when you invent electricity, you invent electrocution ... Every technology carries its own negativity, which is invented at the same time as the technical progress ". In other words: every new technology has its "dark side", which introduces "risks" to security. This statement, referring to information technology, is so obvious and trivial, as (deliberately?) Neglected, so that a doubt arises: do we really realize the risks that are incumbent on the cybernetic dimension and the possible consequences on the real world? Well, on the globe there is a place where Virilio's worst nightmares, and not only his, come true almost daily: Ukraine. Over there, the "boat" has begun to sink for a couple of years, demonstrating how the current technology linked to the development of information technology and the Internet, is dramatically inadequate for today's security challenges and how the cyber security it is now part of the great "game" of the global geopolitical equilibrium.
Let's see why precisely Ukraine. Some believe that starting, above all, from the Crimean crisis of the 2014, the aforementioned former Soviet Republic has become a sort of "open-air laboratory" of the cyber. In fact, in the broader context of the "hybrid" conflict that is being fought in that region, one is in progress escalation di cyber attacks without exclusions of blows, which sometimes led the local population to experience on their skin what it means to come back to life in the eighteenth century. Specifically, an interesting article appeared on Wired a few months ago, offers the point of situation on what is happening in this country, dwelling on cyber attacks suffered by major power companies during the Christmas season of 2015 and 2016. In reality, the energy sector is not the only one to have been hit in Ukraine, in fact also i average, the Armed Forces, public and financial institutions have suffered damages, sometimes even serious ones. However, the attacks that caused i Blackout electricians are those that, more than any other, have had the heaviest repercussions on the population. But of this it transpires very little in the West. In fact, the Russian-Ukrainian crisis and the resulting conflict, still ongoing, are deliberately "censored" by our medium, and the aspects cyber of the ongoing comparison are no exception. Analysts and Experts of cyber security, instead, they try to study the Ukrainian case carefully, as it is almost unique for at least two reasons.
First point: the growing degree of sophistication of the attacks. The tactics used by the aggressors have changed over time and have become more and more daring for both the typology of targets hit (2015 small electrical substations and 2016 major sorting nodes) and for techniques used (a malware the first time and the combination of more sophisticated methods, the second one). Studying the 2016 Christmas Attack, in particular, security analysts found that a real cyber weapon, capable of causing significant physical damage to the technical infrastructure used for the distribution of electricity.
Second point: the campaign cyber Ukrainian was attributed to a group of hacker linked - in some way - to the Russian government. Specifically, local authorities aside, some independent private security companies claim to have incontrovertible evidence, not based only on the analysis of the source code of the malware, that behind i cyber attacks there is a team di hacker Russian, which operates following a precise strategy: the group Sandworms (the desert "vermons" of the famous film Fantasy, taken from the novel of the same name "Dunes"). In fact, the techniques used by this group are so refined, to be able to state with reasonable certainty that they have been developed drawing on resources that are normally available exclusively to government entities. The strategy also seems to be that of the "cat playing with the mouse": the attacks have been of increasing scope and gravity, however they have not yet caused irreversible damage as, fortunately, the loss of human lives or the destruction of power plants electric. Despite having the potential to bring the whole nation to its knees, those behind it Sandworms you look good from doing it and seems to want to launch two precise messages: "we can hit when we want" and "we can do it using cyber weapon ". Moreover, until recently it was believed that such cybernetic weapons were in possession of a very small group of nations, in which Russia did not appear, so the message can also be read in terms of "deterrence".
Finally,escalation of the attacks could also have the additional purpose of verifying where the "red line" is, that is, the point up to which you can push into the campaign cyber without risking sanctions or reprisals.
It is good to highlight that what is happening in the former Soviet republic casts a particularly sinister light on the growing alarm that is causing the activity of hacking Group DragonFly, that in recent months is affecting companies in the western energy sector (v.articolo). For now i hacker they are limited to entering into their networks and "probing" them, but everything suggests that their intentions are quite different.
The Ukrainian story, however, has its positive side: if, on the one hand, for groups like Sandworms it represents a sort of "polygon" in which to experiment with its techniques, and on the other it is an important opportunity to study the phenomenon and develop the appropriate countermeasures.
Two fundamental questions remain, far from being resolved: the total absence of a precise international legal framework that regulates the dimension cyber and the gigantic security flaws of the technology that supports it. Returning to Virilio's quote, it is true that by inventing the ship, shipwreck was also invented, but a "right of the sea" was also developed, based on a UN international convention. In short, who causes a shipwreck both for its negligence and intentionally, is punishable by law. This does not happen in the cyber space, for which there is neither one governance world or any international convention. If we add the fact that this dimension is based on a technology born at the end of the 60 years for military purposes, which subsequently developed in the academic field and that, finally, starting from the 90 years has expanded globally, mainly for commercial purposes, to involve billions of users of all ages, backgrounds, social background, educational level and as many devices smart, you can probably understand the enormity of the problem and the inadequacy with which you are facing it cyber security. Evidently, the "passing of deliveries" military-academy-companies, has not been guided adequately. The proof consists, for example, of the serious vulnerabilities of the protocols used on the Internet that are periodically discovered. The last "fallen" in order of time is the protocol used in the connection field wireless known as WAP2 (the WAP and its predecessor WEP have been abandoned for some time, because considered "insecure"). Fortunately, the security flaw was discovered in the laboratory by a group of researchers and not by hacker unscrupulous and device manufacturers wireless they are already running for cover. But will it be possible to update all the millions of devices scattered across the globe, often trusting in the good will and competence of the users? Even the fearsome captcha, the security methods used on the sites websites in order to establish whether there is actually a human being behind the keyboard and not one , could soon be placed in "early retirement". A recent study, in fact, has shown how artificial intelligence applied to techniques of hacking, makes it possible to render the aforementioned security measures ineffective.
The impression is that, although we are quick to repair all the "faults", the boat is tragically heading towards the shipwreck and that, of course, the "sharks" are taking full advantage of this situation. We hope it will not be so. Meanwhile, Christmas is now other doors and already you bet on another resounding cyber attack in Ukraine.
Sources:
https://www.wired.com/story/russian-hackers-attack-ukraine/amp
https://www.wired.com/story/russian-hacking-teams-infrastructure/amp
