Купить СНПЧ А7 Архангельск, оперативня доставка

crosscheckdeposited

State-sponsored cyber-offences

DOI: http://dx.doi.org/10.21544/1809-3191/regn.v22n2p261-290

https://www.egn.mar.mil.br/arquivos/revistaEgn/index.html 

downloadpdf

Marcelo A. O. Malagutti1

 

Abstract: In the post-industrial societies, computers are ubiquitous and pervasive. Besides, they are interconnected. As these characteristics give unprecedented productivity, they also present risks never faced before. Cyber offences pose the threat of powerful nations, both in the military and economic dimensions, being confronted by much weaker states, or even proto-states or terrorist groups. At the same time, cyber superpowers have the ability of remotely and surreptitiously coerce opponents without deploying troops in the field. This paper outlines the threats posed by state-sponsored cyber-offences and analyzes their characteristics, describing their applications in the light of some traditional military concepts, and also their motivations, the nature of their operations, the warriors and the weapons used.

Key words: Cyber. Offences. Power Projection. Area Denial. Software Power.

 

Resumo: Nas sociedades pós-industriais computadores são ubíquitos e pervasivos. Adicionalmente, são interconectados. Enquanto essas características atribuem produtividade sem precedentes, elas também apresentam riscos nunca antes enfrentados. Ofensas cibernéticas introduzem a ameaça de que nações poderosas, tanto na expressão militar quanto naquela econômica, sejam confrontadas por estados muito mais fracos, ou ainda por protoestados ou grupos terroristas. Ao mesmo tempo, superpotências cibernéticas desenvolvem a habilidade de remota e subrepticiamente coagir oponentes sem a necessidade de empregar tropas no teatro de operações tradicional. Este artigo delineia as ameaças postas por ofensas cibernéticas patrocinadas por estados e analisa suas características, descrevendo suas aplicações à luz de alguns conceitos militares tradicionais, bem como suas motivações, a natureza de suas operações, dos guerreiros e das armas usadas.

Palavras-chave: Ciberespaço. Ofensas. Projeção de poder. Negação de área. Software Power.

 

 

1 Master in Arts in War Studies candidate at the Department of War Studies of King’s College London, London, United Kingdom. E-mail: marcelomalagutti@yahoo.com.br.

 

Literatura Citada

ADAMS, J. Virtual Defense. Foreign Affairs, v. 80, n. 3, p. 98, 2001.

ARENG, Liina. Lilliputian states in digital affairs and cyber security. Tallin: CCDCOE, 2014. Tallin Paper, n.4. Disponível em: <https://ccdcoe.org/sites/ default/files/multimedia/pdf/TP_04.pdf>. Acesso em: 16 fev. 2016.

ARQUILLA, John; RONFELDT, D. Cyberwar is coming! Comparative Strategy, v. 12, n. 2, p. 141–165, 1993.

ARQUILLA, John. From blitzkrieg to bitskrieg: the military encounter with computers. Communications of the ACM, v. 54, n. 10, p. 58-65, Oct. 2011.

ASSANTE, M. J.; LEE, R. M. The industrial control system cyber kill chain. [s.l.]: SANS Institute Reading Room, Oct. 2015. Disponível em: <https:// www.sans.org/reading-room/whitepapers/ICS/industrial-control-system- -cyber-kill-chain-36297>. Acesso em: 7 jun. 2016.

AUSTIN, G. Middle powers and cyber-enabled warfare: the imperative of collective security. In: ASIAN SECURITY CONFERENCE - SECURING CYBERSPACE: ASIAN AND INTERNATIONAL PERSPECTIVES, 18., 2016, New Delhi. Anais... New Delhi: IDSA, Feb. 2016a

______. Strategic culture and cyberspace: Cyber militias in peacetime?. The Diplomat Magazine, Tokyo, 12 Feb. 2016b. Disponível em: <http://thediplomat. com/2016/02/strategic-culture-and-cyberspace-cyber-militias-in- -peacetime/>. Acesso em: 16 fev. 2016.

BANACH, W. Investigative report on the U.S. National security issues posed by Chinese telecommunications companies Huawei and ZTE. Washington: U.S. House of Representatives, 8 Oct. 2012. Disponível em: <https://intelligence. house.gov/sites/intelligence.house.gov/files/documents/Huawei- -ZTE%20Investigative%20Report%20(FINAL).pdf>. Acesso em: 12 jun. 2016.

BETZ, D.; STEVENS, T. Cyberspace and the state: towards a strategy for cyber-power. London, U.K: Routledge for the International Institute for Strategic Studies (IISS), 2011.

BRODIE, B. The anatomy of deterrence. World Politics, v. 11, n. 02, p. 173–191, jan. 1959.

BUCHANAN, B. The Cybersecurity dilemma: Hacking, trust and fear between nations. United Kingdom: C Hurst & Co Publishers, 2017.

CAMPBELL, D. Development of Surveillance Technology and Risk of Abuse of Economic Information Part 2/5. Brussels: European Parliament, 1999. Disponível em: <http://www.europarl.europa.eu/RegData/etudes/etudes/join/1999/168184/DG-4-JOIN_ET(1999)168184_EN.pdf>. Acesso em: 26 set. 2016.

CILLUFFO, F.; CARDASH, S.; SALMOIRAGHI, G. A blueprint for cyber deterrence: building stability through strenght. Military and Strategic Affairs, v. 4, n. 3, p. 3–23, 2012.

CLARKE, R. A.; KNAKE, R. K. Cyber war: the next threat to national security and what to do about it. New York: HarperCollins Publishers, 2010.

DAVIS, P. Deterrence, influence, cyber attack and cyberwar. International Law and Politics, v. 47, n. 327, p. 327–355, 2015.

DENNING, D. Rethinking the cyber domain and deterrence. Joint Forces Quarterly, v. 77, n. 2nd Quarter, p. 8–15, 2015.

EQUIPMENT interference code of practice: pursuant to section 71 of the regulation of Investigatory powers act 2000. London: TSO, 28 Jan. 2016. Disponível em: <https://www.gov.uk/government/uploads/system/uploads/ attachment_data/file/496069/53693_CoP_Equipment_Interference_Accessible. pdf>. Acesso em: 6 jun. 2016.

ESTADOS UNIDOS. Department of Homeland Security. A roadmap for cybersecurity research. Washington: US Department of Homeland Security, Nov. 2009. Disponível em: <https://www.dhs.gov/sites/default/files/ publications/CSD-DHS-Cybersecurity-Roadmap.pdf>. Acesso em: 8 dez. 2016.

ESTADOS UNIDOS. Joint Chiefs of Staff. JP 3-12 (R) cyberspace operations. Washington: Joint Chiefs of Staff, 2013. Disponível em: <http://www.dtic. mil/doctrine/new_pubs/jp3_12R.pdf>. Acesso em: 16 fev. 2016.

ESTADOS UNIDOS. White House. Presidential Policy Directive/PPD-20. Oct. 2012. Disponível em: <https://fas.org/irp/offdocs/ppd/ppd-20.pdf>. Acesso em: 14 fev. 2016.

FALLIERE, N.; O MURCHU, L.; CHIEN, E. W32.Stuxnet Dossier. [s.l.]: Symantec, Feb. 2011. Version 1.4. Disponível em: <https://www.symantec. com/content/en/us/enterprise/media/security_response/whitepapers/ w32_stuxnet_dossier.pdf>. Acesso em: 7 dez. 2015.

FREEDMAN, L. Strategy: a history. United States: Oxford University Press, 2015.

GCHQ certifies six more masters’ degrees in Cyber security. GCHQ, 23 May 2016.

GERMAN intelligence services ‘alarmed’ about potential Russian interference in elections. DW.COM, Deutsche Welle, 16 nov. 2016. Disponível em: <http://www.dw.com/en/german-intelligence-services-alarmed- -about-potential-russian-interference-in-elections/a-36413582>. Acesso em: 17 nov. 2016.

GOVCERT.CH. APT case RUAG: technical report. [s.l.]: MELANI, 23 May 2016. Disponível em: <https://www.melani.admin.ch/dam/melani/it/ dokumente/2016/technical%20report%20ruag.pdf.download.pdf/Report_ Ruag-Espionage-Case.pdf>. Acesso em: 6 jun. 2016.

GREENWALD, G. No place to hide: Edward Snowden, the NSA and the surveillance state. United Kingdom: Hamish Hamilton, 2014.

HARE, F. The significance of attribution to cyberspace coercion: a political perspective. INTERNATIONAL CONFERENCE ON CYBER CONFLICT (CYCON), 4., 2012. Anais... Tallin: IEEE, 5 jun. 2012.

HARRIS, S. @War: the rise of the military-internet complex. United States: Eamon Dolan/Houghton Mifflin Harcourt, 2014.
HIMR Data Mining Research Problem Book. [s.l.]: GCHQ, 20 Sept. 2011. Disponível em: <https://fveydocs.org/document/hmr-data-mining/>. Acesso em: 3 mar. 2016.

HUTCHINS, E. M.; CLOPPERT, M. J.; AMIN, R. M. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Bethesda: Lockheed Martin Corporation, 2010. Disponível em: <http://www.lockheedmartin.com/content/dam/lockheed/data/ corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf>. Acesso em: 26 nov. 2015.

KEDMEY, D. Report: NSA authorized to spy on 193 countries. Time, 1 July. 2014.

KHANDELWAL, S. U.S. Supreme court allows the FBI to hack any computer in the world. The Hacker News, 28 Apr. 2016.

KISSINGER, H. World order. United States: Penguin Group (USA), 2014.

KOPP, C. The four strategies of information warfare and their applications. bIO Journal, v. 1, n. 4, p. 28–33, Feb. 2010.

KREVER, M.; SMITH-SPARK, L. Lavrov denies Russian influence over US election. CNN, 12 Oct. 2016.

LANGNER, R. Cracking Stuxnet, a 21st-century cyber weapon. TED Talks, 29 Mar. 2011. Disponível em: <https://www.ted.com/talks/ralph_langner_ cracking_stuxnet_a_21st_century_cyberweapon?language=en>. Acesso em: 12 set. 2015

LIBICKI, M. Cyberdeterrence and Cyberwar. Santa Monica, CA: Rand Corp, 2009.

______. Cyberspace is not a Warfighting Domain. I/S: A Journal of Law and Policy for the Information Society, v. 8, n. 2, p. 321–336, 2012.

______. Pulling Punches in Cyberspace. In: National Research Council (U.S.). Committee on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy. Proceedings of a workshop on deterring cyberattacks, Washington, D.C: National Academies Press, 2010. p. 123–147.

LIFF, A. P. Cyberwar: a new “absolute weapon”? the proliferation of cyberwarfare capabilities and interstate war. Journal of Strategic Studies, v. 35, n. 3, p. 401–428, June. 2012.

LORD, Kristin M.; SHARP, Travis (Ed.). America’s Cyber Future: Security and Prosperity in the Information Age. Washington, D.C: CNAS, June, 2011. v. 1. Disponível em: <http://www.cnas.org/sites/default/files/publications- -pdf/CNAS_Cyber_Volume%20II_2.pdf>. Acesso em: 2 fev. 2016.

LYNN, W. Defending a New Domain: The Pentagon’s Cyberstrategy. Foreign Affairs, v. 89, n. 5, Sept. 2010.

MALAGUTTI, M. Cybersecurity in pratice (part.I): software power. Strife Blog, 2 Nov. 2016a. Disponível em: <http://www.strifeblog. org/2016/11/02/cybersecurity-in-practice-part-i-software-power/>. Acesso em: 2 nov. 2016.

______. O papel da dissuasão no tocante a ofensas cibernéticas. Doutrina Militar Terrestre em Revista, v. 9, p. 18–27, July 2016b.

MEARSHEIMER, J. J. The gathering storm: China’s challenge to US power in Asia. The Chinese Journal of International Politics, v. 3, n. 4, p. 381–396, 1 Dec. 2010.

MORGAN, P. M. Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm. In: National Research Council (U.S.). Committee on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy. Proceedings of a workshop on deterring cyberattacks. Washington, D.C: National Academies Press, 2010. p. 55 – 76.

MURDOCK, J. Cyber-espionage: norway’s intelligence chief accuses china of stealing military secrets. Technology, 1 Mar. 2016.

NYE, Joseph. Cyber war and peace. Project Syndicate, 10 Apr. 2012. Disponível em: <http://www.project-syndicate.org/commentary/cyber-war- -and-peace>. Acesso em: 9 jan. 2016.

OMAND, David. Understanding digital intelligence and the norms that might govern it. Centre for International Governance Innovation and Chatham House, Canada, Mar. 2015. Paper Series, n. 8. Disponível em: <https:// www.cigionline.org/sites/default/files/gcig_paper_no8.pdf>. Acesso em: 10 mar. 2016.

OPERATIONAL case for bulk powers. GOV.UK, mar. 2016. Disponível em: <https://www.gov.uk/government/uploads/system/uploads/attachment_ data/file/504187/Operational_Case_for_Bulk_Powers.pdf>. Acesso em: 3 mar. 2016.

OUR history. GCHQ, [201-?]. Disponível em: <http://www.gchq.gov.uk/ history/Pages/index.aspx>. Acesso em: 10 mar. 2016.

PALETTA, D. U.S. Blames Russia for recent hacks. The Wall Street Journal, 7 Oct. 2016.

PERLROTH, N.; CORKERY, M. North Korea linked to digital attacks on global banks. The New York Times, 27 May 2016.

RID, T. Cyber war will not take place. Journal of Strategic Studies, v. 35, n. 1, p. 5–32, Feb. 2012.

RID, T.; BUCHANAN, B. Attributing Cyber attacks. Journal of Strategic Studies, v. 38, n. 1-2, p. 4–37, 23 Dec. 2014.

RID, T.; MCBURNEY, P. Cyber-Weapons. The RUSI Journal, v. 157, n. 1, p. 6–13, Feb. 2012.

RUMSFELD, D. H. Transforming the military. Foreign Affairs, v. 81, n. 3, p. 20, 2002.

RUSSELL, A. Strategic anti-access/area denial in cyberspace. In: INTERNATIONAL CONFERENCE ON CYBER CONFLICT: ARCHITECTURES IN CYBERSPACE, 7., 2015. Anais... Tallinn: NATO/CCDCOE, 2015. Disponível em: <https://ccdcoe.org/cycon/2015/proceedings/11_russell.pdf>. Acesso em: 8 jun. 2016.

SANGER, D. E. Obama ordered wave of Cyberattacks against Iran. Middle East, 1 June. 2012.

SANGER, D. E.; MAZZETTI, M. U.S. Had Cyberattack Plan if Iran Nuclear Dispute Led to Conflict. Middle East, 17 Feb. 2016.

SCHNEIER, B. Computer network exploitation vs. computer network attack. Schneier on Security, 10 Mar. 2014. Disponível em: <https://www. schneier.com/blog/archives/2014/03/computer_networ.html>. Acesso em: 28 nov. 2015

SHALAL, A. U.S. National guard may join cyber offense against Islamic state: Carter. Reuters, 6 Mar. 2016.

SHARMA, A. Cyber wars: A paradigm shift from means to ends. Strategic Analysis, v. 34, n. 1, p. 62–73, 5 Feb. 2010.

SINGH, S. The code book: the science of secrecy from ancient Egypt to quantum Cryptography. United States: Knopf Doubleday Publishing Group, 2000.

STOLL, C. The cuckoo’s egg: tracking a spy through a maze of computer espionage. London: The Bodley Head, London, 1990.

STONE, J. Cyber war will take place! Journal of Strategic Studies, v. 36, n. 1, p. 101–108, Feb. 2013.

______. Technology and war: a trinitarian analysis. Defense & Security Analysis, v. 23, n. 1, p. 27–40, Mar. 2007.

SWIRE, P. US surveillance law, safe harbor, and reforms since 2013. [s.l: s.n.]. 2015. Disponível em: <https://fpf.org/wp-content/uploads/2015/12/White- -Paper-Swire-US-EU-Surveillance.pdf>. Acesso em: 3 mar. 2016.

WAGSTYL, S. German security head warns of election interference from Russia. Financial Times, 16 Nov. 2016b.

______. Germany points finger at Kremlin for cyber attack on the Bundestag. Financial Times, 13 May 2016a.

YADRON, D. Supreme court grants FBI massive expansion of powers to hack computers. The Guardian, 3 May 2016.

ZETTER, K. Everything We Know About Ukraine’s Power Plant Hack. WIRED, 20 Jan. 2016.

______. How digital detectives deciphered stuxnet, the most menacing malware in history. WIRED, 11 July 2011.

______. Secret code found in juniper’s firewalls shows risk of government backdoors. WIRED, 18 Dec. 2015.