8 Countries Accused Of Cyberwar Activities4:00 PM EST Fri. Nov. 09, 2012
Perhaps the most attractive aspect of cyberoperations is the ability to avoid, or at least defer, conventional battles involving explosions and blood. No doubt cyberattacks are much "cleaner" and, in most cases, far more difficult to prove. This list looks at some of the nations that may have used this capability against other countries. Each of these nations has been accused. And each of these nations has issued denials.
For a closer look at how safe we really are, see a preview of CRN's special report on cyberwar, available Monday exclusively on the CRN Tech News app.
With many command-and-control servers located within its borders, combined with repeated claims of intellectual property theft and a host of other security-related concerns, China is one of the countries most frequently associated with cyberthreats. China is widely believed to have already launched a series of attacks against the U.S., most recently penetrating a non-classified network at the White House, according to government authorities. It's also believed that China has conducted operations against Google and against Japan as part of the border issue over disputed islands.
An Iranian role in recent cyberattacks is almost universally accepted by the security community. After having undergone incoming attacks related to efforts to stop its purported nuclear program, Iranian retaliation is almost viewed as a given. It is typically believed that sources within Iran have been behind the recent string of attacks against U.S.-based banks, as well as the massive cyberattack against Aramco, a Saudi Arabian oil company the Tehran government believes is capitalizing on economic sanctions against Iran.
In early October, Tehran accused Israel of launching a cyberattack against its offshore drilling technologies. But the presumed role does not end there. Israel is also on the short list of countries believed to be responsible for an ongoing string of attacks against the Iranian nuclear program, which many countries believe to include weapons development. With intense political pressure against traditional military strikes, cyberattacks may have become a weapon-of-choice.
In early October, the Dutch Minister of Safety and Justice asked the nation's Parliament to pass a law enabling police to install malware on private computers, conduct remote searches on local and foreign computers, and even delete "illegal files." The political nicety of securing permission from foreign governments is recommended, but by no means mandatory. If such a measure became law, the Dutch police would be empowered to use many of the tools of cyberwar against foreign nationals as well as its own citizens.
Over the past two years, North Korea has been blamed for a series of cyberattacks, allegedly targeting the South Korean government, South Korean banks, and also the Inchon International Airport. It is widely believed that the unique politics of North Korea make the Pyongyang government favorably disposed to using cyberattacks as a substitute for conventional military actions.
Accused by India of waging a cyber-jihad, Pakistan is believed to be behind a series of Web-based rumors that triggered the mass exodus of thousands of ethnic minorities from the southern Indian city of Bangalore, fearing ethnic and religious-based attacks.
Last year, Russia was accused by U.S. intelligence officials of using computers to steal technology data from U.S. companies. But Russia's alleged connection to cyberattacks goes back much further. The country is also accused of being the source of an extensive DDoS attack that took down much of the Estonian communications capability in 2007. It's believed the attack was in retaliation for the removal of a Soviet military monument in Estonia's capital city.
Believed by many in the security community to be the ultimate creator of Stuxnet, and potentially other high-end cyberweapons, the U.S. is the other country on the short list for attacks on the Iranian nuclear centrifuges over the past few years. Reports suggest that the initiatives began under George W. Bush and then continued under Barack Obama as a means of avoiding conventional military conflict over the Iranian nuclear program. The U.S. is also believed to have launched a much earlier cyberattack against a Soviet pipeline operation.