Cyberespionage & Weaponized Social Media

Cyberwarfare: what is it exactly?

Cyberwarfare is war 2.0. Instead of wasting a lot of time and resources into trying to bring down an entire country, you just need to take advantage of everything the internet and information technology brought us to cause some chaos and profit from it. And if you know how to do it well, then you won’t even get any kind of retaliation.

The thing is, because cyberwarfare is such a new concept, sometimes it is hard to figure what exactly it is. Cyberwarfare is not mere hacking and hacktivism, like Anonymous does. It is the internet being weaponized, along with the employment of militarized hackers and crackers following someone’s orders.

Let’s talk a bit about how it all works.

Leave no trace

Cyber attacks such as invading and disrupting systems or stealing information commonly leave behind the invader’s IP address. It is always logged somewhere on the server. Even though ISPs commonly use dynamic IP addresses (that is, they change with time), you can at least find out the person’s country of origin from it.

However, there are many ways to hide someone’s IP, which are already commonly used by hackers and also by common internet users too.

The crude, older way is by using proxies: remote servers which act as a “middle man” between the user and the server that user is looking for. Because of this, the IP that the end server receives is actually the proxy’s IP.

The most modern way however is by using Virtual Private Networks (VPNs). They act similarly to proxies, but commonly feature some added benefits such as higher anonymity and data streams protected by cryptography.

If the objective is to make a server go down, that is even easier: Distributed Denial of Service (DDoS) attacks commonly involve thousands of random devices throughout the world which were infected with malware, and then act without the theirs owner’s knowledge.

Cyberespionage

The most useful part of cyberwarfare is definitely cyberespionage. With the usual espionage, you have great risks of being traced, because you need agents in place to obtain information for you. They can be either one of your agents, or a foreign person that is hired to do that stuff. Obviously, your own agents are more at risk of being exposed, while the foreign ones are more at risk of exposing you.

With cyber attacks, however, tracing is much more difficult. You can land keyloggers, spyware and other kinds of malware into many different computers anywhere you want. You can hack straight into databases while hidden behind layers of proxies and VPNs and get exactly what you want. It can be a bit harder to pull off, but the risks are lower and the reward is greater.

This way, you can steal information from various government agencies, companies and individuals. Not even rigid, high-tech security systems may avoid these kinds of attacks. If you’ve watched “Mr. Robot”, you know what this is about.

Weaponized social media

The most covert type of cyberwarfare, and sometimes the most effective, is taking advantage of social media’s (and the internet’s) anonymity in order to spread propaganda and fake news, and feign mass support for those pieces of information.

This is psychological warfare at its finest, and is able to swing the opinions of anyone, as long as whoever is coordinating it manages to make their information agree with their target audience’s current beliefs. Its effects can range from causing discord among politicians to swinging entire elections.

This works by creating a huge amount of pages and websites with different styles delivering about the same content, while another even greater amount of automated profiles interact with it on a daily basis. The sudden popularity will make those websites and pages more likely to appear to the human users, who may be intrigued by such popularity and look into it.

Although social media content policing is something rather controversial, it seems to be the only measure at this time which can curb these kinds of attacks, as they can quickly become a matter of internal security. Over time better measures may and will have to be created, as it seems that this new kind of warfare is here to stay.