• Home
  • /
  • Security
  • /
  • Concerns raised over geopolitical cyber warfare

Concerns raised over geopolitical cyber warfare

Joanne Carew
By Joanne Carew, ITWeb Cape-based contributor.
Johannesburg, 29 May 2024
Victoria Baines,  professor of information technology at Gresham College London.
Victoria Baines, professor of information technology at Gresham College London.

The individual decisions we make when it comes to cybersecurity – both personally and professionally – can have far reaching geopolitical implications. This is according to Victoria Baines, professor of IT at Gresham College, London, who was speaking at the ITWeb Security Summit in Cape Town, on Tuesday.

With this sentiment in mind, Baines asked the audience if they felt that popular platforms like WhatsApp and TikTok could be considered national security threats or instruments for cyber warfare.

“I would argue that the answer to this question very much depends on your perspective,” she said.

“I would also argue that what we in our industry have traditionally conceived of as cyber threats is becoming a lot broader.”

During her address, Baines unpacked various examples of how different nation states – from China and Iran to Russia and North Korea – are actively involved in and sponsoring cyber activity, from misinformation campaigns, election interference and attacks on critical infrastructure to the stealing of state secrets.

For example, she said, a sizable proportion of the North Korean GDP is funded by cyber activity and this money is used to pay for the country’s nuclear weapons programme, adding that anyone who decides to pay a ransomware attack ransom must consider that they could be funding a rogue state’s development of nuclear arms.

For many years, nation state affiliated groups have been targeting power grids and other critical infrastructure, she said. But more recently there has been an increase what she terms “blended” or “hybrid attacks”. Ahead of the Ukraine invasion, it’s believed that state-sponsored actors were involved in attempts to take out the country’s telecoms infrastructure.

Another example of this is the rise in supply chain attacks. With many organisations outsourcing some element of their IT, such as cloud storage, it’s perhaps unsurprising that cyber actors are targeting supply chain vulnerabilities.

Hackers are increasingly capitalising on emerging technology innovations like artificial intelligence (AI) to make their efforts more sophisticated and believable. Baines showed the audience a deep fake video of Ukrainian president Volodymyr Zelenskyy telling his citizens to surrender and announcing that he is standing down as president. She added that the plausibility and quality of such deep fake technology is constantly improving making it much harder to spot. The creators of such tools will put safeguards in place but these aren’t always as effective as they should be.

“While one of the restrictions that has been put in place with ChatGPT is that you can’t use the platform to write malware, this doesn’t stop people from repurposing large language models so that you can, in fact, write malware,” she said.

WormGPT is an example of a generative AI tool that cybercriminals regularly use to write more effective phishing emails. In the past, phishing emails often included poor grammar and spelling, but now these emails are being written by smart and sophisticated large language models, making such errors a lot less common.

All of this means that digital warfare is happening online every single day, suggested Baines.

She cited the IT Army of Ukraine, a cyberwarfare channel with around 250 000 volunteers from across the globe, who are conducting cyberattacks against Russian targets.

“For me, this represents the new face of hacktivism; with a quarter of a million people actively attacking specific state targets because they believe that what they are doing is championing a just cause.”

To find some common ground, all governments that belong to the United Nations are working together to develop a Cybercrime Treaty that seeks a balance between security and human rights. But the governments are unable to reach agreement about how to police cyberspace. Some want the treaty to focus on responsible government behaviour, others want it to be about law enforcement and bringing people to justice, while others think the treaty should detail what governments can do to manipulate and control the flow of information.

If anything, all of this showcases that technology can no longer be considered ‘neutral’, said Baines, we need to think about technology as a weapon and one that is only going to get increasingly powerful.