Speaking at International Cyber Expo, Philip Ingram shared that the concept of “cyber war” is nothing new. He cites World War One as one of the earliest notable examples—in which the United Kingdom cut Germany’s transatlantic cables. This action forced the German High Command to switch its communication line to a different cable, which the United Kingdom was listening in to, taking advantage of this rerouting in order to intercept the Zimmerman Telegram, and ultimately decoding Germany’s messages. This is a prime example of the now all too common Distributed Denial of Service attack, otherwise known as DDoS.
Although DDoS has its benefits, it can be just as well used for more nefarious activities. Even so, the motives behind a malicious DDoS attack are not always clear from an outsider’s perspective. Ingram notes:
“What we don’t look at very often is the WHY the countries are doing it. Who are they targeting, and therefore understanding that WHY will give us an opportunity to understand whether we could be a target for some of these organisations… Whether directly to have an effect on us, or whether indirectly to try and get a stepping stone to somewhere else.”
But based on previous experiences, inferences can be drawn in order to postulate ideas on the reasoning behind more recent attacks, as well as the motives behind strategic movements such as misinformation and the causation of political unrest. Take Russia, for instance. As Ingram discusses in his interview, while Russia is interested in economic information, it most prioritises details pertaining to the political and military fields. Other countries adopt different stances—with China maintaining, as Ingram phrases it, “a wary eye on the effectiveness of a combat effect is going to have an economic impact on China itself”. Rather, China cautiously takes note of other countries’ movements, meaning that it doesn’t need to invest huge sums of money in developing their own technologies or products—as it is more efficient for them to steal designs or plans from other countries, one of which is named by Ingram as the United Kingdom.
“So… when it comes to [China] getting so many markets, [it means] something is going to be a lot cheaper and a lot faster, without all the checks and balances, and everything else that we do. And that is happening with technology, it’s happening with drugs, [and] it’s happening with your other engineering [and] manufacturing.”
Shifting his focus to North Korea, Ingram asks how a country that strives to prevent its people from using the internet or having access to any sort of modern technology is capable of “[producing] so many highly qualified computer engineers that can set up massive cyber threats for the rest of the world.” Yet despite the fact that North Korea is considered to be one of the United Kingdom’s most dangerous cyber-adversaries due to its force of skilled engineers, it only has two internet pipelines—one supplied by China, and the other from Russia. This means that, should either China or Russia decide to execute a DDoS attack, they have plausible deniability, often blaming it on North Korea —opening up the floor for international cyber-attacks.
In light of the war—and thus, the resulting tensions—between Russia and Ukraine, Ukraine has been repeatedly subjected to Russian-initiated disinformation campaigns since 2003. Furthermore, even with a significant time window spanning several years, Ukraine hasn’t been able to create cyber defences strong enough to fend off the countless attacks Russia sends its way. But these cyber-attacks aren’t restricted to just the realm of computers and servers in a lab. Rather, they bear influence on the battlefield, corralling Ukraine into a disadvantage in its conflict against Russia—with methods including interception of data, as was initially done with the Zimmerman Telegram, as well as signal jamming and, again, a denial of service, intended to inhibit, if not outright block, communication between Ukrainian forces.
However, for the time being at least, this is the extent to which it is possible to harness technology as a mode of attack against other countries across the world—for Ingram doesn’t believe that we are yet at the stage at which countries can declare a full-fledged cyberwar against one another. In fact, Ingram argues that “there is no such thing as cyber war [because] we are not going to find a complete conflict in the cyber domain.” Rather, these cyber-attacks are just another method of attack, similar to launching ammunition or mobilising a country’s standing forces. Even so, according to Jens Stoltenberg—who is currently serving as the Secretary General of NATO—it is possible to deem cyber-attacks as an Article Five issue given certain circumstances, which means that, should a country attack another country within the NATO sphere, this attack will be interpreted as an attack on all other countries under NATO, and these countries will react accordingly. United, the countries under NATO bear an immense force that Vladimir Putin doesn’t wish to have directed towards Russia.
To provide further context on the threats that may lie within the digital world, one can turn to the mobile game Pokémon Go. Though it is really just a harmless game intended to pass the time—in which players must catch monster characters and advance through the game by manoeuvring throughout their real world surroundings—it does use location services, meaning that the information about where users currently are, as well as what areas they frequent, is being processed and uploaded online in real-time, which may put them at risk should the data be threatened, especially since many of these accounts are connected to personal data or are possessed by minors. Ingram finds this to be a concern because, when one examines the game’s terms and conditions, they find that, Pokemon Go “[allows] the app to access absolutely everything in your device, your emails, your SMS messages, your WhatsApp messages, your photographs, every bit of data and every other app that was in there.”
The creator of Pokémon Go, John Hanke, has a breadth of projects under his belt, one example being the company dubbed Keyhole. This particular name choice takes on an interesting connotation when one takes into account that, as Ingram says, “[Keyhole] is the code word for the top-secret spy satellites that the Americans put up into space in 1950s… [and Keyhole is] the front company of the CIA and US intelligence… So [because] we’ve got Keyhole, [and] we’ve got CIA funding, this makes for a concerning trend.” In other words, because of how intricately the CIA, US intelligence, and user’s personal data and geographical activities are intertwined as a result of this game, Pokémon Go users should be especially mindful of how they use the app. That isn’t to say, however, that Pokémon Go is a dangerous app, nor is it to say that anyone on the development team is at fault for endangering users. Rather, users should go about the game with caution, should they choose to play it.
Lastly, in his closing remarks, Ingram says:
“There’ll be a lot that we don’t know about, and one of the future [goals]… is to start talking about what will happen in the metaverse… and everything [that’s] coming in there. And that gives a completely new environment to start exploiting people to connect the virtual world into the physical world. And these intelligence agencies in particular in China are looking at it now. Are we from a defence perspective?”