Every Political Action Causes a Cyber Reaction


Just as Newton’s Third Law of motion states “for every action, there is an equal and opposite reaction” a similar notion can be applied to the recent news of financial organizations being hacked.

Just this week, it has been widely reported that Russian hackers were the source of attacks on JP Morgan and four other financial organizations. One can surmise that this was politically motivated by U.S. sanctions against the Russian government.  If you take a step back and look at the bigger picture, for every real world government action, there will be a cyber-reaction. This is the latest example of this trend and isn’t just a problem for Washington. We’ve seen this around the world.

More than ever, our world seems wrought in strife and civil discontent:

Nation-State Oriented:

  • Israel / Gaza
  • Ukraine/Russia
  • Syria (internal)
  • Iraq (internal)
  • Afghanistan (internal)
  • Egypt (internal)
  • Libya (internal)
  • Somalia (internal)
  • India / Pakistan
  • Sudan (internal)
  • China / Japan (South China Sea)

Event-Oriented:

  • World Cup
  • Ukraine Presidential Elections
  • Ferguson, Missouri / Michael Brown Shooting Conflict

What these events all have in common is that each conflict has included cyber-attack weapons and attacks. In other words, as mankind physically struggles with each other, there has been new outgrowth with corollary cyber techniques. Here are three examples:

World Cup

  • Real World Action: The Brazilian government spends billions on creating new stadiums and enhancing infrastructure in preparation of the estimated 500,000 soccer fans who travelled to Brazil this past June for the World Cup.
  • Tension Creating Issue: As thousands of native Brazilians lived in poverty, tensions began to rise about the government spending on this sporting event while turning a blind eye to the need for schools, hospitals and addressing social economic issues.
  • Cyber Reaction: The hacktivist group, Anonymous creates #OpWorldCup and #OpHackingCup to target not only the Brazilian government, but companies that sponsored the event.  Major consumer brands such as Adidas, Budweiser, Coca-Cola and Emirates Airline were also targeted due to their involvement with this major sporting event.

Ukraine Elections

  • Real World Action: Ukraine holds its Presidential Elections to elect a new president just three months after the previous president, Viktor Yanukovych was ousted in a coup.   
  • Tension Creating Issue: President Yanukovych caused anger with many Ukrainians by refusing to take needed steps to bring the country closer to the European Union. This evolved into protests that escalated into the demand for a better government.
  • Cyber Reaction: This past May, a group of pro-Russian hackers called “CyberBerkut” infiltrated the computers of Ukraine’s Central Election Commission deleting key files and installed malicious software.  Had this nefarious software remain undetected, it would have shown an incorrect winner of the presidential election, essentially putting a person in power who in actuality, received 1% of national votes.

Ferguson, Missouri

  • Real World Action: In the St. Louis suburb of Ferguson, MO, a police officer shot and killed an unarmed teenager during an altercation.
  • Tension Creating Issue: With circumstances of the shooting highly disputed between two sides, massive protests and civil unrest prompting Missouri’s governor to mobilize State Police and the National Guard in Ferguson. This shooting has prompted citizens in major cities throughout the U.S. to start peaceful marches in their own city streets.  
  • Cyber Reaction: Hacktivist group Anonymous crashed the city’s web servers which forced city officials to communicate by text and even urged citizens of Ferguson, Mo., to confront the police in the streets.

So, what’s the lesson to be learned here?

  1. Recognize that when strife hits – – so will a cyber-attack.
  2. Cyber-attacks will increase your costs and complications of some of the world’s oldest conflicts
  3. Due to association with a cause, an organization is much more likely to be drawn into a conflict, then not
  4. Immediate and direct actions are needed BEFORE an attack in order to successful navigate the risks

The events above are neither a definitive list nor are they ranked in any particular way.  This post is merely a very short compilation of some of the most covered, politically-motivated cyber-attacks that I’ve seen this year. While companies and institutions cannot predict how these political actions will impact their organizations, this shows the importance of having staff trained on the latest cyber-security risks, as well as participation in information-sharing organizations that can turn threats into actionable intel. In light of this recent attack on the financial community, it is recommend that all financial services companies exercise extreme care with their security postures over the near term. I welcome you all to leave your thoughts in the comments below about other events I may not have included.

Carl Herberger

Carl is an IT security expert and responsible for Radware’s global security practice. With over a decade of experience, he began his career working at the Pentagon evaluating computer security events affecting daily Air Force operations. Carl also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense. Carl writes about network security strategy, trends, and implementation.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center