Cyber Attacks: Implications for Current and Future Policy

Cyber Attacks: Implications for Current and Future Policy

Cyber attacks: Implications for current and future policy Introduction 2 Fancy Bear Group 2 Targets of the attack 3 International Republican Institute 3 The Hudson Institute 4 Description of the attacks 5 Reaction 8 Political consequences 9 Conclusion 11 References 12 1 Introduction Information networks are now everywhere But how are these attacks carried out? who and no field can escape it, especially not are the actors behind the scenes. What are politics. Increasingly often cyber-related the stakes involved and what enables these scandals are breaking out and the aim of attacks? To answer these questions, this case many of them is the destabilizing a country's study focuses on the group known as Fancy political life. The Estonian government in Bear and its attacks on the International 2007 [1], a French political party in 2017 or Republican Institute and the Hudson the German government in early 2019 [3]. Institute Think Tank in 2018. The case was These and many other countries have chosen because of its context and the suffered a cyber attack against their reactions of the actors involved. First section governments. Even the United States which of this case study discusses the Fancy Bear is considered the most powerful country in cybercriminal group. Next, the two targets the world, is an recurring victim of these of the attack are introduced and some of the type of cyber attacks. For example, the political context will be given before recent Russian interference in 2016 that explaining the actual attack in the third targeted the presidential elections had section. Finally, the reactions of various widespread, global publicity. [4] parties involved are analysed. Fancy Bear Group APT28, Pawn Storm, Sofacy Group, Among the most famous attacks by the STRONTIUM are some other known names group include attacks on NATO and the given to Fancy Bear hacker group. The White House in August 2015, using a variety of names alone speaks of the scale of zero-day exploit of java, spoofing the organization. In fact, This group of website[6]. An attack on the French hackers is linked to Russian military foreign TV5Monde television channel, taking intelligence (GRU) with high probability but control of the 12 television channels as well no irrefutable evidence of this link has been as Facebook and Twitter accounts [7]. As published. well as, the Democratic National Committee The group was founded in the mid-2000s hack in 2016 during the American elections and since then this group has been at the [8]. All these attacks are complex and can origin of numerous cyberattacks. These take several months to organize and execute. cyber attacks have had wide variety of Indeed, Fancy Bear is known to exploit targets and motives including for example zero-day vulnerabilities, spread malware and collecting information on journalists, senior spear phishing. That is why Fancy Bear is officials of the Orthodox Christian Church, classified as an APT, Advanced Persistent political opponents, governments and Threat, which is a type of stealth and companies [5]. continuous hacking, often orchestrated by 2 humans targeting a specific entity. These The intensification of attacks by this group kinds of attacks require a lot of resources, as well as other hacker groups such as Cozy resources that only states can afford, which Bear, also affiliated with the Russian state, supports suspicions of links with the suggests that the Russian authorities are no Russian government as well as the targets longer concerned with hidden advances and being aligned with Russian interests. are showing greater audacity. Targets of the attack As mentioned in the previous section, Fancy bear is an infamous group of cyber criminals. Their attack targets wary in range from small scale email leaks to serious attacks that are discussed in the news world wide [9]. In this report, the focus is on an attack on two organizations that are key facilities for the future of democracy, namely the international Republican institute and the Hudson institute think tanks [10]. This section describes the attack targets in detail. International Republican Institute International Republican institute (IRI) is an As the organization is a nonprofit, the organization that was established in April empowering of democracy starts with 1983. It is an nonprofit organization and volunteer experts from all over the world. despite its name being similar to an Example work includes improving electoral American political party, it is totally processes and querying public opinions as nonpartisan organization that does not really well as increasing women’s rights as well as take sides in politics. It’s true aim is to the overall political and democratic systems. improve democracy and freedom in the These actions are currently being done in 85 world. To achieve that, they work to create a countries around the world. [11] conversation channel between the governments and the people. They The exact reason why the organization was encourage politicians to listen to the citizens targeted by Fancy bear remain a mystery. and they encourage people to interact in the However, knowing that Fancy Bear has political decision making process. The russian connections and their repeated greater goal of doing this is to make attempts to try and shake the state of democracy flourish in countries where there democracies around the world, It would is no democracy, and share best practices seem that this was just another attempt to do between democracies that do flourish to just that, to shake the trust in the future of ensure efficient rule of the country and the democracy by gaining access to something longevity of current democracies. [11] confidential and scandalous and leaking it. 3 The Hudson Institute The Hudson institute was established in and culture. In addition, the ever improving 1961 by Herman Kahn. It is an organization technologies for example in health care, will that attempts to guide decisions makers in challenge the current way of thinking. The their preparation for the future. They try to aim of Hudson institute is to create encourage people to think outside of the strategies that result in controlled transitions box, outside of the conventional way of into these new ideas and technologies for thinking. New ways of thinking are vitally example in terms of law making. [12] important when managing step by step transitions to the future as the needs and Hudson institute is an American institute thoughts will not be what they are now in that operates both in America and globally. the future and there needs to be a controlled They organize publications, conferences, steps from here to the future. [2] policy briefings and various other recommendations to affect how government These steps are required in various fields. and other officials make decisions. [12] For example, Defense will continue to be an important political issue in the future as new The exact reason for the attack remains a ways to wage war are undoubtedly being mystery aside from gaining access to the developed. For example, first and second company’s credentials. Since Fancy Bear world wars involved physical machines, has Russian ties and they have attempted to while the next one might involve virtual affect governing of foreign countries in the warfare in the cyberspace. With the past, it might be reason enough that it was increased use of cyberspace it is important an important company for American to understand its effect on people and how to democracy. As American democracy is control the change for example when it being pushed to the limits under Donald comes to international relations, economics Trump’s presidency. Description of the attacks We now know the attackers, Fancy Bear, in order to gain access to confidential and the targets, the International Republican information. Institute and the Hudson Institute. Even if the reasons for this attack are unclear, the To steal credentials this, Fancy Bear used goal was to steal usernames and passwords social engineering. Social engineering 4 practices exploit the psychological, social victim will then enter his personal codes and broader organizational weaknesses of which will be retrieved by the person who individuals or organizations to obtain created the fake site, he will then have something fraudulently. For this attack, access to the victim's personal data and will fancy bear uses a method that the group is be able to steal and modify everything the familiar with, namely spear phishing. victim has on the said website. The attack Indeed, Fancy Bear has already carried out can also be carried out by e-mail or other this type of attack on at least 4 other targets electronic means. since 2014. Spear phishing [13] is a variant of phishing, Phishing consists of making the victim the distinction is made on the target. In believe that he is speaking to a trusted third phishing, victims are more or less random, party (bank, administration, etc.) to obtain everyone can be affected, while spear personal information: password, credit card phishing targets particular persons or number, number or photocopy of the company’s employees. To this end, the national identity card or date of birth. It is attack is more elaborate, cybercriminals will the most popular attack of the 21st century collect information on the victims to make and is not always easy to detect. Indeed, the attack as effective and efficient as most often, an exact copy of a website is possible. Spear phishing is a widely used made in order to make the victim believe tool in APT attacks targeting large that he is on the official website where he companies, banks, NGOs or governments. thought he or she was connecting to. The 5 Figure 1 : schema of “spear phishing” attack The spear phishing attacks are carried out attack, it seems that the group had enough according to the diagram in Figure 1, which information to know that the institutes are will be explained in parallel with how the using Microsoft Office 365.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    12 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us