Creeping cyberattacks are the ones to fear

The three most important initials in the world of information are C, I and A. Not for the Central Intelligence Agency, whose abilities in both collecting and managing information are both legendary and overrated, but for confidentiality, integrity and availability.

We spend a lot of time worrying, quite rightly, about the first of these. Our medical data, financial records and log-in credentials are all vulnerable to theft and exploitation, chiefly by criminals. We need to be thriftier in providing immutable personal data (you will never get another mother’s maiden name, fingerprint or date of birth). And we should hold custodians of our details to much higher standards, especially in encrypting databases properly, and notifying us promptly when things go wrong.

Events are also making us a lot more conscious of the importance of the third element: availability. Access to information was the target of the WannaCry ransomware attack last month.

The attackers did not steal or tamper with their victims’ data. They just temporarily scrambled it, in the hope of extorting a ransom.

It was the same story at British Airways. As the carrier’s long-suffering customers discovered last month, the prompt availability of electronic data is crucial to the proper functioning of complex systems, such as an international airline. Only a few years ago, it was possible to replace a malfunctioning database with pen and paper, and its calculations with slide rules or log tables. Not any more.

BA’s mishap was the result of incompetence, not an attack. And it did not involve any breach of confidentiality. But the simple unavailability of its data was enough to cause chaos — and land the company’s shareholders with a dented brand and a whopping bill.

But the biggest worry should be the middle element: integrity. This week customers of the Bank of the Philippine Islands, one of that country’s biggest banks, have experienced the vulnerability of our financial systems. An unexplained “glitch” in the bank’s computer systems drained some accounts and sprayed money into others. One lucky customer found she had more than a billion pesos (more than £15 million) in her account — wisely, she hasn’t spent it.

BPI has repeatedly insisted this week that nothing sinister is afoot and that its systems will be up and running shortly. Meanwhile, it has suspended internet banking and closed its ATMs.

What worries our cybersecurity experts now is less a sudden attack on a bank but a creeping one. If an attacker gets into a network and starts with tiny, subtle changes that slowly corrupt all the data on the system, then returning to normal becomes a lot harder. BPI can simply wind the clock back to the account balances at the start of this week. Customers will be inconvenienced, but life will go on. What would happen if every transaction for the past three weeks — or months, or years — is suspect?

Distorting data is also a powerful tool in politics. According to the Washington Post, a fake document planted by Russian intelligence prompted James Comey, the then FBI director, to make a public statement about Hillary Clinton’s mishandled emails,. His intervention fatally stalled the Democratic candidate’s campaign just as Donald Trump was looking wobbly. The document purportedly showed that the then attorney general, Loretta Lynch, had promised to obstruct, if necessary, an investigation into Mrs Clinton’s email server.

The oddest thing about this is that Mr Comey knew that the information was fake. But he acted on it anyway, apparently fearing that the document would leak and be believed by the public — leaving him exposed to criticism of collusion with the administration.

Previous worries about Russian attacks on our political systems focused on confidentiality: stealing emails or bugging conversations, and then leaking this private information to create a sense of scandal. However, this kind of attack works on a new level. Our decision-makers react to fake news for fear that it may be believed.

Russia seems to have been up to similar tricks in the Gulf, hacking into the Qatari news agency, not in order to steal information, but to plant it. A news report on May 23 purportedly showed the country’s ruler, Sheikh Tamim bin Hamad al-Thani, making pro-Israel and pro-Iranian remarks. Though swiftly retracted, it was nonetheless widely repeated by Saudi news outlets, sparking the storm which has now led to a dangerous diplomatic stand-off. Russia denies any involvement in this (and in every other attack for which it has been blamed). But the Kremlin’s motive in stirring up trouble in the Gulf is clear. It sets American allies at odds, exposing the leadership vacuum created by Mr Trump’s incoherence. It could raise oil prices too.

In the pre-electronic era, this sort of operation would have been much harder, probably involving the infiltration of a human agent into the news agency. Now it can be done from a computer keyboard anywhere in the world.

The short-term effect of these attacks on the integrity of information is to distort our decision-making — making us think we are poor when we are rich, and vice versa. The long-term effect is to corrode confidence in our own and other people’s judgment.

We can survive leaks of confidential information, and blockages of availability. But when the reality field in which we live is distorted, we are helpless. The “i” in the CIA is vital.

Edward Lucas is a senior editor at The Economist, where he was the Moscow bureau chief from 1998 to 2002. He is also senior vice president at the Center for European Policy Analysis, a Washington, DC, think tank. The opinions expressed are his own.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *