27 Countries Sign Cybersecurity Pledge

While the last United Nations General Assembly will be mostly remembered for the disgraceful display orchestrated by the handlers of manipulated 16-year-old Greta Thunberg, lost in the hoopla that can only be described as “GretaManiawas a historic cybersecurity joint agreement signed by 27 countries including the United States, the United Kingdom, Australia, Japan, and Canada just prior to the UN General Assembly's General Debate.

The agreement in large part sought to address the increasing instances of state sponsored hacking against critical infrastructure targets internationally. Just this summer, the New York Times reported that the United States government was ramping up its efforts at exploiting vulnerabilities in the Russian power grid in response to Russia allegedly inserting malware into the systems controlling American power plants, oil and gas pipelines, and water supplies. 

A large portion of the agreement carries the theme that countries should follow international law regarding what may constitute acceptable state-sponsored hacking efforts. While the United States and many of its allies generally agree that it is reasonable for intelligence agencies to hack targets with the intent to spy on and attack military targets, this pledge reiterates the belief that attacking civilian infrastructure targets is considered strictly off limits.

This latest international cyberinitiative and statement is similar to previous instances of multiple countries banding together to denounce the perpetrator of perhaps the longest and widest ranging cyber offensive in the world -- China.

Just last year, the U.S. was able to convince many of its top allies around the world, including their partners in the so-called “Five Eyes” of western intelligence sharing -- the United Kingdom, Australia, Canada, and New Zealand -- to join it in condemning Chinese global computer intrusion campaigns that targeted intellectual property and confidential business information.

The condemnation came in light criminal charges filed by the Department of Justice against two members of the Chinese hacking group Advanced Persistent Threat 10 or APT 10. The members of this group were reportedly associated with the Chinese Ministry of State and acted in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau, according to a December 2018 press release from the DoJ.

The charges represented an important “line in the sand” moment for the U.S., as a 2018 report from the United States Trade Representative on China's intellectual property theft found that "Chinese theft of American Intellectual Property currently costs the U.S. between $225 billion and $600 billion annually."

China has repeatedly run afoul of cybersecurity resolutions and joint agreements. One obvious example occurred during the Obama administration, when a 2015 visit from Chinese President Xi Jinping produced the first joint agreement to stop economic espionage. While aggressive cyberactivity from China briefly cooled for a period, it can be argued that it was due to China’s military and intelligence agencies undergoing a massive restructuring at the time that for a brief period, severely limited their ability to conduct cyberoffensives.

The attacks would continue however, with perhaps the most insidious example the 2018 hack of a contractor working with the Navy's Naval Undersea Warfare Center. This attack netted the perpetrators 614 gigabytes of data on programs ranging from cryptographic systems, sensors, signal data, and the Navy submarine unit’s electronic warfare library

Like many other multinational accords, this agreement is likely to be largely ignored by countries like Iran and North Korea, who have long conducted extensive cyber campaigns in defiance of the internationally accepted rules of engagement. 

One of the better known and wide-ranging cyberattacks ever, the WannaCry outbreak of 2017, which was purported to have been carried out by hackers including North Korea’s Park Jin Hyok of the Lazarus Group, an infamous hacking cooperative, affected users worldwide, The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. 

Additionally, as tensions were growing between Iran and the United States over the past several months, three different cybersecurity firms reported having watched Iran's hackers try to gain access to several U.S. organizations during this past spring. 

Analysts from Crowdstrike and Dragos told the website WIRED that they observed targeted phishing emails sent to a variety of U.S. targets carried out by hacker groups like APT33 and Magnallium, who are widely believed to be working in the service of both the Chinese and Iranian governments. These attacks were similar to the July 2019 hacking operations against U.S. utility companies using Lookback malware, via phishing emails designed to look as if they came from the U.S. National Council of Examiners for Engineering and Surveying. Another security firm, FireEye, also confirmed the presence of a phishing campaign targeting both government entities and private businesses in the U.S. and Europe.

With increased international connectivity on the horizon in the form of 5G networks and expanded hardwired networks, the possibilities for catastrophic attacks is sure to only increase. It is imperative now, more than ever, that a cooperative of international partners work together to clearly establish and enforce the “Red Lines” of what is considered responsible behavior in the geopolitical cybersphere. 

Julio Rivera is the Editorial Director for ReactionaryTimes.com, a political columnist and commentator, and an international Business Consultant based in Plovdiv, Bulgaria.

While the last United Nations General Assembly will be mostly remembered for the disgraceful display orchestrated by the handlers of manipulated 16-year-old Greta Thunberg, lost in the hoopla that can only be described as “GretaManiawas a historic cybersecurity joint agreement signed by 27 countries including the United States, the United Kingdom, Australia, Japan, and Canada just prior to the UN General Assembly's General Debate.

The agreement in large part sought to address the increasing instances of state sponsored hacking against critical infrastructure targets internationally. Just this summer, the New York Times reported that the United States government was ramping up its efforts at exploiting vulnerabilities in the Russian power grid in response to Russia allegedly inserting malware into the systems controlling American power plants, oil and gas pipelines, and water supplies. 

A large portion of the agreement carries the theme that countries should follow international law regarding what may constitute acceptable state-sponsored hacking efforts. While the United States and many of its allies generally agree that it is reasonable for intelligence agencies to hack targets with the intent to spy on and attack military targets, this pledge reiterates the belief that attacking civilian infrastructure targets is considered strictly off limits.

This latest international cyberinitiative and statement is similar to previous instances of multiple countries banding together to denounce the perpetrator of perhaps the longest and widest ranging cyber offensive in the world -- China.

Just last year, the U.S. was able to convince many of its top allies around the world, including their partners in the so-called “Five Eyes” of western intelligence sharing -- the United Kingdom, Australia, Canada, and New Zealand -- to join it in condemning Chinese global computer intrusion campaigns that targeted intellectual property and confidential business information.

The condemnation came in light criminal charges filed by the Department of Justice against two members of the Chinese hacking group Advanced Persistent Threat 10 or APT 10. The members of this group were reportedly associated with the Chinese Ministry of State and acted in association with the Chinese Ministry of State Security’s Tianjin State Security Bureau, according to a December 2018 press release from the DoJ.

The charges represented an important “line in the sand” moment for the U.S., as a 2018 report from the United States Trade Representative on China's intellectual property theft found that "Chinese theft of American Intellectual Property currently costs the U.S. between $225 billion and $600 billion annually."

China has repeatedly run afoul of cybersecurity resolutions and joint agreements. One obvious example occurred during the Obama administration, when a 2015 visit from Chinese President Xi Jinping produced the first joint agreement to stop economic espionage. While aggressive cyberactivity from China briefly cooled for a period, it can be argued that it was due to China’s military and intelligence agencies undergoing a massive restructuring at the time that for a brief period, severely limited their ability to conduct cyberoffensives.

The attacks would continue however, with perhaps the most insidious example the 2018 hack of a contractor working with the Navy's Naval Undersea Warfare Center. This attack netted the perpetrators 614 gigabytes of data on programs ranging from cryptographic systems, sensors, signal data, and the Navy submarine unit’s electronic warfare library

Like many other multinational accords, this agreement is likely to be largely ignored by countries like Iran and North Korea, who have long conducted extensive cyber campaigns in defiance of the internationally accepted rules of engagement. 

One of the better known and wide-ranging cyberattacks ever, the WannaCry outbreak of 2017, which was purported to have been carried out by hackers including North Korea’s Park Jin Hyok of the Lazarus Group, an infamous hacking cooperative, affected users worldwide, The brunt of the attack was taken by PC users in Russia and the National Healthcare System in Great Britain. 

Additionally, as tensions were growing between Iran and the United States over the past several months, three different cybersecurity firms reported having watched Iran's hackers try to gain access to several U.S. organizations during this past spring. 

Analysts from Crowdstrike and Dragos told the website WIRED that they observed targeted phishing emails sent to a variety of U.S. targets carried out by hacker groups like APT33 and Magnallium, who are widely believed to be working in the service of both the Chinese and Iranian governments. These attacks were similar to the July 2019 hacking operations against U.S. utility companies using Lookback malware, via phishing emails designed to look as if they came from the U.S. National Council of Examiners for Engineering and Surveying. Another security firm, FireEye, also confirmed the presence of a phishing campaign targeting both government entities and private businesses in the U.S. and Europe.

With increased international connectivity on the horizon in the form of 5G networks and expanded hardwired networks, the possibilities for catastrophic attacks is sure to only increase. It is imperative now, more than ever, that a cooperative of international partners work together to clearly establish and enforce the “Red Lines” of what is considered responsible behavior in the geopolitical cybersphere. 

Julio Rivera is the Editorial Director for ReactionaryTimes.com, a political columnist and commentator, and an international Business Consultant based in Plovdiv, Bulgaria.