Internet crime, cyberwar and cyberespionage are some of the most popular terms in the tech world.
The boogeyman of the 20th century was so-called Islamic Terrorism. In the 21st century, what keeps people awake the most are Cyberthreats.
Today, online threats are the greatest risk to personal and corporate security, and we must try to understand who has the power to threaten us, to know what we can do to counteract those threats.
Internet is a minefield for Goliaths
Cyber threats create a thorny debate between governments, big technology companies and citizens, the latter always being the victims.
Citizens are the most vulnerable in this battle waged on the Internet, which has become the lawless city of the 21st century.
There, governments violate all privacy laws with the excuse that it is the only way to protect us all, while multinationals do what they want with their algorithms, censoring content right and left.
Meanwhile, criminal groups attack individuals and small and medium-size companies to demand ransoms for returning information from their databases, clients and others.
Not even the most powerful governments in the world are safe. Other governments, which are considered opponents, launch attacks in order to cause disruption in their operations.
That was done by Israel and the United States with Stuxnet, and it is what other States continue to do against each other.
Internet and the promise of the dream Cyberland
Internet every day looks more like big cities, such as New York or Paris.
Once a source of employment and the promise of a bright future for those who came from rural areas, today they are reserved for millionaires and billionaires, the only ones who can pay artificially inflated rents and home prices, food and in general the cost of living of a big city.
The vast majority of people who live in large cities do so in squalors, and the same happens on the Internet.
Any cyber attack or misuse of technology causes a crisis and affects the economy, essential services, health, water, energy or transport, and the most affected are always defenseless users.
As it happens in the real world, the virtual world is a battlefield where, despite having many opportunities, only the strongest survive.
The organisms created by governments to create the notion that there is security on the Internet agree that the incidents grow more serious and more frequent so it is impossible to know what percentage of everything that really happens is included in the official statistics.
Everyone can be a victim of an attack on the Internet
The number of incidents and their severity increases out of control on a daily basis.
One of them is the case of multinational, Telefónica.
The company suffered an attack with ransomware that spread throughout its system.
Wannacry acquired global scale, 200,000 systems from 150 countries were affected.
One of the most serious cases was that of the British health system.
The virus took advantage of a Windows system vulnerability for which a patch had already been released. However, It is useless to have a service if it is not available and you cannot stop threats when security updates fail.
Experts agree that Wannacry was very mediatic but rather sloppy.
The most widespread theory is that a group called Shadow Brokers stole the exploit – a piece of code that allows a vulnerability to be used – from the US National Security Agency. Ironic, isn’t it?
That is where the gravity of the attack lies. A vulnerability found by a State was made public domain.
Vulnerabilities abound on the Internet and Mobiles are also at Risk
The authors created Wannacry by attaching that vulnerability to a ramsonware that hijacked files from infected computers.
Wannacry was blamed for the theft of $81 million from a Bangladeshi bank last year and an attack on Sony Pictures in 2014, in which a large amount of information was stolen.
Attribution is always difficult because it is done by following the behavior patterns of the attacker or by analyzing the software, and this is something that can be imitated.
There is no regulation for the safety of these devices and there have already been cases that have taken advantage of it.
In October 2016, an attack in the US against the Internet provider Dyn interrupted the operation of Twitter, Netflix and Amazon websites, among others.
A botnet was used for that attack, a group of infected devices including printers, cameras, and baby monitors saturated Dyn servers: this is what is known as a denial of service attack.
Identifying attackers is the ongoing Challenge
One of the aspects that complicate the investigation is that once the perpetrator has been found, there is still the task of assigning the criminal’s digital identity a real identity in order to carry out an arrest.
In addition, it is possible to use third-party equipment to hide the trace or falsify the location. This was done by the US and Israel in the case of Stuxnet as well as in the hacking of the DNC servers during the US election.
There are many frauds, but ransomware is the most common.
When it comes to cyber wars between countries, the attacks are of machines attacking machines indiscriminately.
That is why citizens who think they have nothing valuable and pay less attention to the protection of their equipment, are the easiest target.
Who will pay for my files, for my photos? The answer is yourself.
One of the biggest threats facing companies is the theft of intellectual property. And it is precisely cyberespionage that most worries companies and governments because behind it there are usually State actors.
Intelligence sources tell that all countries spy, but that there are more serious cases like those of the United States, China and Russia.
China is dedicated to stealing industrial information. Russia, on the other hand, seeks a political advantage. The US, on the other hand, are experts in cyber military attacks.
In cyberspace, there is no peace. It is a domain where criminal activity by State actors and intelligence agencies is incessant.
Any conflict has its translation in this new terrain, where NATO recognizes as an operative field since 2016. This is what is known as hybrid warfare and governments are at the head of it, but not for the purposes you may think about. The goal is the complete dominance of cyberspace, not fairness or neutrality.
The Internet has been militarized as if it were a battlefield. That is why you never now who does good and who does evil. Likewise, governments, criminal groups within those governments, hackers, and others, wage a battle for their dominance of the most expensive real estate in the world: Cyberspace.
As it happened in the real world, cyberspace is where money, power, and control are concentrated. For that reason, it is there where the battles of the 21st century and beyond will be fought.