For many nation states, cyber warfare has become an attractive option because it can be conducted without making great efforts or consuming a lot of resources. And while most people think these attacks are conducted directly by a government, government-sponsored hacking teams also work alongside outside, independent hackers. And whether it’s a lone wolf or a hacking group with sympathies (or a political ideology) in-line with a particular government, these third-party cyber soldiers can make a big impact, just like political action committees (PACs) on the campaign trail.
“That is an apt analogy,” says Fred H. Cate, director of the Center for Applied Cybersecurity Research at Indiana University. “It sums up what we are now facing, and it also suggests that cyber efforts could be much more decentralized while raising the question as to how we can control it.”
In military terms, Cate says these practices could be seen as both a “force extender” and a “force multiplier.” Cyber warfare, the force extender, essentially provides small nations with the ability to compete against larger nations in a way that would be impossible with conventional weapons. And enlisting hacking groups that are simply sympathetic to a cause serves as a force multiplier.
“They may come from the huge cadre of citizen hackers that aren’t associated with the government, but have ties or relations that seem in line with the nation state,” says Lillian Ablon, researcher at the RAND Corporation.
China, for example, may employ its own state actors, who as well as working for Beijing on the clock may offer their services as freelancers to other interests off the clock. In other cases, individuals or groups may conduct cyber warfare without the direction of the government it is supporting, much like a political action committee, which directs efforts towards a political campaign but doesn’t directly work for the candidate.
One reason these groups have arisen in the shadows is that they may be directed by ideology more than money. For instance, in countries such as North Korea, where its leaders have been revered to almost cult-like levels, it easy to imagine hackers pursuing efforts on the behalf of the regime, but also working indirectly for it. For instance, last year’s hack of Sony’s computer network and the demands that the studio not release the film The Interview may have been a hack that wasn’t directly state-sponsored, but could have been encouraged by North Korea.
“Many of these nations harness their citizens in different ways,” says Ablon. “Essentially there might be the sense that ‘we’re all working together as citizens with a common goal.'”
Some of these groups could even be loosely affiliated with a government, but still provide that country with what “creditable deniability” in hacks the group undertakes. “In these cases it may not be clear how ‘unofficial’ they are, or who approached who—whether the government recruited these individuals or if the individuals offered their services,” explains Ablon. But the outcome could be the same, a hacking group that acts independently and not at the direct behest of a nation but still has that country’s interests at heart.
“Just as you see different varieties of civil society organizations, ranging from PACs in the US to Communist youth groups in China, you will see different varieties of and organizational styles of online activists,” says Jon Lindsay, research scientist with the University of California Institute on Global Conflict and Cooperation. A state like China that puts a high priority on propaganda and information control will invest a lot more in efforts to guide and censor online discussion, he says. Their efforts can range from dedicated government units that conduct hacktivist attacks to much looser relationships with China’s large and rowdy netizen population.
There are hacking groups that could be seen as a force extender as well. For example, last month a group calling itself the “Islamic State Hacking Division” released personal information for hundreds of U.S. military and government personnel via Twitter. This group, which released names, emails, passwords and phone number of nearly 1,500 members of the U.S. military as well as the FBI, State Department and even the Port Authority of New York and New Jersey, isn’t believed to have direct ties to ISIS, but its efforts clearly were in align with the radical force operating in Syria and Iraq.
There are also cases where hackers make take on the persona of “hacktivists” to work against a government or local authority. In this way these hackers, working independently or with other groups, may indirectly support factions that are protesting an issue as way seen this year as police departments across the country came under cyber attacks. The international hacking group known as Anonymous claimed responsibility for targeting the Grapevine Police Department’s Facebook page, citing the controversial shooting of an unarmed Mexican citizen in February for the attack.
“There is a large and growing population of citizen hacktivists active in a number of issue areas,” says Lindsay. “Most of this activity is not sophisticated but can be a consequential nuisance in bulk.”
In these cases the hackers tread a thin line, and try not to get too caught up in a cause.
Today this means that anywhere there might be a nationalist protests in person, one can expect to see activity online, where symbolic participation in mass movements is so cheap and easy that some people call it “slacktivism,” says Lindsay. This can include large scale service denial and defacement attacks that are often associated with tension in international relations, as has been seen between rival powers North and South Korea, or India and Pakistan. These hacks are increasingly being conducted by individual citizens or small groups, yet in either case are usually tolerated or even encouraged by the state.
In this regard, Lindsay says it can be also a safety valve to vent nationalist sentiment, or diversions from domestic grievances against the government to some foreign power. It can be a crude signal that the government takes an issue seriously, if it will rather have its hands tied by domestic nationalist pressure. And this is where the PAC mentality is very convenient for countries. “[It’s] very convenient for an authoritarian government to deny responsibility for nationalist outbursts with the excuse that they can’t control the behavior of online users,” says Lindsay. “It isn’t a very credible excuse, because we see the same governments stepping in to silence dissent when the message or intensity of the attacks run counter to their interests.”