Cyber attacks on the rise

Cyber attacks on financial institutions are increasingly being linked to nation-states, resulting in destructive and disruptive damages rather than just theft, according to a report by the Carnegie Endowment for International Peace.

Background

In computers and computer networks, an attack is an attempt to expose, alter, disable, destroy, steal or gain unauthorized access to or make unauthorized use of an asset.  A cyber attack is any type of offensive manoeuvre that targets computer information systems, infrastructures, computer networks, or personal computer devices. An attacker is a person or process that attempts to access data, functions or other restricted areas of the system without authorization, potentially with malicious intent.

Depending on context, cyber attacks can be part of cyberwarfare or cyberterrorism. A cyber attack can be employed by nation-states, individuals, groups, societies or organizations. A cyber attack may originate from an anonymous source. A cyber attack may steal, alter, or destroy a specified target by hacking into a susceptible system. Cyber attacks can range from installing spyware on a personal computer to attempting to destroy the infrastructure of entire nations. Legal experts are seeking to limit the use of the term to incidents causing physical damage, distinguishing it from the more routine data breaches and broader hacking activities.

Cyberwarfare utilizes techniques of defending and attacking information and computer networks that inhabit cyberspace, often through a prolonged cyber campaign or series of related campaigns. It denies an opponent's ability to do the same while employing technological instruments of war to attack an opponent's critical computer systems. Cyberterrorism, on the other hand, is "the use of computer network tools to shut down critical national infrastructures (such as energy, transportation, government operations) or to coerce or intimidate a government or civilian population". That means the end goal of both cyberwarfare and cyberterrorism is the same, to damage critical infrastructures and computer systems linked together within the confines of cyberspace.

Cyber attacks have become increasingly sophisticated and dangerous, with a greater impact on physical assets and individuals than ever before.

Analysis

The number of such cyber attacks linked to nations jumped to six in 2018 from two in 2017 and two in 2016, showed the report, which was co-developed with British defence company BAE Systems.

Out of 94 cases of cyber attacks reported as financial crimes since 2007, the attackers responsible for 23 of them were believed to be state-sponsored, the majority coming from countries like Iran, Russia, China and North Korea, the report found. The report, which was shared with Reuters a day ahead of its official release, highlights growing concerns about the vulnerability in the financial system to cybersecurity threats.

U.S. Federal Reserve Chairman Jerome Powell and Japan’s central bank chief Haruhiko Kuroda earlier this year said cyber attacks are currently the biggest risk for financial institutions. “Now banks have to defend against not only cybercriminals and politically-motivated disruptions, usually of a temporary nature, but large-scale theft pursued by a nation-state,” said Tim Maurer, co-director at the Carnegie Endowment for International Peace.

“This evolution of the threat has forced regulators and industry worldwide to shift their attention from mitigating firm-specific risks to increasingly focus on sector and system-wide risks,” Maurer said. The report cited several examples of such attacks.

In January, state-backed hackers from North Korea infiltrated the Bank of Chile’s ATM network and syphoned off $10 million, it said. Last year, North Koreans hacked the systems of India’s Cosmos Bank and syphoned off nearly $13.5 million through simultaneous withdrawals across 28 countries.

In 2016, North Korean hackers carried out an $81 million heist by breaching Bangladesh Bank’s systems and using the SWIFT network (Society for Worldwide Interbank Financial Telecommunication) to send fraudulent money transfer orders to the New York branch of the U.S. central bank where the Dhaka bank has an account. State-sponsored attacks refer to operations that include direct nation-state activity and proxy activity carried out by criminals and so-called ‘hacktivists’.

Assessment

Our assessment is that cyber warfare is fast becoming a tool of the state to achieve its various objectives related to national security. We believe that due to the unregulated nature of cyberspace, nations can engage in more aggressive behaviour against an individual or organisational targets for various purposes. We also feel that there is a need for the international legal community to re-define the meaning of cyber terrorism to better suit the modern applications of state-sponsored terrorism.