NotPetya: Is cyberwarfare in full flow?

This week has seen both the U.K. and the U.S. accuse Russia of being behind NotPetya, “the most destructive and costly cyberattack in history” that ripped through state and private sector organisations primarily in the Ukraine. Britain’s foreign office warned that “it will not tolerate malicious cyber-activity” while the White House press Secretary Sarah Sanders made similar thinly veiled threats, stating that NotPetya was a “reckless and indiscriminate cyber-attack that will be met with international consequences.”

NotPetya was a malware that hit a number of state and private-sector organisations in Ukraine in 2017. The virus spread without computer users having to click any suggested links and would then proceed to destroy its victims’ data. However, the malware was not just restricted to Ukraine, but ended up spreading as far as Australia and the US, causing billions in damage to global organisations that were forced to revamp or replace thousands of computers and servers.

Ukraine has been the scene of a fierce proxy war between the US and Europe on one side, and Russia on the other. Moscow’s fears of border-sharing Ukraine being forced to choose between Russia and the EU during accession negotiations became abundantly clear when Russian troops seized Crimea, plunging Ukraine’s political scene into crisis and eventually resulting in a civil war that shows no sign of ending.

For Russia, the growing construction of missile facilities in Europe capable of targeting Russian territory is a constant concern, as well as Cold War-era rhetoric from US military officials frustrated by Russia’s involvement in Syria, courting of NATO ally Turkey, and alleged intervention in the US presidential elections.

Although these concerns on the part of Russia and the US have been expressed in military terms, NotPetya has demonstrated the emergence of an alarmingly powerful dynamic; cyberwarfare.

However, to suggest that Russia is the key perpetrator, or indeed the main power in this escalation in the cybersecurity world is misleading. Edward Snowden revealed that UK GCHQ’s Joint Threat Research Intelligence Group (JTRIG), cyber operations “may cover all areas of the globe.” Examples included “Iran, Africa, Argentina, Afghanistan, Pakistan, North Korea, UK and Eastern Europe, including Russia.” The report went on to detail that targeting could include “the general population (e.g., Iranians), or regimes (e.g., Zanu PF).” The aim of such operations are to promote “discredit, distrust, dissuade, deceive, disrupt, delay, deny, denigrate, degrade and deter.”

Moreover, NotPetya is not the first example of possible state-instigated cyberattacks.

In 2014, North Korea was alleged to of been behind the hacking of Sony Pictures following the satirical film based on Pyongyang dictator Kim Jong Un. Scrambling to react to this embarrassing breach by a hostile nation, then-president Barak Obama warned Pyongyang that the US would respond “in a place and time and manner that we choose.”

Days after this statement was made North Korea’s internet was knocked offline. The state deparment responded to media queries surrounding U.S involvement by asserting that:

“We aren’t going to discuss … publicly, operational details about the possible response options or comment on those kind of reports in anyway except to say that as we implement our responses, some will be seen, some may not be seen.”

In 2010, Israel and the US were accused of being behind the Stuxnet attack that targeted Iran’s nuclear facilities.

The argument here does not concern the rights and wrongs of cyberwarfare. Instead, these examples highlight that the cybersecurity world is developing at break-neck speed, outrunning any current regulations or overarching and established rules of war. NotPetya was devastating not only in its impact, but in its potential. If one did not have to conventionally and actively click on suggested dubious links to become victim of the NotPetya cyberattack that wiped billions of dollars worth of data, then just what capabilities may states have in the coming decade as the world speeds headlong into a digitised world of cryptocurrencies and cash-less societies?

Without an enforceable ‘digital Geneva convention’ a nation’s cyber security apparatus is fair game for hackers to engage in malicious activity. Defending the rules-based international system in cyber space is fraught with risk and danger that may lead to future confrontation. Governments need a new initiative to kick start pragmatic talks on building bridges between nations in order to prevent the dreadful decisions by politician’s intelligence services and military figures to engage further in cyber warfare and drag us all into the reality of a global war whose impact will be felt in every household.