{"id":407,"date":"2019-06-12T16:13:39","date_gmt":"2019-06-12T14:13:39","guid":{"rendered":"https:\/\/lab52.es\/blog\/?p=407"},"modified":"2019-06-12T18:06:30","modified_gmt":"2019-06-12T16:06:30","slug":"lab52-is-focusing-on-geopolitical-analysis-and-cybersecurity","status":"publish","type":"post","link":"https:\/\/lab52.io\/blog\/lab52-is-focusing-on-geopolitical-analysis-and-cybersecurity\/","title":{"rendered":"Lab52 is focusing on geopolitical analysis and cybersecurity:"},"content":{"rendered":"\n

Lab52 offers a service which is completely\nfocused on geopolitics\nand cybersecurity. Currently, there is an important correlation between geopolitics\nand cyberattacks. All the cyberattacks promoted by states have their origins or\nroots in the ancient framework of military espionage and intelligence ([1]). For that reason, Lab52 is permanently following and investigating the\nnew updates related to global geopolitical affairs. In the meantime, we are\nresearching the most recent IOC (Indicators of Compromise) used by threat\ngroups in their campaigns. <\/p>\n\n\n\n

Since ancient times of history, warfare has undergone\na major evolution. The physical and the psychological attacks in warfare have been\napplied by the most powerful armies against their enemies. Moreover, for\ndecades some offensive states have developed cyber resources and tools to be\nused as weapons in warfare ([1]). Currently, there is a significant relation\nbetween cyberattacks and the geopolitics plan executed by the most powerful\nnations to achieve their strategic goals in international relations and\nmilitary conflicts.   <\/p>\n\n\n\n

In order to understand the evolution of this relation\nwe should know that there are two type of military conflicts: symmetric and asymmetric,\nalso known as conventional and unconventional battles ([2]). Symmetric conflicts are carried out by professional militarists and\nthe asymmetric or unconventional battles are started by \u201cguerrillas\u201d,\nfrequently and indirectly managed by states.      <\/p>\n\n\n\n

Cyberattacks promoted by states belong to hybrid strategies\nwhich are included in unconventional warfare. A hybrid war is a kind of\nconflict which rose after the Cold War and is defined as \u201ca range of different modes of warfare including conventional\ncapabilities, irregular tactics and formations, terrorist acts including\nindiscriminate violence and coercion and criminal disorder\u201d<\/em> ([3]). Through the years, this concept has been expanded and currently its\ndefinitions include offensive special cyber operations and psychological\noperations. <\/p>\n\n\n\n

In the graph below there are several specializations that compose the hybrid warfare ([4]): <\/p>\n\n\n\n

\"\"

Illustration 1 Hybrid warfare Factors<\/em> <\/figcaption><\/figure><\/div>\n\n\n\n

As we can see in the graph, a hybrid war consists of multidisciplinary resources and tools. Among the different elements that make up hybrid warfare are cyberattacks. Nowadays, cyberattacks are one of the main military resources used in all the geopolitical conflicts around the world. There are several ranges of dangerousness and threat actors: individual hackers, criminal activities, espionage operations, and nation-state warfare ([5]). In the graph below shows the most important levels in a cyber threat spectrum:   <\/p>\n\n\n\n

\"\"
Illustration 2 CyberThreat Spectrum
<\/figcaption><\/figure><\/div>\n\n\n\n

As seen in the spectrum graph the most threatening and\ndangerous stages are integrated by Nation-state. Usually, this kind of threat actor\nhas a main goal: collecting classified information from other governments or\nfrom relevant organizations. Furthermore, the critical national infrastructures\nare an important target for all APT groups, in this case, the main target organizations\nwould be from the energetic field, hospitals, airports or communication tools among\nothers. <\/p>\n\n\n\n

A paradigmatic international case that shows the\nimportance of the relation between geopolitics and cyberattacks happened in\n2014 with the Crimea Annexation by Kremlin.  Ukraine suffered a major military operation of\nthe hybrid war with cyberattacks that generated changes within the internal and\nexternal policies of the country. In 2015 three Ukrainian electrical companies\nwere cyberattacked by BlackEnergy, a threat group supposedly associated to\nRussia. This threat actor managed to disable the control and non-control\nsystems computer ([6]).     <\/p>\n\n\n\n

Geopolitically, the alleged cyberattack campaign\nexecuted by Russia in Ukraine is part of a geostrategic plan which is included\nin the Gerasimov method. Usually, cyberattack campaigns promoted by Nation-states\nbelong to a geostrategic plan to manipulate and persuade the enemy society. Their\nmain goal is to get a beneficial situation for the actor which is executing the\noperation ([7]).<\/p>\n\n\n\n

The following graph shows the procedure and the steps of the Gerasimov method. This system has been used to carry out hybrid attacks where cyberattacks are a key step in the process: <\/p>\n\n\n\n

\"\"
Illustration 3 Main Phases (Stages) of Conflict Development<\/figcaption><\/figure><\/div>\n\n\n\n

As seen in the table, cyberattacks to the governmental organizations and critical infrastructures are very effective in the third stage of the hybrid attack process ([8]):   <\/p>\n\n\n\n

 
Stages of Hybrid Warfare<\/strong> <\/p>\n\n\n\n
\n 1st Stage<\/strong>\n <\/td><\/td>\n Covert origin: <\/em><\/strong>The conflict\n begins some time before that the violence gets started. The threat actor, through\n a specific disinformative campaign applied to the specific society tries to\n influence the decision makers of a country and the public opinion. The main\n goal of this stage is to fragment the opinion of the society by means of a\n sensitive topic.     <\/em>\n  <\/em>\n <\/td><\/tr>
\n 2nd Stage<\/strong>\n <\/td><\/td>\n Increase tension:<\/em><\/strong> Once\n tension and social fragmentation has increased within the victim country, the\n external actor will carry out a strategy of diplomatic isolation against its\n victim and apply economic sanctions. On the other hand, he will also carry\n out a disinformation dissemination campaign with the aim of generating social\n discontent in the victim country.<\/em>\n  <\/em>\n <\/td><\/tr>
\n 3rd Stage<\/strong>\n <\/td><\/td> Start hostile operations:<\/em><\/strong> In this stage the hostile actor could execute operations that are related to cyberattacks, military presence next to the borders, or hostile actions with clear violence among both parts of the fragmented society. <\/em>  <\/em> In this phase, cyberattacks could be used to sabotage critical infrastructure organizations like grids, steal classified information to defame personalities from the government. <\/em>  <\/em> The main goal of this stage is to increase the tension to higher rates to justify the external intervention from the threat actor who is applying the strategy.<\/em> <\/td><\/tr>
\n 4th Stage<\/strong>\n <\/td><\/td> <\/strong>Crisis: <\/strong>The threat actor does a military intervention claiming humanitarian help to the citizens. In the meantime, it promotes economic sanctions and continues carrying out the disinformation strategy in order to justify the military occupation. <\/em>  <\/em> <\/td><\/tr>
\n 5th Stage<\/strong>\n <\/td><\/td> Resolution: <\/strong>The threat actor will try to use all the governmental resources to disturb the peace in the country and begin working on his own interests.   <\/em>  <\/em> <\/td><\/tr>
\n 6th Stage<\/strong>\n <\/td><\/td> Disturbance of the Peace:<\/strong> In the last stage, the hostile actor\u2019s intervention will look to promote the local groups which support him. After that, he will begin a significant campaign to promote the supporters\u2019 local group internationally looking for the International Community approbation.<\/em>  <\/em>
<\/td><\/tr><\/tbody><\/table>\n\n\n\n

All the cyberattacks promoted by a Nation-state are aimed to support a\ngeopolitical strategy. The cyber resources and tools from a State is becoming a\nfundamental military good for their offensive and defensive weapons. If a State\nor an important organization does not have a proper cyber defensive structure\nto keep their classified information secure, then it is highly vulnerable and\nweak for threat groups. <\/p>\n\n\n\n

References<\/strong>:<\/p>\n\n\n\n

[1] The Impact of Cyber Threat on Geopolitics: A Paradigm Shift in International Relations https:\/\/www.securityweek.com\/understanding-geopolitics-key-analyzing-cyber-espionage-german-intelligence-service <\/p>\n\n\n\n

[2] http:\/\/yris.yira.org\/comments\/2323<\/a>\n<\/p>\n\n\n\n

[3] THE MOUSE, THE TANK AND THE COMPETITIVE\nMARKET: A NEW VIEW OF HYBRID WAR Graham FAIRCLOUGH*<\/em><\/p>\n\n\n\n

[4] https:\/\/toinformistoinfluence.com\/2015\/06\/05\/czech-army-preparing-special-unit-ready-for-hybrid-warfare\/<\/a>\n<\/p>\n\n\n\n

[5] Cyber\nThreats in Hybrid Warfare: Securing the Cyber Space for the RSAF by LTC Anthony\nWong, MAJ Christopher Eng, CPT Ronald Loh Ming Yao & CPT Jeffrey Ng<\/p>\n\n\n\n

[6] https:\/\/www.fireeye.com\/content\/dam\/fireeye-www\/global\/en\/solutions\/pdfs\/fe-cyber-attacks-ukrainian-grid.pdf<\/a>\n<\/p>\n\n\n\n

[7] Colom\nPiella. (2018) \u00bfGuerra h\u00edbrida a la rusa? algunos apuntes sobre \u201cla doctrina\ngerasimov\u201d (THIBER REPORT N\u00ba2). http:\/\/www.thiber.org\/2018\/04\/06\/thiber-report-no2-guerra-hibrida-a-la-rusa-algunos-apuntes-sobre-la-doctrina-gerasimov\/<\/a>\n<\/p>\n\n\n\n

[8] UGR. (2018). La doctrina Gerasimov y\nel pensamiento estrat\u00e9gico contempor\u00e1neo. https:\/\/www.ugr.es\/~gesi\/Doctrina-Gerasimov.pdf<\/a> <\/p>\n","protected":false},"excerpt":{"rendered":"

Lab52 offers a service which is completely focused on geopolitics and cybersecurity. Currently, there is an important correlation between geopolitics and cyberattacks. All the cyberattacks promoted by states have their origins or roots in the ancient framework of military espionage and intelligence ([1]). For that reason, Lab52 is permanently following and investigating the new updates related […]<\/p>\n","protected":false},"author":6,"featured_media":425,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[3],"tags":[4,5],"class_list":{"0":"post-407","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-apts","8":"tag-apt","9":"tag-geopolitics","10":"entry"},"featured_image_src":"https:\/\/lab52.io\/blog\/wp-content\/uploads\/2019\/06\/rzUIjIL6UsFJSPqz4R8fFxixSdGvU1ol-600x400.jpg","featured_image_src_square":"https:\/\/lab52.io\/blog\/wp-content\/uploads\/2019\/06\/rzUIjIL6UsFJSPqz4R8fFxixSdGvU1ol-600x580.jpg","author_info":{"display_name":"Dex","author_link":"https:\/\/lab52.io\/blog\/author\/dex\/"},"_links":{"self":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts\/407"}],"collection":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/comments?post=407"}],"version-history":[{"count":10,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts\/407\/revisions"}],"predecessor-version":[{"id":421,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/posts\/407\/revisions\/421"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/media\/425"}],"wp:attachment":[{"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/media?parent=407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/categories?post=407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lab52.io\/blog\/wp-json\/wp\/v2\/tags?post=407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}