The U.S. Department of justice announced charges against high-profile Russian officials, accusing them of cooperation with Russian criminals-hackers during the attack on Yahoo in 2014. According to them, it turns out that a foreign government had abused the trust for hacking an American company to commit espionage. But it is not hypocritical to blame the Russians in such activities today, in the era of Wikileaks, Snowden declassified information and a recent leak of CIA documents on its own capabilities for electronic attacks?
Until 2013, most people in the technology sector realized that the United States and the governments of other major countries one way or another was engaged in cyber espionage and Snowden’s revelations in that year, only revealed how extensive were these events, and that many of the attempts of espionage included deliberate and purposeful weakening of American cyber security companies and they sell products. The fact that the American budget, including taxes paid by the companies and their employees would be held against them for the payment of domestic and foreign companies and hackers to undermine American corporate security, up to the branch fiber-optic cables connecting their data centers, and payments to foreign hacker organizations to develop relevant malicious funds for their programs, was a worrying signal for the information technology industry to the same extent to which their own government would harm American companies.
In the calculation here, of course, does not undertake the use of letters of requirements concerning national security and the U.S. Court in cases of foreign intelligence surveillance to coerce U.S. companies to transfer the intelligence community of the user data or unwillingly to provide wiretapping and other services — legal means, is unavailable against American companies for Russia and most other countries. Given that many of the largest Internet companies, including major social networks that are physically based in the United States and therefore subject to the laws of the United States, the American government is in a unique position within the global surveillance because of its ability to subject these companies to the action of various legal processes or physical compromise.
Recently published Wikileaks documents, entitled “Vault 7” (“box No. 7”) opens with more details of how the US government is equipped with various exploits, including zero-day (in some cases, potentially stimulating their creation), as well as its investment in planning attacks on the programs and services of American companies for weakening their security.
Combined with the Snowden revelations they offer to the public a realistic portrait of their own hacking operations American allegedly penetrating many foreign companies for its own use in exploration, either by tracking their networks, either using their accessibility for embedding malicious code in their programs.
Thus, to prosecute Russian hackers for breaking into the email account and Yahoo on the part of the US government somewhat hypocritically, as an activity in which they are accused, is absolutely identical to what the US government itself engaged in every day.
As I wrote last month, the latest version of the famous “the Tallinn manual on the application of legal norms of international law to hostilities in cyberspace” reflects this transition from a cyber-war between countries to attack the state to the private sector, in which the entire resources of the nation will be used for attacks on private corporations, forced to spend a lot of money for their own safety and preservation of personnel, equipment and performance to protect their systems and to withstand DDoS and other attacks.
Perhaps the most important thing is that the charges of the Ministry of justice underscore how much private companies control the “circulatory system” of our digital life. Russia is not planning an attack on Yahoo only because I wanted to cause economic harm to American companies — it was for the latter through private accounts Yahoo email information about persons and organizations of interest to Russian intelligence services.
What would we do — have placed posts in social networks, checking e-mail, searched or browsed web pages, talking on the phone or even looking for a travel companion — this often takes place through networks and private companies. What attracts these companies to the attention of cyber criminals, and foreign and domestic intelligence services, leaving the fields of virtual battles of public networks in private companies that have to bear the economic burden of security of their systems even against their own governments.
Indeed, proof that private companies have been at a crossroads for developing a cyber-perspective, Microsoft last month proposed the creation of the so-called “Digital Geneva Convention”, which, like its military equivalent, would offer protection to non-state actors, caught in the midst of the cyber battles. However, given that cyber activities are increasingly is a mixture of public and private actors (as demonstrated by the unfounded allegations against Russia), it is unclear what impact would such a law, and the United States, given its bets on cyber operations, it is hardly ever this kind of document will be signed.
Does this mean that the Russian government should not be responsible for hacking American companies? In any case. The hypocrisy if the government of the United States to accuse the Russians in the same hacking how engaged itself? Do not talk about it. In the end, the Internet companies have suffered casualties and the brunt of the new digital fights of our time.