Growing Nation-State Alliances Increase U.S. Cyber Risks

April 02, 2023 • 

Consider this article from the past week in the Wall Street Journal: “Russia Supplies Iran With Cyber Weapons as Military Cooperation Grows.” Here’s an excerpt:

“Russia is helping Iran gain advanced digital-surveillance capabilities as Tehran seeks deeper cooperation on cyberwarfare, people familiar with the matter said, adding another layer to a burgeoning military alliance that the U.S. sees as a threat.

“The potential for cyberwarfare collaboration comes after Iran has, according to U.S. and Iranian officials, sold Russia drones for use in Ukraine, agreed to provide short-range missiles to Moscow and shipped tank and artillery rounds to the battlefield. Tehran is seeking the cyber help along with what U.S. and Iranian officials have said are requests for dozens of elite Russian attack helicopters and jet fighters and aid with its long-range missile program.

“Russia and Iran both have sophisticated cyber capabilities and have long collaborated with each other, signing a cyber-cooperation agreement two years ago that analysts said focused mostly on cyber-defense networks. Moscow has long resisted sharing digital-offensive capabilities with Iran in the past, for fear they will end up being sold later on the dark web, the people said.”

Last September, I described how NATO countries were being hit with unprecedented cyber attacks. But this trend has been growing for much longer, and cyber attacks are now accelerating rapidly due to a more coordinated effort from NATO’s enemies.

A BRIEF HISTORY OF NATION-STATE CYBER THREAT COORDINAITON

Back in 2016, this piece was released from the Henry M. Jackson University School of International Studies at the University of Washington: “China-Russia Cybersecurity Cooperation: Working Towards Cyber-Sovereignty.” Here’s an excerpt:

“Since 2014, closer ties between China and Russia have attracted speculation about whether the relationship will continue to deepen into an alliance. The 2015 Sino-Russian cybersecurity deal seemed to mark further Sino-Russian cooperation another arena—cyberspace. The pact has two key features: mutual assurance on non-aggression in cyberspace and language advocating cyber-sovereignty.

“If this pact is merely treated as a “non-aggression” pact, then Sino-Russian cybersecurity cooperation has a similar pattern to their overall relationship, which appears to be intimate but is actually problematic. However, looking past the non-aggression elements of the pact illuminates the key element of the agreement—China and Russia’s pronounced support for the concept of “cyber-sovereignty.” The support for cyber-sovereignty echoes the centerpiece of Sino-Russian cooperation in the general terms—a challenge to US dominance in the international system.”

Fast-forward to 2020 for this piece in War on the Rocks: “Peering into the Future of Sino-Russian Cyber Security Cooperation.” Here’s a passage from that:

“Beijing and Moscow have long wanted to control their domestic internets. Now they are working together to remake global cyberspace in their own image. The two launch widespread cyber operations that threaten U.S. interests, and they want to reshape the internet to reduce U.S. influence. Chinese hackers have mounted a long campaign to steal intellectual property, as well as military and political secrets, and are a growing threat to U.S. critical infrastructure. Russian hackers pose the threat of cyber espionage, influence operations, and attacks on the infrastructure of the United States and its allies. Moreover, China and Russia have over the past five years worked together to tighten controls on their domestic internet and promoted the idea of cyber sovereignty to diminish U.S. sway over the global governance of cyberspace.

“Over the next decade, China and Russia are likely to continue close technical and diplomatic cooperation. Beijing now appears more willing to adopt information operations techniques historically associated with Russian actors to shape the narrative on the responsibility for and response to the COVID-19 pandemic, but the two sides are unlikely to coordinate on offensive cyber operations. To counter these efforts, policymakers should revitalize U.S. cyber diplomacy, providing an alternative framing to cyber sovereignty and building a coalition of like-minded partners to define and enforce norms of behavior in cyberspace.”

Moving to 2021, we get a report from the international journal Contemporary Chinese Political Economy and Strategic Relations entitled, “Cybersecurity Cooperation between Russia and China: Prospects and Problems.” It covers strategic and tactical steps by China and Russia to strengthen their technology and cybersecurity cooperation at many levels.

Early this year, Cyber News offered a report entitled, “Cybercrime from Russia and China: what can we expect next?”:

“In a recently published study of both nations, whimsically titled The Bear and the Dragon, global cybersecurity analyst Cybersixgill highlights an increased tendency for independent threat actors — that is to say, ones not working for partisan groups such as Killnet or Dragonbridge — to share expertise.

“‘While these two ecosystems have historically remained separate, recently, the Russian and Chinese cybercriminal worlds seem to have collided,’ said Cybersixgill. ‘Late last year, a limited-access Russian-speaking cybercriminal forum resurfaced on the underground after a turbulent shutdown in October— this time, with a notable Chinese presence.’

“It cited apparent efforts by the forum’s administrators ‘to enlist Chinese threat actors to their underground community, making sweeping changes to the forum’s interface to make it more accessible to both Mandarin- and English-speaking users.’

“Chinese recruits to the dark web platform were encouraged ‘to participate in conversations, share tips, and collaborate with Russian counterparts on future attacks.’”

Finally, bringing us into late March 2023, the Atlantic Council published a report with the headline “Xi and Putin just wrapped up talks in Moscow: What does it mean for the war in Ukraine and China’s global standing?”

They wrote: “It’s a friendship testing the limits. Chinese leader Xi Jinping left Russia on Wednesday after three days of talks with Russian President Vladimir Putin, in which Putin endorsed China’s ‘peace plan’ for Ukraine and the two leaders stressed the need to ‘respect legitimate security concerns of all countries’ to end the war — a talking point Russia has used to blame NATO and legitimize its war of aggression. What did this visit do for Putin’s international standing? What role might China play in the war? How should Washington view this partnership? Below, our experts cut through the pageantry and diplomat-speak.”

AI, TECHNOLOGY AND SECURITY COLLABORATION BETWEEN RUSSIA AND CHINA

TechSpot just published an article that explains how “Russia and China want to become world leaders in tech, security, and AI.” Thy describe how Russian President Vladimir Putin and China leader Xi Jinping agreed on several items in their recent summit, and the agreement: “The presidents agreed to form new models of cooperation in industries such as artificial intelligence, Internet of Things, 5G, digital economy, and low-carbon economy. Technological sovereignty is the key to sustainability. We propose further improving strategic partnerships in specific industries. By combining our wealth of research capacity and industrial capabilities, Russia and China can become world leaders in information technology, cyber security, and artificial intelligence.”

This YouTube video shows how even India is concerned about recent cybersecurity collaboration agreements between Russia and China:

FINAL THOUGHTS

In the recently released National Cybersecurity Strategy, one major premise that was highlighted included the need to protect the small businesses, small governments, home users and others who could do little to protect themselves against new cyber attacks. The strategy underlined the need for larger governments and tech companies to do more to protect those who do not have the ability to protect themselves in cyberspace.

The recent federal government discussions regarding a ban on TikTok and other Chinese or Russian companies from doing business in the U.S. is another example of the tensions that are rising at the moment.

Bottom line, the simultaneous challenges that include the war in Ukraine, cooperation between NATO enemies in cyberspace and hostile nation-state collaboration with cyber criminals is leading to an increased risk profile for cyber defenders in the U.S. and within NATO over the next decade. The global cyber temperature is rising, and the stakes have never been higher.

State and local governments need to visit the CISA Shields Up website to learn more about the latest cyber threats impacting their sectors — and what they can do about them.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.