Read the original article: Beyond Economic Espionage
Much of the reporting on nation-state threat activity is focused on the latest cyber intrusion, such as the SolarWinds intrusion or the intrusion of numerous coronavirus vaccine developers. These intrusions are often breathlessly portrayed as brazen and sophisticated attacks on well-defended companies—or government agencies, as the case may be. The stories, unfortunately, underrepresent the full scope of what is transpiring.
Inter-state competition is bleeding into every aspect of the economy, and the gravity of the threat U.S. businesses face from nation-states and their proxies cannot be overstated. As we have written, today’s most important geopolitical battlespace is the private sector. While there are countless economic sectors within which competition is taking place, it is most savage in those on which modern developed economies most depend—such as advanced technology, cyberspace, health care, insurance and finance, to name just a few. Attackers target groundbreaking technology, but also essential personnel, innovative business practices, unique data sets, and plans and strategies. Mastery of these building blocks allows nation-state competitors to grow successful companies in a wide variety of areas.
In this competition for economic advancement and industry domination, foreign intelligence services are using an assortment of illicit tactics beyond economic espionage to advance nation-state objectives. These services aren’t simply stealing valuable assets to help their businesses—they’re engaging in diverse activities to ensure they dominate economically. While the list continues to grow, such tactics include stock market, social media, and regulatory manipulation; data harvesting; national champion building; digital bank robbery; and even the destruction of corporate assets.
Stock Market Manipulation
In 2015, prosecutors filed a complaint against three Russians in New York City. Among other things, the complaint alleged that the three were working for the SVR, Russia’s external intelligence agency, and were attempting to gather intelligence about high-speed trading, automated trading algorithms and the destabilization of markets. There was much speculation at the time as to what exactly Russia’s objective was. Why would the SVR want this information? Perhaps the agency was trying to help improve the operation of Russia’s stock markets and protect them from outside manipulation. Or perhaps it was preparing to attack U.S. stock markets.
This was not the first time that Russia had attempted to covertly obtain information about how U.S. stock markets work. In 2010, Russian hackers penetrated the NASDAQ stock exchange. It appears these hackers may have opened the door that then allowed a Chinese intrusion, as well as access by several other groups, including criminal hackers. Although there were indications that a particularly large cache of data was exfiltrated, the investigation revealed little detail on what information was taken. Unfortunately, daily records of server activity were nonexistent, making it extremely difficult to piece together what had transpired.
So while the exact target of the intrusion was not clear, external events and the evidence of some type of data exfiltration suggest that the Russian hackers sought to better understand how NASDAQ worked. Russia at the time was attempting to strengthen its own stock exchanges and make them world class, and information about how NASDAQ runs its exchange would have been extremely helpful. However, the malware used for the intrusion wasn’t designed only to steal data. It also had the capability to “create widespread disruption” in the network. and potentially the stock exchange itself. This capability suggested that Russia may also have been looking to lay the groundwork for a future disruption.
It’s unclear whether Russian intelligence has continued to try and penetrate stock exchanges in recent years. If Russia really has been looking for ways to destabilize or disrupt stock market operations, it may have turned to another approach.
The recent cyber intrusion into SolarWinds, reportedly at the hands of Russian intelligence, may illustrate just such an alternate methodology. There’s no need to directly target an individual stock exchange when you can ride on the coattails of a company’s software update (in this case, that of SolarWinds) and penetrate thousands of businesses—especially those with access to other companies’ information technology infrastructure and their data, like Microsoft (via the company’s Azure Cloud infrastructure) or the cybersecurity firm FireEye. The working assumption of experts is that the intruders must have exfiltrated data, though the amount of data exfiltrated is unknown.
Considering Russia’s history of intrusions, it’s worth considering whether this access to such a wide swath of companies could have positioned Russia to cause enormous market havoc if it so wished. Time and again, Russia has demonstrated the ability to cause such damage. Businesses should be asking under what conditions the Russians would execute an attack and whether they would be positioned to withstand it.
Social Media Manipulation
The recent Reddit-GameStop kerfuffle offers an example of the ease with which lightly organized groups of individuals can affect the market. Keith Gill, who also goes by the moniker Roaring Kitten, began posting on Reddit in summer 2019 about his investment in the video game retailer GameStop. Gill made TikTok and YouTube videos and continued to push the stock over social media, driving the share price higher and higher as his following increased. The goal was in part to hurt the large hedge funds that had been betting against GameStop, some of which purportedly experienced huge losses. On Jan. 26, Gill boasted that his initial $53,000 investment had increased in value to $48 million. GameStop’s share price remained volatile through the end of January.
To date, there is nothing to indicate that any of the activity was influenced, much less directed, by an outside power. But the various intelligence services were surely watching and learning. Any intelligence service wanting to put this methodology into action would need to be adept at manipulating social media forums. Unfortunately, many have been honing that skillset in recent years.
Russia’s efforts to manipulate social media have been well documented in both government and private reports. Russia has employed such tools to sway elections as well as to simply sow chaos and discord in order to to discredit governments. Actors linked to the Russian government have used thousands of fake accounts to create or influence the narrative on a number of important issues.
This approach to social media proliferates in the private sphere, as well. Individuals often take to the internet to air their grievances, warranted or not, and discredit others. Recent reporting from the New York Times describes numerous sites on which people can post sordid accusations about others without having to provide validation. Some of the websites to which the material is posted charge those accused an exorbitant fee to remove the information. It doesn’t take a stretch of the imagination to understand how intelligence services or other organizations could use similar tactics to smear others, like a competitor busine
[…]
Read the original article: Beyond Economic Espionage