The 2016 Threat Report, released yesterday by the Australian Cyber Security Centre, is clear about what it views as perhaps the most troubling trend in the cyber domain: the contest over information.
The control, security and credibility of information is central to the cyber domain. Financial markets operate smoothly because the public has confidence in the integrity of online banking information. Critical infrastructure is safe because it is difficult for terrorists to not only gain access to those networks, but also know what to do once they get there.
Information is also central to how our political system operates, to how the public is informed by the media, and to how public opinion is shaped. Information operations, as they are referred to in the military, can be used to influence decision-makers, convince the public of a particular narrative or encourage others to follow a particular course of action.
Such operations can also be used to damage the credibility and legitimacy of institutions.
The Report is fairly clear in saying that these types of operations are a growing concern, particularly as states test the limits of their new cyber capabilities, and become more sophisticated in their use. As the Report notes: 'Behaviour by a number of countries is demonstrating a willingness to use disruptive and destructive cyber operations to seriously impede or embarrass organisations and governments – equating to foreign interference or coercion'.
This is playing out before our eyes in the United States. [fold]
Late last week, in a letter issued by Director of National Intelligence James Clapper and the Department of Homeland Security, the US formally accused Russia of stealing emails and documents (through cyber espionage) from the Democratic National Committee and other individuals and institutions.
Since the DNC and the US government disclosed the hacks earlier this year there has been a slow release of emails and other documents. A variety of sources have been used to make the information public, starting with the hacker ‘Guccifer 2.0’, and now WikiLeaks.
These information dumps have had effect. One led to the resignation of the DNC chairwoman in July, right before the Democratic National Convention. The latest release from WikiLeaks concerning Hillary Clinton’s campaign chairman John Podesta, and a particular email he sent allegedly supporting claims that Hillary Clinton bore direct responsibility for the attack on the US diplomatic compound in Benghazi in 2012, is perhaps the most interesting.
The legitimacy of this mysterious email has been thoroughly debunked but that doesn’t really matter. It was picked up by the Russian-government controlled news agency Sputnik shortly after, and used by Donald Trump at a campaign rally in Pennsylvania on Monday.
Information operations seek to build, reinforce, or manipulate pre-existing narratives. Militaries teach that these narratives need to be grounded in an element of truth. To be convincing, they also need to use emotion, ethics and follow a logical pattern.
The use of cyber capabilities to obtain embarrassing information, and then the release of this information through a third party, show all the hallmarks of these sorts of information operations. They show an understanding of their intended audience, and an effort to reinforce existing narratives.
While these sorts of information operations are unlikely to propel Trump to the White House (he seems to be doing a good job of sabotaging himself), in another context or different election they could be decisive.
Imagine a damaging and purposeful leak by a foreign power before the Bush-Gore vote? Would something like this would equate to ‘foreign interference or coercion'? It’s very likely.
The fracturing of the media is a boon for such operations. Trump’s campaign, now being run by the former editor of conservative website Breitbart, is an example of how the media landscape has radically changed. In the US, foreign governments no longer have to use their own propaganda and media arms to spread disinformation. Fringe media elements will do it for them.
In Australia these sorts of hazards to the self-determination of our own political processes may seem remote; however, it is worth remembering that we have been on the receiving end of earlier versions of similar cyber and information operations.
In the 2016 Report, the government provided some welcome clarity in what it considers a cyber ‘attack’ on Australia.
But the recent events in the US demonstrates that espionage, crime and state-on-state conflict are not the only areas that the cyber domain encompasses. Our political systems and processes are vulnerable as well.
Photo by Mark Metcalfe/Getty Images