Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Experts, Microsoft Push for Global NGO to Expose Hackers

As cyberattacks sow ever greater chaos worldwide, IT titan Microsoft and independent experts are pushing for a new global NGO tasked with the tricky job of unmasking the hackers behind them.

As cyberattacks sow ever greater chaos worldwide, IT titan Microsoft and independent experts are pushing for a new global NGO tasked with the tricky job of unmasking the hackers behind them.

Dubbed the “Global Cyber Attribution Consortium“, according to a recent report by the Rand Corporation think-tank, the NGO would probe major cyberattacks and publish, when possible, the identities of their perpetrators, whether they be criminals, global hacker networks or states.

“This is something that we don’t have today: a trusted international organization for cyber-attribution,” Paul Nicholas, director of Microsoft’s Global Security Strategy, told NATO’s Cycon cybersecurity conference in Tallinn last week.

With state and private companies having “skills and technologies scattered around the globe” Nicholas admits it becomes “really difficult when you have certain types of complex international offensives occurring.”

“The main actors look at each other and they sort of know who they think it was, but nobody wants to make an affirmation.”

Microsoft already floated the idea of an anti-hacking NGO in a June 2016 report that urged the adoption of international standards on cybersecurity.

The report by Rand commissioned by Microsoft called “Stateless Attribution – Toward international accountability in Cyberspace” analyzes a string of major cyberattacks.

They include offensives on Ukraine’s electricity grid, the Stuxnet virus that ravaged an Iranian nuclear facility, the theft of tens of millions of confidential files from the US Office of Personnel Management (OPM) or the notorious WannaCry ransomware virus.

– Duping investigators –

“In the absence of credible institutional mechanisms to contain hazards in cyberspace, there are risks that an incident could threaten international peace and the global economy,” the report’s authors conclude.

They recommend the creation of an NGO bringing together independent experts and computer scientists that specifically excludes state actors, who could be bound by policy or politics to conceal their methods and sources. 

Rand experts suggest funding for the consortium could come from international philanthropic organisations, institutions like the United Nations, or major computer or telecommunications firms.

Pinning down the identity of hackers in cyberspace can be next to impossible, according to experts who attended Cycon.

“There are ways to refurbish an attack in a way that 98 percent of the digital traces point to someone else,” Sandro Gaycken, founder and director of the Digital Society Institute at ESMT Berlin, told AFP in Tallinn.

“There is a strong interest from criminals to look like nation-states, a strong interest from nation-states to look like criminals,” he said.

“It’s quite easy to make your attack look like it comes from North Korea.”

According to experts at Cycon, hackers need only include three lines of code in Cyrillic script in a virus in order to make investigators wrongly believe it came from Russian hackers.

Similarly, launching attacks during working hours in China raises suspicions about Chinese involvement. 

Hackers can also cover their tracks by copying and pasting bits and pieces of well known Trojan viruses, something that points the finger at their original authors.

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Cyberwarfare

Cybersecurity firm Group-IB is raising the alarm on a newly identified advanced persistent threat (APT) actor targeting government and military organizations in Asia and...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...