This summer up to 83 million American citizens were under attack from Russia - and most of the victims of this almost surreal conflict didn't know anything about it.
The attack on the individual account holders – and internet servers - at America’s largest bank, JP Morgan, was one of the most serious to date in the new era of virtual wars taking place across oceans of cyberspace.
It is not clear what the Russian hackers were after, possibly personal details to be used at a later date in a form of cyber blackmail against the US government.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
SUBSCRIBE & SAVE
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The onslaught began in June and was only fully identified at the end of August. No immediate damage followed the mass hack - no accounts were drained, nor were any individual identities stolen and used for fraud. But it is clear that the story is far from over.
The JP Morgan attack ranks with other notorious cyber onslaughts, such as the Stuxnet worm which wrecked a large number of computers connected to the Iranian nuclear programme at Natanz, identified in 2010, and the less well-known assault that took down 60 per cent of the computing capacity of the Aramco oil giant in Saudi Arabia in 2012.
The Natanz assault is believed to have been a part-US, part-Israeli campaign. At around the same time, four key figures in the Iranian nuclear hierarchy were murdered, at least two by agents on motorcycles slamming ‘sticky bombs’ on the cars of the officials and scientists in thick traffic - a well-known tactic of Israeli intelligence agents.
The Aramco attack two years later is believed to have originated in Iran. In the space of a few hours, 30,000 pieces of data controlling anything from shifting of oil cargo to regulation of oil flow were hit by a worm. Operations were severely disrupted for over a fortnight, though no serious accidents, explosions nor deaths of oilfield workers resulted.
Today, cyber attacks are a daily occurrence. Hackers working for government, private commercial companies and international Mafia networks are trying to rob secrets on a galactic scale.
A large number of the hackings come from China. There is now a genuine fear that the Chinese military know large amounts about the most sensitive codes to the systems of the F-35 fighter bomber, the world's most advanced military plane - well before the aircraft become operational in the US and UK in four years’ time.
Much of this activity goes through the cyber empires of giants like Google, Facebook, Twitter, Amazon and even Apple. Intelligence gathering agencies like the NSA in the US and GCHQ at Cheltenham in the UK want to get hold of the data they hold in the name of the security of their states and their global allies. The multinational corporations say they must safeguard the rights of their clients to privacy.
What should be disclosed, where and when material should be snooped upon, is at the heart of the row over Lee Rigby's murderer advertising in advance on Facebook his desire to kill a British soldier.
Should Facebook have done more, and cooperated with security agencies? Or is the episode one of the risks an open society has to be prepared for in the age of cyberspace and virtual war? In the end Lee Rigby was a real flesh and blood victim of a brutal crime.
The European parliament has been discussing breaking up Google under European anti-trust law. The real fire in the debate is not commercial, several observers from Strasbourg have noted, but the belief of European MEPs and lobbyists that Google has done too little to protect the data, privacy and fundamental freedom of European citizens.
The notion that the big providers have helped the mighty intelligence snoopers of the NSA and GCHQ has, of course, been boosted by the revelations of the former NSA systems analyst, Edward Snowden. Through millions of leaked files, Snowden suggests that the intelligence agencies are indulging in mass surveillance - a Big Brother snoop on a scale undreamed of by George Orwell's 1984, or Franz Kafka’s The Trial. Security stalwarts in Britain and America say Snowden has undermined the security and safety of us all.
The argument is set to be thrashed out again in drawing up Britain's new Strategic Security and Defence Review due next autumn. The government is expected to put billions more into cyber strategy, if it isn't doing so already, while demanding savage cuts in defence and police costs elsewhere.
In fact, the new UK-US cyber counterstrike may have begun. Last week the Financial Times reported that the computer security specialists Symantec had identified one of the most powerful attack viruses, code named ‘Regin’. It appears to have been aimed at Russian and Gulf banking networks; it gets in, does its work, then disappears in days leaving no trace.
Because of Regin’s targeting pattern, Symantec suspects it came from the US and/or the UK and could not have happened without the foreknowledge, at least, of the NSA and GCHQ and/or the intelligence services, the CIA and MI6.
The first overt sign that a new era of virtual war is upon us came at the recent G20 summit in Australia.
Vladimir Putin turned up in Brisbane with his pocket flotilla of warships offshore and had a public contretemps with David Cameron over Ukraine. This was plain for all to see. But what went on behind the scenes before Putin's early departure was far more interesting: there it is believed that Cameron and President Obama’s teams sent the Russians a clear message - “stop the escalation” of cyber attacks before things get out of hand.
Which brings us back to the attack on JP Morgan. The bank itself has been reticent about discussing the episode, but has confirmed that its 83 million account holders and some 90 servers were compromised, though without any lasting damage being detected - for now, at least.
The technical analysts examining the JP Morgan case have said they believe at least nine other major institutions were invaded. And they are confident the attacks came from Russia.
The assumption is that Putin’s security apparatus is sure to have known of a cyber offensive on this scale. “The Russians are way ahead of us on this,” says Professor Chris Coker of the LSE.
Academics working at King’s College London on the regulation by law of cyberspace believe that the JP Morgan attack may have been part of an alternative war plan which Putin has been perfecting and implementing for nearly two years now. Moscow’s success in winning back the Crimea by non-military means is believed to part of Putin’s grand plan.
The fact is we don’t know where all this is heading. Some of these attacks, such as the JP Morgan raid this summer, may have been purely criminal in intent, the work of sophisticated fraudsters and/or international Mafiosi. Others are far more likely to be the work of government agencies.
The suspicion and fear is that malware may have been released by Stuxnet, the Aramco worm, and the hackers of JP Morgan which is still sleeping, to be awoken at a future date.
Then the virtual war won’t have virtual victims, but real ones, made of flesh and blood.
Today's political cartoons - November 2, 2024
Geoff Capes obituary: shot-putter who became the World’s Strongest Man
Israel attacks Iran: a 'limited' retaliation
Has the Taliban banned women from speaking?
Cuba's energy crisis
Putin's fixation with shamans
Chimpanzees are dying of human diseases
Deaths of Jesse Baird and Luke Davies hang over Sydney's Mardi Gras
Quiz of The Week: 24 February - 1 March
Will mounting discontent affect Iran election?
Sweden clears final NATO hurdle with Hungary vote
