Africa Defense Forum
ADF is a professional military magazine published quarterly by U.S. Africa Command to provide an international forum for African security professionals. ADF covers topics such as counter terrorism strategies, security and defense operations, transnational crime, and all other issues affecting peace, stability, and good governance on the African continent.

Digital Footprints Offer a Window Into Covert Actions

Daily News
By ADF
A member of the Red Hacker Alliance who refused to give his real name uses his computer at the group’s office in Dongguan, China. GETTY IMAGES

ADF STAFF

When recent reports emerged of widespread, yearslong cyberattacks by Chinese hackers on Kenya’s government, China was quick to offer a boilerplate denial. But, experts say, in the digital environment, it is harder than ever for attackers to cover their tracks.

Writing for Chatham House, Dr. James Shires, senior research fellow in the International Security Program, said strategies for covert action have evolved.

“The digital age has created many new opportunities for covert action but has also made traditional strategies much harder to conceal,” he wrote. One is to “use distraction and disinformation, hiding embarrassing or sensitive facts in a forest of false counterclaims.”

Russia and China have lengthy histories of covert operations and disinformation campaigns on the continent. Shires examined Iran’s activities as a case study.

“Iran’s use of its state airline and small boats to supply drones for Russia’s war in Ukraine, as well as its ongoing support for actors in several destabilizing regional conflicts, has brought the issue of covert action into the foreground,” Shires wrote.

Iran reportedly has conducted cyber-enabled influence operations around the world. At home, it has limited internet access and imposed censorship in order to quell dissent. But digital evidence of covert actions has grown as a method of countering these operations.

“There are pieces that will distinguish the operator or their sponsor,” cybersecurity expert John Hultquist told MIT Technology Review magazine. “They will bleed through multiple operations regardless of deception.

“Once you start tying it to other incidents, the deception loses its effectiveness. It’s very hard to keep the deception going over multiple operations.”

Hultquist pointed to a recent example in which cursory evidence of a cyberattack suggested that Iran bore responsibility. The hackers used tools typically associated with Iranians and wrote in the Farsi language.

But further investigation and information gathered from other internet espionage cases across the Middle East revealed that it was not an Iranian operation but was conducted by Chinese operatives posing as hackers from Tehran.

Shires is urging countries to develop tools and strategies to counter these covert actions.

Malign state and non-state actors expect their operations to be outed, he said. They already have plans to sow confusion with denials and distraction.

“Countering these changing strategies requires transparency, persistence and international cooperation,” he said.

“While narratives of attribution will always be contested, especially in an online world with an overload of misinformation and disinformation, the incremental weight of such reporting should not be underestimated.”

You might also like
Daily News

Nigeria Looks to Increase Role of Women in Security Sector

Daily News

Joint Military Operations Take Out Two Terror Figures in Eastern DRC

Daily News

Summit Tackles Tough Challenges in Land of Wonder

Daily News

Chinese Trawlers Decimate West African Fish Stocks as Oceans Heat Up

Comments are closed.

Privacy Policy