U.S. Army Captain Bishop Sparks shops for a car online as he sits in a Starbucks coffee shop while continuing to wait to leave Kuwait and head home after exiting from Iraq on December 11, 2011 / Getty Images

A huge theft of US government data marks a new time for national and terrorist warfare, taking place on the internet rather than in the real world

One of the most damaging and intense attacks on the US government ever took place this year. And nobody, even those that had been hit, knew.

The US government said last night that it had lost control of data held by the Office of Personal Management (OPM), which holds information about all of the staff employed by the US government. Nobody knows why, or who, stole it — but that is the reality of modern warfare.

As internet networks become ever more important and the attacks more sophisticated, both nation-on-nation attacks as well as those run by criminal and terrorists are becoming increasingly damaging. The huge hit on the OPM could be the beginning of the launch of full-scale and outright — but often unnoticed — warfare, of the kind that has now been going on quietly for years.

Who?

The US has accused China, and China has denied it. It’s likely nobody will ever know who’s right.

The lack of clear perpetrator is partly because of how easy it is to hide such attacks — they can be carried out on foreign soil, by for-hire hackers who might not even know who they’re working for — and also because so many people are hacking so many others, meaning that there’s a range of people with the means and the motive for such cyberattacks.

Even if the US is able to trace the attacks to China, it doesn’t mean that the government is involved. Many such attacks are carried out by gangs of cyber-criminals, who will take on any attack for a big enough fee.

Chinese officials, including a spokesperson from the Chinese Embassy, have made the same point.

"Cyberattacks conducted across countries are hard to track, and therefore the source of attacks is difficult to identify. Jumping to conclusions and making hypothetical accusation is not responsible and counterproductive," Zhu Haiquan told CNN.

The only real way to attribute cyberattacks is to find a person sat at a computer typing the malicious code, security experts say. Anything else is possible to fake.

Cybercriminals and national states are all involved in the hacking business. The big fear among some security researchers is that terrorists will also join — conducting cyberattacks that can be as economically damaging and even as deadly as physical attacks using chemical or , at a fraction of the cost.

“It’s possible” that traditional terrorists will also start moving into cyberattacks as well as physical ones, Eugene Kaspersky the Russian security expert who founded the eponymous cybersecurity firm, told The Independent in March. “Traditional crime already came to cyberspace. So they employ software engineers.”

“It’s a worst case scenario” that such a thing would happen, Kaspersky said. Such an attack would the end of the evolution of cyberthreats — which have been used by criminals, nation states, and potentially terrorist groups to catastrophic effect.

How?

It’s unclear exactly how the hackers got into the US government systems. Initial reports seem to indicate that the US wasn’t even aware of the attack until it came to increase its defences, finding the information breach after it had happened, and that they aren’t sure how many people are affected.

The hackers appear only to have taken data. That is terrifying and could be hugely damaging for those affected, but it’s one of the less directly threatening options available to hackers.

In recent years, hackers have managed to take control of physical objects and huge machinery. So much of the world’s most important equipment and machinery is now networked — the entire

There have only been two known hacks to cause physical harm. The first was the famous Stuxnet virus, which was created by US and Israeli hackers and planted in Iranian nuclear plants to sabotage key equipment. The second was revealed late last year, when investigators said that still unknown attackers snuck into the computers controlling a German steel mill and stopping a furnace from being shut down and causing massive damage.

Similar systems are present in all of our most important infrastructure. If hackers were able to, they could cause huge damage by wreaking havoc on our electric grid, financial services and other key networks, all from the comfort of their own computer.

 

Such attacks are likely to increase, as networks become yet more integrated and cybercriminals, terrorists and nation states become ever more sophisticated in their hacking. Those key industries that could be hit by such an attack are working hard to make themselves safe — but those that would benefit from attacking them are likely working just as hard.

Why?

US officials have claimed that the Chinese hackers stole the details so that they can be used to put together a database of the country’s officials and others, presumably to be used for traditional intelligence efforts.

But hackers’ motives are often as difficult as finding out who’s really doing the hacking. In the Sony hacks, for instance, the stated aim was stopping the release of The Interview — but it could just as easily be anything else.

Comments