This post was written by Alis Wang
The cyberwarfare threat is becoming a growing concern to US officials as well as banks and media companies. Just last week, The New York Times revealed that Chinese hackers attacked the newspaper continuously over the last four months by infiltrating its computer systems and obtaining employee passwords. The Wall Street Journal and The Washington Post soon followed with announcements that Chinese hackers had also targeted their systems. This past fall, several US banks, including Bank of America, Citigroup, and Wells Fargo were hit by cyberattacks by Iran. The Department of Homeland Security recently also disclosed that an American power station had been inoperable for weeks due to acts of cyberwarfare.
The cyberattacks on The New York Times occurred soon after the newspaper published its investigation on Chinese Prime Minister Wen Jiabao’s relatives, who had amassed several billions of dollars through various business deals. The hackers broke into the email accounts of Shanghai bureau chief David Barboza, who wrote the articles on Mr. Wen’s relatives, and of South Asia bureau chief and former Beijing bureau chief, Jim Yardley. Security experts found no evidence that the hackers used passwords and system access to obtain information unrelated to reporting on the Wen family, which suggests that the cyberattack was in line with Beijing’s broader cyber campaign against media companies that report on Chinese corporations and leaders in its attempt to control China’s public image and intimidate domestic sources. Similarly, the cyberattacks on The Wall Street Journal targeted a few journalists in the Beijing office such as Jeremy Page, who had authored articles on the Bo Xilai scandal and the murder of British businessman Neil Heywood, but experts found no evidence that customer information had been misappropriated.
In the Iranian cyberattack on US banks last fall, hackers created significant disruptions to numerous online banking websites, although no accounts were breached or funds stolen. US officials say that the cyberattack was sophisticated and on a large enough scale that they are convinced it was the work of the Iranian government. The hackers also pursued disruption of the websites as their goal rather than financial gain, another sign of a state-sponsored attack.
Former Secretary of State, Hillary Clinton, has cited a need for an international effort to establish “rules of the road” for cyber activity. The increase in cyberattacks over the last few years has spanned both governmental and nongovernmental institutions and show no signs of abating. The race to enhance cyberwarfare could be perhaps the “most complex arms race underway” and involves other countries beyond China and Iran. The White House has taken this into account and is drawing up new polices on cyberattacks to deal with this new realm. As for the US’s own use of cyberwarfare, one senior US official stated that cyberweaponry was considered so potent that, like nuclear weapons, they should only be used under direct orders from the President.
The Palantir platform is a great tool for tackling the cyberwarfare threat as it allows analysts to make connections between large amounts of data, organize it in a visually appealing way, and share findings easily with other analysts. Suspicious IP addresses can also be plotted on the Map Application to analyze activity geospatially. Praescient looks forward to continuing its work with its cyber analyst clients as they tackle this growing and complex problem.