UK can retaliate against state-sponsored cyber attacks on elections
Cyber Warfare / UK can retaliate against state-sponsored cyber attacks on elections & critical industries
25 May 2018
Attorney General Jeremy Wright has said that the UK has the right to “name and shame” states that seek to disrupt the UK’s industries by carrying out cyber attacks through proxies or those who seek to manipulate the electoral system to alter the results of elections.
Addressing the foreign affairs think tank at Chatham House recently, Mr. Wright said that a hostile country cannot escape retaliation by hiding behind proxy groups after supporting targeted cyber attacks on the UK’s critical infrastructure firms, adding that such attacks should be treated with as much seriousness as bombing raids.
“International law is clear: states cannot escape accountability under the law simply by the involvement of such proxy actors, acting under their direction and control.
“But the challenge, as ever, is not simply about the law – as with other forms of hostile activity there are technical, political and diplomatic considerations in publicly attributing hostile cyber activity to a state in addition to whether the legal test is met,” he said.
He added that the use of cyber operations by a hostile state to manipulate the electoral system to alter the results of an election in another state, intervention in the fundamental operation of parliament, or in the stability of our financial system must surely be a breach of the prohibition on intervention in the domestic affairs of states.
“A breach of this principle of non-intervention provides victim states with the ability to take action in response that would otherwise be considered unlawful, but which is permissible if it is aimed at returning relations between a hostile state and the victim state to one of lawfulness and bringing an end to the prior unlawful act,” Mr. Wright added.
Mr. Wright’s comments are in line with how the UK has responded to external attacks, cyber or conventional, in the recent past. Back in March, following the assasination attempts on Sergei Skripal and his daughter Yulia, Prime Minister Theresa May had said that if Russia failed to satisfy the UK on its involvement in the use of the nerve agent, the act would be seen as “an unlawful use of force by the Russian state against the United Kingdom”.
“This attempted murder using a weapons-grade nerve agent in a British town was not just a crime against the Skripals. It was an indiscriminate and reckless act against the United Kingdom, putting the lives of innocent civilians at risk. And we will not tolerate such a brazen attempt to murder innocent civilians on our soil,” she said.
She followed up her statement by formally cancelling high-level diplomatic relations with Russia and expelling 23 Russian diplomats who were branded as “undeclared intelligence officers”.
Similarly, the UK had also publicly named North Korea as the principal backer of WannaCry ransomware attacks that took place in May last year. Speaking at BBC Radio 4’s Today programme in November last year, Home Office Minister Ben Wallace publicly stated that North Korea was behind the WannaCry attack in May that impacted several NHS trusts and other institutions.
“This attack, we believe quite strongly that it came from a foreign state. North Korea was the state that we believe was involved this worldwide attack. It is widely believed in the community and across a number of countries that North Korea had taken this role,” he said.
Can the UK carry out offensive cyber operations?
While the UK has been vocal in naming and accusing hostile nations of carrying out cyber attacks on businesses and individuals, does it have the capability to carry out offensive cyber operations in response to cyber attacks on critical industries or government institutions?
The UK did showcase such capabilities last year when an offensive cyber campaign carried out by GCHQ successfully defeated the ISIS’ online propaganda efforts and in ensuring that the group could not coordinate cyber attack.
“These operations have made a significant contribution to coalition efforts to suppress Daesh propaganda, hindered their ability to coordinate attacks, and protected coalition forces on the battlefield.
“In 2017 there were times when Daesh found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications. Of course, the job is never done – they will continue to evade and re-invent. But this campaign shows how targeted and effective offensive cyber can be,” said Jeremy Fleming, head of the British Government’s Communications Headquarters (GCHQ) at the CyberUK18 conference in Manchester Central in April.