A defining characteristic of 2022 has been the way that online campaigns driven by real-world events have amassed unexpected energy, fueling hacktivism and inviting in global chaos. At times, the internet has become a battleground of competing spheres in which nation-state linked actors and devoted pro-nationalist vigilantes and hacktivists fight for supremacy and media attention.
While internet pessimism is nothing new, the idea that the internet might not continue to exist in its current, relatively open and democratic form is not a positive development. If the internet is reduced to a geo-political playground, it will lead to an internet ruled by propaganda bots, where opinions are expressed by denial-of-service attacks, and chaos and instability rule.
2023 will be the year when DoS becomes a viable alternative to fight piracy or cybercrimes
In countries that have considered the issue, DDoS attacks are illegal (in the US, according to the Computer Fraud and Abuse Act). This is for good reason – DDoS attacks are a form of computer abuse that can’t be conducted inadvertently. And yet, morally motivated hacktivism that abuses DDoS attacks continues to grow in number.
Consider, for instance, the attacks by Ukraine’s IT Army in 2022. Fueled by a groundswell of patriotic hacktivism, these DDoS attacks became morally acceptable if performed for the right cause. Subsequently, there has been some discussion about the possibility of legalizing DDoS attacks to counter illegal activities. For example, the Hungarian Communications Association said it is initiating a round table discussion with domestic stakeholders, including legislators, copyright holders, neighboring rights holders, Internet service providers, and broadcasters. It aims to determine whether it’s possible to launch DDoS attacks against internet protocol television (IPTV) pirates while enjoying legal protection.
In 2023, it will prove hard – if not impossible – to roll back the double standards on DDoS. While it is unlikely that such DDoS attacks will become legal in countries such as the US anytime soon, for the first time ever, it’s not completely impossible that some countries might be impervious to the use of DDoS attacks in certain circumstances as a trade-off.
The global internet will splinter further
The idea of a free, global and non-authoritarian internet was a worthy aspiration that guided its development and growth for the first thirty years. However, the risk of this same internet now fracturing into multiple smaller, geographically or functionally defined pieces seems to be gathering pace. The impetus is largely from authoritarian nations that want to re-assert control inside their borders over what they see as a destabilizing information free-for-all. This could mean:
- The internet as we know it will have to change to enable organizations to safely conduct business and expand globally, while nations look at better ways to protect their cyber borders against rival nations.
- Artificial outages will continue to be used to limit social media communications at times of unrest.
- Splintering can happen at several levels, including commercial and national. We might see more internet overlays. While inspired by the dark web, they’ll be aimed at creating safe islands on top of the chaotic internet as well as controlling access and identification of ‘trusted’ participants to conduct business and commercial transactions.
Nation states will continue to go rogue
There was a time when nation states liked to keep a low profile, conducting their probes and hacking in the background, protected by the notion of plausible deniability. This situation has degraded rapidly. Now, attacks are often thinly signposted by attackers as part of geo-political influence campaigns. Specific events, such as Russia’s war against Ukraine, seem to accelerate this deterioration.
- It is unlikely that hacktivist operations related to the Russian invasion of Ukraine will stop following the war’s end.
- The line between financially motivated and nation-state affiliated crime will blur even further as ransomware operators and hacktivists might get leveraged as proxies in a cyber cold war.
- Countries will continue to create, transform and mobilize their cyber armies for offensive operations, targeting other nations as well as malicious actors.
- Threat actors will become more aggressive towards victims and one another because of a more competitive landscape, especially when authorities start to impact their operations by “hacking back” the hackers.
The internet has never been in more need of good governance and technical transparency than it is now. The evolution in the threat landscape is only creating a more tumultuous and unpredictable environment for organizations that must continue to look for ways to steer clear of trouble.
Contributing author: Daniel Smith, Head of Research for Radware’s Cyber Threat Intelligence division