With the latest series of aggressive hacking on critical infrastructure and massive scale ransomware attacks on United States companies and institutions, it is clear that we are in a cyber war with adversarial countries, including Russia, China, North Korea and Iran. These nation state actors bring resources and dedicated programs with the intention of stealing intellectual property, robbing our businesses with illegally harbored ransomware gangs, and aggressively harvesting state secrets from our government.
China uses cyber war techniques with the intention of obtaining intellectual property that gives them a cost advantage to compete with the US and our allies. Defense designs, chemical facility blueprints, even recreational boat building plans have ended up in the hands of Chinese backed state owned corporations, giving them a competitive advantage – our stolen R&D. Russian ransomware gangs operate more like a bank robber that plants a bomb in the bank with the threat of blowing it up – just show them the money (bitcoin), and they will defuse the bomb. North Korea has been implicated in breaking into global banking networks and siphoning off large sums to support their mafia style regime. Iran took down Saudi Aramco’s technology infrastructure with what is believed to be a well-planned and executed insider hacking attack. Localized attacks on critical infrastructure are also increasing from these nation states as they probe our defenses.
Russia, China and other adversarial governments hide behind criminal organizations or secret military operations to masks their true intentions and deny culpability, but these nation states are the force behind these state-sanctioned attacks on the US homeland and our allies. Nothing happens in Xi’s China or Putin’s Russia without their awareness, tacit agreement, and likely, a cut of the action.
There is historical precedence between commercial and geopolitical competitors for this type of disruptive activity— we just need to gaze back to the age of sail. For many centuries, governments used third-party commercial incentives to disrupt their adversaries. Disrupting your competitors’ shipping and ocean-based supply chain, is not unlike the hacking we are experiencing today. Seizing or sinking ships, and capturing “prizes” is very similar to state-sanctioned ransomware gangs holding up US companies for bitcoin payments. Pay us the bounty, mate, and we will release your ship (or data). If you resist, we will sink you (or delete your system’s data).
The legal mechanism that was used in the 18th and 19th centuries for state sanctioning of this “privateering” activity by entrepreneurial civilian captains was the Letter of Marque and Reprisal. Letters of Marque, granted by a sponsoring government, provided legal cover to merchant vessels to arm themselves and sail out in search of prizes. If an adversary’s ship was captured, it was brought to an Admiralty Court, and if deemed a legal capture, it would be sold with its cargo, with the proceeds being split between the merchant privateer crew and a cut of 10% for the government. Sound familiar? Many sea-born entrepreneurs including the infamous Captain Kidd were both pirates (unsanctioned raiders) and Privateers sanctioned by their home government.
The US government routinely used this practice during the Revolutionary War and to a lesser extent during the War of 1812. The American revolutionary war fleet of privateers numbered in the hundreds, and many privateers were skilled seamen. In the American Revolution, privateers transported arms, munitions and tropical products to the American continent. Privateers became a weapon in the fight for independence.
Our adversaries have updated the letter of marque strategy from the age of sail to modern day privateering (hacking) with the goal of intellectual property theft, state secret spying, and ransom extortion to enrich their economies and achieve geo-political objectives.
Recently, the US justice department through its Rewards for Justice program has offered a $10 million dollar reward for obtaining information related to cyber hacking of critical infrastructure. Could this be the first step in reviving our long dormant Letter of Marque program? What is not widely known is that use of Letters of Marque and Reprisal is codified in our constitution and could be used as an effective equalizer to stop the aggressive hacking on our national infrastructure if placed in the right hands.
A letter of Marque and Reprisal is defined as: “A license giving authority to a private citizen allowing the citizen to engage in reprisals against citizens or vessels of another nation. Exclusive power to grant letters of marque lies with Congress pursuant to Article I, Section 8, clause 11 of the Constitution”.
As a nation of laws, it is illegal for US citizens to hack both domestically and internationally, even adversarial countries, but with an act of Congress granting permission on how our ethical hacking community can go on the offensive with the permissions from a Letter of Marque, we can re-imagine how this long-neglected statute can work to our advantage.
The ultimate objective may be to accumulate and publish enough embarrassing information on our adversaries’ elite class (I am sure there is plenty of it out there on Oligarchs and corrupt officials as an example) to pressure our adversaries into a cease fire, truce and then treaty.
But before we release the energies of our ethical hacking community on this voyage, Congress would need to be clear on the rules of engagement and targets, and commercial entities would need to be fastidious in their record keeping and compliance. After all, Captain Kidd was hanged as a pirate for his privateering activity by the British government because he couldn’t find his Letter of Marque. Unfortunately for him, it did turn up in the British Government archives 200 years after his trip to the scaffold!
- Russia, China, Cyber War, and Letters of Marque and Reprisal - September 12, 2021
Pingback: Russia, China, Cyber War, and Letters of Marque and Reprisal - InfoSec Today