Two years ago Private John (not his real name) disobeyed the orders of his superiors, abandoned his job and also revealed his secret position to the enemy. Despite the seriousness of the events, he was not punished. John had been the victim of manipulation in the framework of cyberwar exercises carried out by a military group of the NATO Center of Excellence for Strategic Communication (StratCom), based in Riga (Latvia), of which he himself was a part. “We took personal data [de los soldados] who were on the Net, without hacking anything, in order to manipulate them and change their behavior. In just two weeks, for $ 200 [168 euros] and with a single employee we were able to get a soldier to disobey his superior ”, reveals the director of StratCom, the Latvian Janis Sarts, during an interview this Monday at the Embassy of his country in Madrid.
For the director of StratCom, a center opened in the capital of the Baltic republic in 2014, when the Eastern EU raised their swords high before the advance of Russia as a result of the conflict in Ukraine, “the data [su manejo] they will in the future be one of the threats to national security ”of Western democracies. The manager explains that it is sometimes difficult to identify whether external threats come from governments or related groups, but he does make it clear that it is a problem in which “Russia and, to a certain extent, China” are involved, and which are they are adding more and more countries. “Iran, Venezuela, Mexico and Brazil,” he lists. While slightly lowering his blue mask to sip a coffee, Sarts, 48, adds the Philippines to the list. The Southeast Asian country is not only making a dent in that list of “state actors” that act with malicious purposes in cyberspace, but it is also becoming the “zero kilometer of disinformation” in the world due to its wide use of English as a language; decent computer and technology skills; and a government, that of Rodrigo Duterte, which is “shy” when it comes to halting these activities, says the expert.
The Latvian, visiting Spain to discuss national security issues with Foreign Affairs and Defense, is concerned about the “rapid advance of technology” at the global level, which has implied greater political and social polarization. “There are more and more pronounced internal disagreements, to the point that there is almost no possibility of finding a middle ground of understanding [entre dos partes enfrentadas]”, the Mint. Sarts, who has been observing “hostile” acts in cyberspace for years, through attempts to manipulate public opinion or electoral processes, considers that now attention should be directed to another threat: manipulation and misinformation through the purchase of big data for malicious purposes. “With the sale of large amounts of personal data [big data] Now anyone can know how we think, how we move, what we like … That way our behavior can be manipulated in a much more sophisticated way in one way or another ”, he explains. That’s exactly what Private John’s behavior revealed in 2019, he recalls. And it is that “nobody is prepared for this threat.”
“In China everything is already being controlled from data, constant surveillance, artificial intelligence. This is the maximum control of behaviors and thoughts ”, something that he sees dangerous.
The team of 14 nationalities that Sarts pilots recently launched an experiment to see to what extent the handling of personal data is really a weapon and represents a threat to the security of States. “We buy from a broker data from 100,000 residents of Riga. We looked at what kind of information there was and if it could potentially be used for malicious purposes. We did microfocalization [el llamado microtargeting] to each one of them to know where they lived, what family they had, what they liked or how they moved ”, he illustrates. Finally, the StratCom concluded that the European market is legally better protected than the US; that users who move around the network in several languages are more exposed, and that the information purchased from the broker it was enough for a criminal to understand who that person is and manipulate their behaviors. “So that means yes. The handling of big data it represents a threat to national security, ”insists Sarts. Despite everything, the expert argues that Europe is at the forefront in terms of the protection of personal information thanks to the General Data Protection Regulation (GDPR) of 2018, ahead even of the United States.
In the face of new threats, less recognizable by the public, cyberattacks also continue to take place against strategic institutions or companies, as has happened in recent weeks in the United States with the case of an oil pipeline and a meat company. “It is still too early to draw conclusions [de esos ataques], but the moment in which they happened is interesting ”, he slides in reference to the closeness in time of the expected meeting between US President Joe Biden and his Russian counterpart, Vladimir Putin, which took place in Geneva (Switzerland) June 16.
Elections in Germany and France
In this sense, and in the face of two very important democratic events – the elections in Germany next September and the French presidential elections in 2022 – Sarts admits to being “concerned”. He admits that Russia has an interest in destabilizing and polarizing society in the EU. Instead, he believes that China has no interest in these elections.
The director of StratCom, who collaborates with NATO although it does not formally depend on it – it is financed by States attached to the center, but not all of them are part of the Atlantic Alliance -, assures that both France and Germany have been preparing for a possible electoral interference for some time, but He insists that “it will be difficult” to identify possible perpetrators. In the case of Russia, or of actors close to the orbit of the Kremlin, it is especially complicated, he says, because its modus operandi It consists of blending as much as possible with society, with groups and internal destabilizing forces of the affected country itself. Anyway, Sarts continues, “there are signs that Europe is recognizing that there is a problem and that there are some solutions on the technology front that it is leading, such as the GDPR. But it is not enough, ”he insists.
The expert points to the combination of three factors for Europe and the West to face these future challenges: more education, more regulation and greater capacity of States to identify who and for what citizens’ data is used. “Nobody is controlling it well,” he warns.
Eddie is an Australian news reporter with over 9 years in the industry and has published on Forbes and tech crunch.