The word proxy is interesting. In Latin, procuro means manage, administer - from pro (“on behalf of”) and curo (“I care for”).
Today a proxy is a person or entity who is authorized to act on behalf of another person or entity.
Countries expand their global intelligence footprint to better support their growing political, economic, and security interests around the world, increasingly challenging existing alliances and partnerships. They employ an array of tools, especially influence campaigns, to advance their interests or undermine the interests of other countries. They turn a power vacuum into an opportunity.
Countries use proxies (state-sponsored groups, organizations, organized crime, etc.) as a way to accomplish national objectives while limiting cost, reducing the risk of direct conflict, and maintaining plausible deniability.
With plausible deniability, even if the target country is able to attribute an attack to an actor, it is unable to provide evidence that a link exists between the actor and the country that sponsors the attack.
According to Tim Maurer, proxy is an intermediary that conducts or directly contributes to an offensive cyber operation that is enabled knowingly, actively or passively, by a beneficiary who gains advantage from its effect.
Cyber proxies are valuable actors in political warfare. This is the employment of military, intelligence, diplomatic, financial, and other means, short of conventional war, to achieve national objectives. It encompasses the exploitation of computer networks and platforms, electronic warfare, psychological operations, and information operations.
For some countries, the main battlespace is the mind. With information and psychological warfare, these countries can morally and psychologically depress the enemy’s armed forces personnel and civil population.
In 2019, the United States spent $732 billion on defense, compared to Russia’s $65.1 billion. It is obvious that Russia and other countries in similar position will try to find less expensive means to counter big, expensive U.S. weapons and systems. Cyber espionage is especially economical when countries conduct activities through proxies.
Countries actively create fertile grounds for malicious activities to occur. Cyber actors (which include cyber criminals, hacktivists, and political, economic and religious groups) are continually operating from within the sphere of influence of the sponsoring country with the understanding that their illegal activities will be tolerated, as soon as they will also support the objectives of the sponsoring country.
As John Carlin, former Assistant U.S. Attorney General for National Security has stated, what you’re seeing is the world’s most sophisticated intelligence operations when it comes to cyber espionage, using the criminal groups for their intelligence ends, and protecting them from law enforcement.
Cyber threats posed by cyber proxies must be managed, and the laws must be changed in this area. Publicly attributing malicious cyber activity to a country in a timely manner and holding that country accountable is difficult, but necessary. If international law is unable to solve these problems, national policies will ignore international law and confront cyber adversaries through rapid attribution and offensive countermeasures, to deter future aggression.
COVID-19 and cyber proxies
The COVID-19 pandemic has disrupted life worldwide, with far-reaching effects that extend well beyond global health to the economic, political, and security spheres. The economic and political implications of the pandemic will ripple through the world for years. It is raising geopolitical tensions, and many countries try to take advantage of the situation and increase their influence.
The economic fallout from the pandemic is likely to create or worsen instability in many countries, as people face challenges that include economic downturns, job losses, and disrupted supply chains. Some hard-hit developing countries are experiencing financial and humanitarian crises, increasing the risk of surges in migration, collapsed governments, or internal conflict.
The COVID-19 pandemic is prompting shifts in security priorities for countries around the world. As the public and the private sectors try to cut budgets, gaps are emerging in training and risk management. These gaps are likely to grow.
Cyber proxies consider the Covid-19 pandemic a major opportunity to spread a cyber pandemic and infodemics (disinformation campaigns that use the pandemic as a vector). They can influence citizens around the world to question the policies in many countries and divide the population. They can also attack the health care sector and the institutions involved in the management of the crisis, to make governments weaker in responding to the crisis.
Cyber proxies love the new "work from home" policies, and the exponential digitalization of our lives for work, education, communication and entertainment. Moving activities online creates new opportunities for malicious actors.