A Reuters press release announces that ‘governments are reacting against the Revil gang and taking it offline’. The article refers to an action concluded towards the end of October 2021 in which the FBI, together with Cyber Command, intelligence services and ‘likeminded countries’ blocked the activities of the criminal group REvil, blamed for the attacks on the US Colonial pipeline and Quanta Computer, the Taiwanese Apple supplier from which new product designs were allegedly stolen. by Andrea Monti – Initially published in Italian by Strategikon – an Italian Tech Blog
There is no further information, but reading between the lines of the declarations reported in the Reuters article and taken up almost verbatim by other sites that have dealt with the news, it is possible to identify some strong points. The first is that the American attack was a full-scale attack and not a simple judicial action. Also, in the United States, there is a clear difference between the police activities directed to ensure the evidence to be discussed before a judge, between the military actions conducted with the forms of international law, and the clandestine operations, which are the responsibility of the secret services. In other words, to return to our country, even if the security services provide information to the judicial authority, they do not participate in investigations. The military has minimal judicial police powers, which it must exercise under the control of a magistrate.
Secondly, cooperation with like-minded countries – countries that ‘think alike’ – means that similar foreign institutional structures also participated in the attack, sharing the offensive choice but whose identity has not been made public.
Third, it is clear that the US government has adopted its official policy to react against criminal groups by doing whatever it takes to stop them. This ‘results-oriented approach may be efficient for immediate needs such as stopping cyber-attacks on critical infrastructure, but it has little or nothing to do to find perpetrators of criminal acts, prosecute them, and punish them. If what Reuters writes is true, it is evident that the action of the US (and of like-minded countries) is utterly incompatible with the rules governing investigations and trials. We face the behaviour of a sovereign state that, when attacked, reacts with all the tools at its disposal, no matter what.
Quite apart from any hypocrisy, it is true: we would not get a spider out of the fire if we had to wait for the time required for a formal investigation, which also requires activating international cooperation with countries that might not be too keen on doing so. Not to mention the time required for trials and the execution of sentences. While waiting for the final verdict, we may no longer be there to hear it. What we should ask ourselves, however, is whether the needs of the emergency (in this case, represented by ransomware) justify undermining the system of rights that make our world free.
If we abstract from the specific case, what has happened is that police, military and secret services of at least two countries have conducted a semi-clandestine operation, of which no details have been provided, against people located in other jurisdictions. As when someone in Italy proposed to ‘bombard paedophile sites with viruses‘, carrying out cyberattacks on foreign soil without the authorisation of the ‘host’ country means committing a hostile act that justifies retaliation, regardless of whether the action targeted the perpetrators (not declared as such by a judge) of a crime. The law, therefore, no longer has anything to do with these public policy choices. It is nothing new, of course. Targeted assassinations, for example, are an instrument of foreign policy widely used by the USA, Israel and France. But always, until now, within the attributions of the executive power and not also of the judicial one.
The zeitgeist leads to considering laws and rights as useless frills compared to “what is needed”, but every time a step backwards is taken in the name of this principle, the lost spaces of democracy are not recovered. The dramatic aspect of this situation is that we are not faced with a nation’s plan “to defend monto patrons” or other forms of conspiracy. The absence of corpses, mutilated people and rubble, and the absence of flag-draped coffins make actions that, had they been carried out in the ‘traditional’ way, would have had far different consequences, easier to bear and more acceptable.
After all, we are only talking about computers.