04. Jul 2018
ŠUM#9 / Patrick Steadman: Advanced Persistent Threats in the Arts
Recent examples of shadowy arts funding and hacking attacks on culture organizations hint at how nation-state level actors can corrupt or disrupt the practice of art around the world.
Art in a Geopolitical Context
This past holiday season, the Poly Culture Art Center in Vancouver hosted an exhibition titled In the Mood for Love: An Exhibition Featuring Chinese and Canadian Female Artists. Perhaps in an effort of intra-group-show diplomacy, the exhibit’s academic chair Dr. Fu Yijing noted that both the Canadian and Chinese artists tended to avoid the “major and grandiose themes” favored by their male peers in favor of an “unofficial, depoliticized” presentation.
Ironically, the show’s institutional context is both grandiose and political: Poly Culture is a subsidiary of the China Poly Group Corporation, a state-owned enterprise founded by the People’s Liberation Army in the early nineties. Poly Group’s many business units include the world’s third-largest auction house (Poly Auctions) and a major defense manufacturer (Poly Technologies).
There’s a history of conflict between Poly Technologies and the US government dating back to 1996, when federal agents posing as gang-sponsored arms smugglers seized 2,000 AK-47s and indicted eight Poly Technologies employees. Most recently, in 2017 the US State Department blocked a transaction between the company and the Namibian Defense Force, citing a 2013 sanction applied after Poly allegedly sold weapons to Iran.
If it’s not obvious why a defense manufacturer would have an arts unit (art lawyer Nancy Murphy sarcastically asks, “Doesn’t every army have auction arm?”), Poly Group’s history of repatriating Chinese national treasures provides a suggestive origin story. In 2000, Poly Group spent $31 million to purchase three Haiyangtang artefacts on auction after Christie’s and Sotheby’s ignored Chinese demands to suspend the sale on the grounds that the artefacts were stolen by British forces during the Second Opium War.
Thus, it’s fitting that when the Poly Culture Art Center opened in Vancouver last winter, its first event was an exhibition of items from the Old Summer Palace, including four animal heads from the Haiyangtang. This grand opening was accompanied by some controversy in the Canadian press: cozy relationships between local politicians and Poly Group executives were exposed in a freedom of information request, and former Intelligence Services director Richard Fadden warned that “more due diligence is warranted”. 
How should an art critic respond to work presented by an institution like Poly Culture?
Some might see foreign state institutions as a propaganda threat and oppose the pollution of artistic practice with defense industry funds. Others might believe that state-supported arts repatriation is a meaningful anticolonial gesture, or think that people overly concerned with artistic ideals are a bit naive.
The dialogue between these overlapping viewpoints touches on many of the big hairy arts questions: art and money, art and politics, art and nationalism, art and ethnicity.
Let’s narrow the scope of discussion to the aspects of Poly Culture that might violate contemporary Western expectations of how the art world functions. And in order to short-circuit some nationalistic tendencies, let’s consider three new examples of controversial state-backed arts activity.
Perhaps the best-known example is the US Central Intelligence Agency’s secret funding of abstract expressionism during the Cold War. In order to ensure the United States was perceived as a vanguard of progressive thought rather than a philistine, racist backwater, CIA agents funded shell foundations that promoted abstract expressionism domestically and abroad.
Another example is Material Evidence, a Russian-backed exhibition of conflict photography held in New York, Germany, and Brussels in 2014. This exhibition has been reported on as a curiosity tangential to a larger story: Russia’s use of social media to influence American political discourse. Adrian Chen helped to popularize this narrative in his 2015 article The Agency, which details the connections between a network of sock puppet accounts and a St. Petersburg organization known as the Internet Research Agency. Most of the article is focused on the organization’s social media operations, but one section is dedicated to Material Evidence. Chen first became aware of the show when he saw ads on the subway, but then really started paying attention when he observed sock puppet accounts RSVP to the show’s event page on Facebook.
The final example of state-backed arts activity is a bit different: the alleged North Korean hacking of Sony Pictures in 2014. In November of that year, a hacker group leaked a batch of Sony Pictures data including emails and film scripts, and then threatened to leak more if Sony continued with plans to release a Seth Rogan comedy about a plot to assassinate Kim Jong-un. In response, all major US cinema chains voluntarily cancelled their screenings of the film. The United States FBI and most information security professionals attributed the hack to North Korea’s cyber unit.
In each of these examples, agents of the state took actions in the art world to advance specific geopolitical interests, violating different expectations about the state’s relationship to the arts in the process. These expectations might include: that government agencies shouldn’t secretly or deceptively fund arts projects, that militaries shouldn’t disrupt the art projects of foreign civilians, and that shadowy state-funded social media operatives shouldn’t be used to support art shows abroad.
It’s unclear where expectations of a transparent relationship between the state and the arts originate. In the United States, the status quo is pretty simple: government involvement in the arts is usually welcomed in the form of money, and usually condemned in form of censorship. Perhaps this framework was adequate for a period of unipolar cultural, military, and economic dominance by the United States, but as China escalates its challenge to the West’s thought leadership, and as Russia perfects the art of social-enhanced cyber influence, government involvement in the arts will need to be reassessed in geopolitical, multipolar terms.
If governments around the world decide that the arts are an important part of advancing national interests, the art world may become an environment where state actors are the source of many threats and opportunities. Just as American businesses have been threatened by Chinese hackers and Chinese businesses have benefited from the results of state-funded hacking activities (often without businesses on either side being fully aware of the hacking), artists and critics might unknowingly become the beneficiaries or victims of state tradecraft.
Introduction to Advanced Persistent Threats
The term advanced persistent threat, or APT, was developed by the US Air Force in 2006 to help analysts discuss hacking attacks on civilian organizations without disclosing the classified identities of the attackers.
The term can be repurposed to discuss the most egregious examples of state (or corporate) interference in the arts. Having a well-defined term to describe behavior that is clearly hostile to concepts of artistic freedom or fairness can help critics recognize questionable practices and arrangements. A well-defined term with clear criteria can also help critics avoid reflexively passing xenophobic judgment on the arts activities of foreign governments.
Let’s first consider what an advanced persistent threat is in the context of hacking.
The term APT usually refers to a hacking process and its associated forensic signatures. The term APT Group is used to refer to the people or organizations executing the hacking. For example, DarkHotel is an APT that is characterized by the use of compromised hotel WiFi networks to install malware on the devices of business leaders, usually for the purpose of espionage. Although security companies have been tracking the APT since 2004, the attribution of the attackers is still unclear (evidence only suggests that the hackers speak Korean). The DarkHotel APT is identified by its signature malware toolkits, zerodays, forged digital certificates, command-and-control servers, and choice of targets. The concept of an advanced persistent threat is well suited for cyberspace, where attribution is often impossible and processes can be more important than people.
Governments and security firms have created lists of APTs, creating nicknames like DarkHotel that correspond to attack signatures and suspected attribution. Some of these lists are released publicly, others are private, and still others have been leaked (for example, the CIA’s list was leaked recently in the Vault 7 documents). In one Google Spreadsheet created by the infosec community on Twitter, many APTs have over ten different names.
Browsing the catalog of APTs, one thing jumps out: the vast majority of the APTs are non-Western in attribution. Perhaps this is unsurprising, given the origin of the term. But over the past few years, leaks and fuck-ups have shed light on the activities of The Equation Group, the most common name given to the hacking arm of the NSA and its partners. One of the most dramatic examples of the Equation Group’s operations is Stuxnet, a computer worm that was successfully used to sabotage Iranian uranium enrichment centrifuges. The worm was designed to spread among industrial contractors until it compromised an air-gapped Iranian nuclear facility, but a bug eventually caused it to “escape” and indiscriminately infect sensitive computer systems all over the world.
Definitions of advanced persistent threat often break down the term into its components:
Non-trivial tools and methodologies are used to compromise organizations that have already implemented best security practices. Sophisticated anti-forensic controls are in place to mitigate the risk of detection and attribution.
Attacks are in support of a mission rather than opportunistic, and are often motivated by a “higher cause” like patriotism, anti-terrorism, or freedom of information. Hacking processes can continue for years, as they are protected from both business and legal pressures. When systems are “owned”, the APT tends to linger indefinitely, vacuuming up more data or pivoting to partner institutions.
APT processes are dangerous to both individuals and organizations, both civilians and spooks. Collateral damage to random individuals may occur when personal or business data ends up in predatory hands. At the same time, APTs pose a serious, organized threat to homeland security, whether in the form of military-industrial espionage or political interference.
Security professionals and government agencies use the components of an APT as criteria to distinguish between advanced, calculated attacks and opportunistic “drive-by” attacks.
The 2017 Equifax hack is a good example of a data breach that was not the result of an APT. Even though the breach was massive and Equifax would probably like you to believe that they were compromised by an elite cyber-warfare unit, it’s pretty clear that the breach was the result of a preventable “drive-by” attack. The attackers used widely-available exploit code to gain access to an outdated web server, and then clumsily exfiltrated data using methods that should have triggered automated countermeasures.
Theory of Advanced Persistent Threats in the Arts
What type of activity should qualify as a true advanced persistent threat in the arts?
First, an advanced persistent threat in the arts must be conversant with the art world and relevant to the work of other artists, institutions, critics, and buyers. This criteria excludes vanity projects and heavy-handed propaganda efforts, which will likely be rejected by the art world simply due to a lack of “advancedness”, just as Material Evidence was largely rejected by the New York City art scene. (However, it’s worth noting that the exhibit seems to have fared better in Berlin, where it was able to organize an event with the local Coop Anti-War Cafe and recruit a new director, a German-American journalist named Benjamin Hiller.)
In addition to being artistically relevant, the activity must be related to a specific national (or corporate) interest. General “boosting” of a nation’s art scene is rarely a zero-sum threat to foreign interests, except under certain conditions. One example of such zero-sum conditions was early years of World War I, when a secret group of British authors and intellectuals known as Wellington House tasked popular Canadian novelist Sir Gilbert Parker with the important goal of bringing the United States into the war on the Allied side. Parker assembled a large list of influential Americans, and sent them personal notes with excerpts of writers like George Bernard Shaw, H.G. Wells, and John Galsworth, all while secretly arranging for the wide publication of extreme German nationalist writers like von Bernhardi and Nietzsche. The subtle but effective approach of Sir Gilbert Parker is characteristic of his Wellington House peers, and after the war many German officials believed that British propaganda was a major factor in their defeat.
The final criterion for an APT in the arts is that it must use nefarious (or at least questionable) means in order to corrupt or disrupt the arts. There’s a lot of room for creativity here, because notions of artistic ethics are so hazy. Funding for a project may not be transparently disclosed, or disclosure may be deliberately deceiving. Selective funding of artists based on political factors may be used to cultivate self-censorship in a community. Both foreign artists and domestic artists may be targeted: for example, Israeli artists seeking funding from their Foreign Ministry found that support was contingent on the signing a non-disclosure agreement. Other methods of corrupting the arts are actually illegal, but the rarified international nature of crimes like auction price manipulation, hacktivism, and art theft makes it unlikely that anyone will ever be prosecuted.
The Threat Landscape
Is there a real possibility of an advanced persistent threat in the arts? Could an arts APT have a significant impact on the art world or society in general?
None of the examples provided in this essay fully satisfy the criteria of an advanced persistent threat in the arts. The idea that the Poly Culture Art Center might undermine Vancouver’s art scene is certainly titillating for politically-minded critics, but there’s no evidence of questionable behavior on the part of Poly Culture.
Nations can build soft power without resorting to nefarious practices, and the arts might not be important enough to become an advanced persistent threat. Interest in arts APTs may be driven more by a “retreat back to fetish” rather than actual concern about national interests or art ethics. It’s easier to get excited about art spookery than long-term curatorial trends.
Of course, it’s possible that advanced and devious activity is quietly ramping up in the art world, or even behind the scenes at Poly Culture. After all, many APTs are only discovered after a breach or leak, and the best are only revealed by declassification, if at all.
The presence of an advanced persistent threat in the arts seems more likely now than in previous decades. The perceived success of social media APTs targeting elections and regime change has revitalized the “influence operations” space, and it’s likely that operators will seek new targets and vectors for their attacks. The prevalence of crowdfunding and easy capital makes it trivial to create plausible cover stories for black ops art projects. (In fact, the organizers of Material Evidence claimed that the show’s conspicuous budget was raised through crowdfunding.) The rapid development of new art mediums like video games, GIFs, live streaming, and virtual reality, all in a highly connected virtual environment, provides many opportunities for motivated actors to quickly gain influence. For example, a large offering of free video games has been developed by armed forces around the world, including the US Army’s America’s Army (2002) and the PLA’s Glorious Mission (2011). Other privately-developed games like Kuma\War and Call of Duty use claims about receiving guidance from military advisors as part of their marketing. It’s not surprising that video game developers are often the targets of hacking attacks and malware, given that video games can monitor their audiences and serve as a platform for future content.
The Poly Culture gallery space in Vancouver is an overt gesture towards gaining influence abroad. However, enterprises can also simply purchase influence in the form of controlling interests in select multinational companies. In 2012, Sotheby’s partnered with state-owned Gehua Group to open a Beijing branch, and in 2015 a company called Taikang Life Insurance became the largest shareholder of Sotheby’s proper. Curiously, the CEO and founder of Taikang Life, Chen Dongsheng, is also the founder of China Guardian, mainland China’s second-largest art auction house after Poly International Auctions.
The conflicts of interest in the arts auction space are certainly worthy of a Mark Lombardi diagram, but conflicts of interest alone don’t constitute an advanced persistent threat. Behavior like the price-fixing that resulted in a $512 million judgement against Sotheby’s and Christie’s back in 2000 is best classified as garden-variety corporate fraud.
Observers have noticed that Chinese soft power consists of two parts: a general “cheerleading” effort that amplifies positive aspects of modern China (a Harvard study found that 80% of government-sponsored commenting behavior was “positive discussions of valence issues”), and a “sharp” component that applies intense social pressure on foreigners related to issues like Taiwanese independence, Falun Gong, and criticism of the CCP. Some of Sotheby’s recent programming has a bit of a “cheerleading” quality to it, such as the One Belt One Road Visual Exhibition in 2016, which claims to “unite the voices of today’s women who trace their own heritage” back to regions included in China’s Eurasian development strategy.
Outdated, cartoonish notions of “propaganda” provide little more than false comfort. The propaganda operations of today’s state-owned enterprises and intelligence agencies may only be felt in soft flows of capital, or something more sharp, like a well-timed leak of art world emails.
Using a term from information security to describe art world activities is questionable: adopting a highly fetishized piece of jargon can lead to sloppy thinking and manufactured relevance. But there are certain characteristics of both art and hacking that shape their strange potential as a tool of the state. Both art and hacking are highly aspirational activities, with practitioners who seek to expand their practice while questioning its definition, who seek to transgress boundaries while struggling to find support for their work. Governments are uniquely resourced to provide a sense of purpose for hackers and artists anxious that their work might not have impact, or might be compromised by commercial pressures. The organization of an advanced persistent threat in the arts will be partially driven by an artistic imperative, the same imperative that has birthed arts movements across the centuries, around the world. The desire to work at a high level, in a small group, for a cause dear to your heart.
 In the Mood for Love – An Exhibition Featuring Chinese and Canadian Female Artists, 31/ 1/2018, available at: http://www.polyculture.us/event/mood-love-exhibition-featuring-chinese-canadian-female-artists/. [Accessed 9/4/18]
 WANG, Sue, “In the Mood for Love – An Exhibition Featuring Chinese and Canadian Female Artists” Opening at Poly Culture Art Center, 25/1/2018, available at: http://en.cafa.com.cn/in-the-mood-for-love-an-exhibition-featuring-chinese-and-canadian-female-artists-opening-at-poly-culture-art-center.html. [Accessed 9/4/18]
 MANN, Jim, OSTROW, Ronald J., “U.S. Seizes Assault Arms as Smuggling by China Is Probed”, in: Los Angeles Times, 23/5/1996, available at: http://articles.latimes.com/1996-05-23/news/mn-7422_1_assault-weapons. [Accessed 9/4/18]
 NKALA, Oscar, Namibia forced to cancel Chinese arms contract, 28/4/2017, available at: http://www.defenceweb.co.za/index.php?option=com_content&view=article&id=47623&catid=74&Itemid=30. [Accessed 9/4/18]
 ESMAN, Abagail, “China’s $13 Billion Art Fraud — And What It Means For You.”, in: Forbes, 13/8/2012, available at: https://www.forbes.com/sites/abigailesman/2012/08/13/chinas-13-billion-art-fraud-and-what-it-means-for-you. [Accessed 9/4/18]
 Poly Culture Art Center Showcases Artifacts from Famed Summer Palace, 28/2/2017, available at: http://www.polyculture.us/event/poly-art-gallery-showcases-artifacts-from-famed-summer-palace/. [Accessed 11/4/18]
 COOPER, Sam, QUAN, Doug, “How a murky company with ties to the People’s Liberation Army set up shop in B.C.”, in: Vancouver Sun, 26/8/2017, available at: http://vancouversun.com/news/local-news/how-a-murky-company-with-ties-to-the-peoples-liberation-army-set-up-shop-in-b-c. [Accessed 11/4/18]
 SAUNDERS, Frances, “Modern art was CIA ‘weapon’”, in: The Independent, 21/10/1995, available at: https://www.independent.co.uk/news/world/modern-art-was-cia-weapon-1578808.html. [Accessed 11/4/18]
 CHEN, Adrian, “The Agency”, in: The New York Times Magazine, 2/6/2015, available at: https://www.nytimes.com/2015/06/07/magazine/the-agency.html. [Accessed 11/4/18]
 Mi 25. Juni – Veransatltung im Rahmen der Ausstellung „Material Evidence: Ukraine and Syria“ im HO Berlin Project Space, 23/7/2014, available at: https://cooptv.wordpress.com/2014/06/23/mi-25-juni-veransatltung-im-rahmen-der-ausstellung-material-evidence-ukraine-and-syria-im-ho-berlin-project-space/. [Accessed 12/4/18]
 EPSTEIN, Jonathan A., “German and English Propaganda in World War I”, in: The New York Military Affairs Symposium, 1/12/2000, available at: http://bobrowen.com/nymas/propagandapaper.html. [Accessed 12/4/18]
 NEBELIN, Manfred, Ludendorff: Diktator im Ersten Weltkrieg, Munich, Siedler Verlag–Verlagsgruppe Random House, 2011.
 CYBER-GOGGLES: WHEN CHINA’S TOOL BOX LOOKS LIKE A PILE OF CYBER-HAMMERS, 1/7/2016, available at: https://www.emptywheel.net/2016/07/01/cyber-goggles-when-chinas-tool-box-looks-like-a-pile-of-cyber-hammers/. [Accessed 12/4/18]
 CUSH, Andy, “Who’s Behind This Shady, Propagandistic Russian Photo Exhibition?”, in: Gawker, 10/10/2014, available at: http://gawker.com/whos-behind-this-shady-propagandistic-russian-photo-ex-1643938683. [Accessed 12/4/18]
 Digitally Signed Malware Targeting Gaming Companies, 18/10/2016, available at: https://blog.cylance.com/digitally-signed-malware-targeting-gaming-companies. [Accessed 12/4/18]
 YAN, Sophia, “Chinese firm buys big stake in auction house Sotheby’s”, in: CNN Money, 28/7/2016, available at: http://money.cnn.com/2016/07/28/news/china-insurer-sothebys-stake/index.html. [Accessed 12/4/18]
 VOGEL, Carol, BLUMENTHAL, Ralph, “Art Auction Houses Agree to Pay $512 Million in Price-Fixing Case”, in: The New York Times, 23/9/2000, available at: https://www.nytimes.com/2000/09/23/business/art-auction-houses-agree-to-pay-512-million-in-price-fixing-case.html. [Accessed 12/4/18]
 JOLER, Vladan, JOVANOVIĆ, Milica, PETROVSKI, Andrej, “Mapping and quantifying political information warfare”, in: SHARE Lab, 26/10/2016, available at: https://labs.rs/en/mapping-and-quantifying-political-information-warfare/. [Accessed 12/4/18]
 One Belt One Road Visual Arts Exhibition, available at: http://www.polyculture.us/event/mood-love-exhibition-featuring-chinese-canadian-female-artists/. [Accessed 12/4/18]