Cyberwarfare!

Cyberwarfare

What is Cyberwarfare?

Cyberwarfare is Internet-based conflict involving politically motivated attacks on information and information systems. Cyberwarfare attacks can disable official websites and networks, disrupt or disable essential services, steal or alter classified data, and criple financial systems -- among many other possibilities.

According to Jeffrey Carr, author of "Inside Cyber Warfare," any country can wage cyberwar on any other country, irrespective of resources, because most military forces are network-centric and connected to the Internet, which is not secure. For the same reason, non-governmental groups and individuals could also launch cyberwarfare attacks. Carr likens the Internet's enabling potential to that of the handgun, which became known as "the great equalizer."

Examples of cyberwarfare:

In 1998, the United States hacked into Serbia's air defense system to compromise air

traffic control and facilitate the bombing of Serbian targets.
In 2007, in Estonia, a botnet of over a million computers brought down government, business and media websites across the country. The attack was suspected to have originated in Russia, motivated by political tension between the two countries.Also in 2007, an unknown foreign party hacked into high tech and military agencies in the United States and downloaded terabytes of information.In 2009, a cyber spy network called "GhostNet" accessed confidential information belonging to both governmental and private organizations in over 100 countries around the world. GhostNet was reported to originate in China, although that country denied responsibility.The most effective protection against cyberwarfare attacks is securing information and networks. Security updates should be applied to all systems -- including those that are not considered critical -- because any vulnerable system can be co-opted and used to carry out attacks. Measures to mitigate the potential damage of an attack include comprehensive disaster recovery planning that includes provisions for extended outages.

Cyberwarfare involves the following attack methods:

Sabotage: Military and financial computer systems are at risk for the disruption of normal operations and equipment, such as communications, fuel, power and transportation infrastructures.

Espionage and/or security breaches: These illegal exploitation methods are used to disable networks, software, computers or the Internet to steal or acquire classified information from rival institutions or individuals for military, political or financial gain.On the flip side, systems procedures are continuously developed and tested to defend against cyberwarfare attacks. For example, organizations will internally attack its system to identify vulnerabilities for proper removal and defense. A common perception of a hacker is that of a teenage geek who fools breaks into computer systems for fun. While this perception was perhaps once true, modern cyberwarfare involves well trained, well funded professionals backed by nation states. Examples, such as the Stuxnet virus, are given by some experts to demonstrate that much more is happening behind the scenes, and that the front lines in future wars will be digital.

Motivations

Military

In the U.S., General Keith B. Alexander, first head of the recently formed USCYBERCOM,

told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a "mismatch between our technical capabilities to conduct operations and the governing laws and policies. Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space." It will attempt to find and, when necessary, neutralize cyberattacks and to defend military computer networks.

Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including "traditional battlefield prizes – command-and-control systems at military headquarters, air defense networks and weapons systems that require computers to operate."

One cyber warfare scenario, Cyber ShockWave, which was wargamed on the cabinet level by former administration officials, raised issues ranging from the National Guard to the power grid to the limits of statutory authority.

The distributed nature of internet based attacks means that it is difficult to determine motivation and attacking party, meaning that it is unclear when a specific act should be considered an act of war.

Other cyberwarfares caused from political motivations can be found worldwide. In 2008, Russia began a cyber attack to Georgian government website, which was carried out along with military operation in South Ossetia. In 2008, Chinese 'nationalist hackers' attacked CNN as CNN announced on Chinese repression on Tibet.

Terrorism

Eugene Kaspersky, founder of Kaspersky Lab, concludes that "cyberterrorism" is a more

accurate term than "cyberwar." He states that "with today's attacks, you are clueless about who did it or when they will strike again. It's not cyber-war, but cyberterrorism." He also equates large-scale cyber weapons, such as the Flame Virus and NetTraveler Virus which his company discovered, to biological weapons, claiming that in an interconnected world, they have the potential to be equally destructive.

Civil

Potential targets in internet sabotage include all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. Electrical grids and telecommunication systems are also deemed vulnerable, especially due to current trends in automation.

Private sector

Computer hacking represents a modern threat in ongoing industrial espionage and as such is presumed to widely occur. It is typical that this type of crime is underreported. According to McAfee's George Kurtz, corporations around the world face millions of cyberattacks a day. "Most of these attacks don’t gain any media attention or lead to strong political statements by victims." This type of crime is usually financially motivated.

Non profit Research

But not all examinations with the issue of cyberwarfare are achieving profit or personal gain. There are still institutes and companies like the University of Cincinnati, the Kasperski Security Laband the Framsteg Think Tank which are trying to increase the sensibility of this topic by researching and publishing of new security threats.

Cyber counterintelligence

Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions.

On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.

On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.

On 9 February 2009, the White House announced that it will conduct a review of the nation's cyber security to ensure that the Federal government of the United States cyber security initiatives are appropriately integrated, resourced and coordinated with the United States Congress and the private sector.

In the wake of the cyberwar of 2007 waged against Estonia, NATO established the Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, in order to enhance the organization's cyber defence capability. The center was formally established on 14 May 2008, and it received full accreditation by NATO and attained the status of International Military Organization on 28 October 2008. Since Estonia has led international efforts to fight cybercrime, the United States Federal Bureau of Investigation says it will permanently base a computer crime expert in Estonia in 2009 to help fight international threats against computer systems.

One of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult. However Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable".

Incidents

On 21 November 2011, it was widely reported in the U.S. media that a hacker had

destroyed a water pump at the Curran-Gardner Township Public Water District in Illinois. However, it later turned out that this information was not only false, but had been inappropriately leaked from the Illinois Statewide Terrorism and Intelligence Center.
On 6 October 2011, it was announced that Creech AFB's drone and Predator fleet's command and control data stream has been keylogged, resisting all attempts to reverse the exploit, for the past two weeks. The Air Force issued a statement that the virus had "posed no threat to our operational mission".

In July 2011, the South Korean company SK Communications was hacked, resulting in the theft of the personal details (including names, phone numbers, home and email addresses and resident registration numbers) of up to 35 million people. A trojaned software update was used to gain access to the SK Communications network. Links exist between this hack and other malicious activity and it is believed to be part of a broader, concerted hacking effort.

Operation Shady RAT is an ongoing series of cyber attacks starting mid-2006, reported by Internet security company McAfee in August 2011. The attacks have hit at least 72 organizations including governments and defense contractors.

On 4 December 2010, a group calling itself the Pakistan Cyber Army hacked the website of India's top investigating agency, the Central Bureau of Investigation (CBI). The National Informatics Center (NIC) has begun an inquiry.

On 26 November 2010, a group calling itself the Indian Cyber Army hacked the websites

belonging to the Pakistan Army and the others belong to different ministries, including the Ministry of Foreign Affairs, Ministry of Education, Ministry of Finance, Pakistan Computer Bureau, Council of Islamic Ideology, etc. The attack was done as a revenge for the Mumbai terrorist attacks.

In October 2010, Iain Lobban, the director of the Government Communications 
Headquarters (GCHQ), said Britain faces a "real and credible" threat from cyber attacks by hostile states and criminals and government systems are targeted 1,000 times each month, such attacks threatened Britain's economic future, and some countries were already using cyber assaults to put pressure on other nations.

In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. The worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare.

In July 2009, there were a series of coordinated denial of service attacks against major government, news media, and financial websites in South Korea and the United States. While many thought the attack was directed by North Korea, one researcher traced the attacks to the United Kingdom.

Russian, South Ossetian, Georgian and Azerbaijani sites were attacked by hackers during the 2008 South Ossetia War.

In 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian organization". During the election campaigns and riots preceding the election, there were cases of Denial-of-service attacks against the Kyrgyz ISPs.

In September 2007, Israel carried out an airstrike on Syria dubbed Operation Orchard. U.S. industry and military sources speculated that the Israelis may have used cyberwarfare to allow their planes to pass undetected by radar into Syria.

In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. The largest part of the attacks were coming from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted.

In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Forces (IDF) intelligence estimates several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel attached growing importance to cyber-tactics, and became, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units. Richard A. Clarke adds that "our Israeli friends have learned a thing or two from the programs we have been working on for more than two decades."

References:

1. http://www.techopedia.com/definition/13600/cyberwarfare
2. http://searchsecurity.techtarget.com/definition/cyberwarfare
3. Andress, Jason. Winterfeld, Steve. (2011). Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. Syngress. ISBN 1-59749-637-5
4. Brenner, S. (2009). Cyber Threats: The Emerging Fault Lines of the Nation State. Oxford University Press. ISBN 0-19-538501-2
5. Carr, Jeffrey. (2010). Inside Cyber Warfare: Mapping the Cyber Underworld. O'Reilly. ISBN 978-0-596-80215-8
6. Cordesman, Anthony H., Cordesman, Justin G. Cyber-threats, Information Warfare, and Critical Infrastructure Protection, Greenwood Publ. (2002)
7. Gaycken, Sandro. (2012). Cyberwar – Das Wettrüsten hat längst begonnen. Goldmann/Randomhouse. ISBN 978-3442157105
8. Geers, Kenneth. (2011). Strategic Cyber Security. NATO Cyber Centre. Strategic Cyber Security, ISBN 13 (PDF): 978-9949-9040-7-5 169 pages
9. Janczewski, Lech; Colarik, Andrew M. Cyber Warfare and Cyber Terrorism IGI Global (2008)
10. Rid, Thomas (2011) "Cyber War Will Not Take Place," Journal of Strategic Studies, doi:10.1080/01402390.2011.608939
11. Ventre, D. (2007). La guerre de l'information. Hermes-Lavoisier. 300 pages
12. Ventre, D. (2009). Information Warfare. Wiley – ISTE. ISBN 978-1-84821-094-3
13. Ventre, D. (Edit.) (2010). Cyberguerre et guerre de l'information. Stratégies, règles, enjeux. Hermes-Lavoisier. ISBN 978-2-7462-3004-0
14. Ventre, D. (2011). Cyberespace et acteurs du cyberconflit. Hermes-Lavoisier. 288 pages
15. Ventre, D. (Edit.) (2011). Cyberwar and Information Warfare. Wiley. 460 pages
16. Ventre, D. (2011). Cyberattaque et Cyberdéfense. Hermes-Lavoisier. 336 pages
17. Ventre, D. (Edit.) (2012). Cyber Conflict. Competing National Perspectives. Wiley-ISTE. 330 pages
18. Woltag, Johann-Christoph: 'Cyber Warfare' in Rüdiger Wolfrum (Ed.) Max Planck Encyclopedia of Public International Law (Oxford University Press 2012)