CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCyber War is a powerful but silent threat as the terrorism is, and it is equally dangerous to our national security. We must know what cyber war is, how cyber weapons work, and how vulnerable we are as a nation and as individuals to the vast and looming web of cyber criminals.Both in and out of government, people sound the alarms about "cyber war" for at least the lastabout one decade. Most of the time their grasp of the technical aspects is limited, they donthave a clear idea about what theyre talking about, their scenarios read like movie plots, andtheyre usually trying to sell their hardware and software.In a report of the Group of Ministers of Government of India on National Security titled“Challenges to the Management of National Security”, it has been observed that:“The traditional concept of national security has undergone fundamental changes over theyears. It is no longer synonymous with sufficient military strength to defend the nation and itsinterests. In today’s world, military might alone does not guarantee either sovereignty orsecurity. The more realistic and comprehensive approach to national security also includeseconomic strength, internal cohesion, and technological prowess. The rapid technologicaldevelopments underway at the same time not only facilitate these events by reducing ourreaction time but add entirely new dimensions of threat and challenges, such as theRevolution in Military Affairs (RMA) and offensive/defensive information warfare.”Cyber warfare involves units organized along nation-state boundaries, in offensive anddefensive operations, using computers to attack other computers or networks throughelectronic means. Hackers and other individuals trained in software programming andexploiting the intricacies of computer networks are the primary executors of these attacks.These individuals often operate under the auspices and possibly the support of nation-stateactors. In the future, if not already common practice, individual cyber warfare units willexecute attacks against targets in a cooperative and simultaneous manner.The words “effective cyber attack” by no means translate into the proverbial “take down” ofthe Internet; on the contrary, such attacks might involve intrusions into unprotected networks
for the purpose of compromising data tables, degrading communications, interruptingcommerce, or impairing critical infrastructures (such as transportation or medical andemergency services) in such a way that trust is undermined at the expense of a smoothlyrunning economy and society.While the degree of damage that could be caused in a cyber attack bears no resemblance to anelectronic “Pearl Harbor,” inflicting significant economic costs on the public and privatesectors and impairing performance of key infrastructures (via IT networks linked toembedded computer systems, for example) seem both plausible and realistic.A cyber attack by enemy nation-states targeting the transportation, communications, orbanking sector computer systems in our country would, at a minimum, entail significanteconomic costs that would affect jobs and growth. Cyber attacks could also indirectly lead todisruptions in daily civilian life that go beyond the level of temporary nuisance to inflictsustained uncertainty, confusion, and even chaos across significant elements of thepopulation. In most extreme cases, these disruptions could cause human casualties.A. METHODS OF CYBER ATTACK:Cyber attacks occur on a frequent basis and in a near-instantaneous manner; as the worldbecomes more connected, more machines and more people will be affected by an attack. Inthe months and years to come, cyber attack techniques will evolve even further, exposingvarious—and possibly critical—vulnerabilities that have not yet been identified by computersecurity experts. Moreover, such attacks could also be coordinated to coincide with physicalassaults, in order to maximize the impact of both.Till date many times cyber attacks have been used by state actors. In all cases but one (TheEstonia attacks in 2007), the cyber attack was used to enhance a conventional attack. Cyberwar consists of many different threats: (i) Espionage and National Security Breaches: Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on Internet, networks, software and or computers.
Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world.(ii) Sabotage: Military activities that use computers and satellites for coordination are at risk of equipment disruption. Orders and communications can be intercepted or replaced. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. The civilian realm is also at risk, as the security breaches have already gone beyond stolen credit card numbers, and potential targets can also include the electric power grid, trains, or the stock market. Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with an advanced persistent threat attack. The attack has been aimed at dozens of other organizations. Official Chinese media responded stating that the incident is part of a U.S. government conspiracy. The primary goal of the attack was to gain access to and potentially modify source code repositories at these high tech, security and defense contractor companies. In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered the first attack on critical industrial infrastructure that sits at the foundation of modern economies.(iii) Attacks on Electrical Power Grid: The electric power transmission may be a potential target of cyber warfare. The Government agencies have to work with industry to identify vulnerabilities and to help industry enhance the security of control system networks and it is to be ensured that security is to be in built in the next generation of "smart grid" networks to be developed. One countermeasure would be to disconnect the power grid from the Internet and run the network on VPN. Massive power outages caused by a cyber attack could disrupt the economy, distract from a simultaneous
military attack, or create a national trauma. It is enough to remind ourselves that without electricity, nothing would work: computers, trains, aircraft, hospitals, telecommunications services, supply systems, etc. Also, in the event of a serious, targeted attack, and not a simple, temporary malfunction, there is little that the systems which control energy continuity could do to compensate for the system being compromised and for damage which could not be repaired within 24 hours, which would have the domino-effect of causing further blackouts as attempts were made to make up for the deficit in the supply of electricity.(iv) Attacks on Electronic Airport, Air Traffic & Airspace Control Systems: Although under current security procedures it does not seem possible that these could be used to cause mid -air collisions or other problems for aircraft coming in to land, it is however highly plausible that these airspace control systems could be remotely disabled, allowing, for example, carpet bombing of the territory by hostile aircraft without any early-warning alarms being set off.(v) Attacks on Electronic Control Systems on Civil And Military Aircrafts: These systems becoming compromised can cause problems for aircraft during take-off and landing, in addition to, aircraft falling out of the sky in mid-flight. Current aeronautic (fly-by-wire) technology, in the event of any problems with the on-board computer, can irredeemably compromise the safety of the flight and of the passengers on that flight, giving the pilot very little chance to regain control of the aircraft.(vi) Attacks on Electronic National Defence Systems: After infiltrating national defence systems, a ‘non-willed’ attack could be launched (even a simple long-range missile) towards the territory of a specific nation.(vii) Attacks on Electronic Emergency Management Systems: This could cause a late response or even the total lack of a response, to emergencies, with the result that the health and/or lives of one or more citizens would be put at risk.
(viii) Attacks on Financial and Banking Systems: Despite not being able to cause the direct loss of human lives, financial and banking systems control assets so critical to the State that, at all times, they must be taken into direct consideration while considering effects of cyber war. The economic or financial collapse of an entire nation, in fact, could easily bring about collapse of the financial systems of the entire world as the financial systems of the countries are inter-connected.B. INCENTIVES TO USE CYBER ATTACKS:There are any numbers of incentives to use cyber attacks, including economic, industrial, andmilitary rationales. By way of example: (i) Huge amount of money in financial transactions and commerce move over a medium with minimal protection and only sporadic law enforcement—a structure the most complex the world has ever known. (ii) Increasing quantities of intellectual property reside on networked systems; and (iii) Opportunities abound to disrupt military effectiveness and public safety while maintaining the elements of surprise and anonymity.C. DEFENDING AGAINST CYBER ATTACKS:There has not been significant action in the area of defending against concerted cyber attacks.A clear agenda for defending against cyber attacks which includes a mix of regulation, moretechnical controls at major network boundaries, and an expanded scope for GovernmentAgencies to protect the civilian infrastructure too. On the lines of international arms controltreaties, international cyber war treaties could be used to create "rules of the game" forinternational war.Real issue is that in all scenarios there is assumption that every combatant country or entityhas successfully hacked into every network that the other side controls, and left backdoors toget back in. Further, none of these back doors have been discovered and removed. TheGovernments while spending considerable resources could certainly gain access to manynetworks in a relatively short period of time, and if they left backdoors some might not bediscovered, if someone left too many backdoors some would certainly be discovered.Breaking in is not as simple as just pushing a button like it is in the movies- in fact, recent
studies have shown that the average security breach is the result of four separate mistakes.While mistakes are made all the time (which means that breaches occur all the time,somewhere), its much harder to cause breaches in every system you target all at once.The cyberwar information is a bit scary because, one does not know the extent to which theInternet connects and controls so many aspects of our daily lives; in business as well as in ourpersonal lives. More and more machines and appliances are being built with the capability to"talk" to the manufacturers who make them, a legitimate and smart way to diagnose problemsand download fixes.... but the idea that the new copy machine in an office might be hacked,and ordered to malfunction to the point that it catches on fire, is unsettling to say the least.Cyber war is "actions by a nation-state to penetrate another nations computers or networks for the purposes of causing damage or disruption" as defined in “Cyber War: The Next Threat to National Security and What to Do About It” by Clarke and Knake. We have the most to lose if and when a major cyber war breaks out, since we are now so utterly dependent upon digital technologies and networks.D. CO-ORDINATION BETWEEN PRIVATE SECTOR & GOVERNMENT:ISPs and many other Internet related companies are doing their bit in this field but it is not enough to ensure fool-proof security against cyber attacks. In reality, these companies have powerful incentives to make sure that their networks are relatively safe and secure to avoid costly attacks and retain customers who demand that their online information and activities should be safe and trouble-free. But concerted efforts are required by all the players in Internet world to thwart cyber attacks. World over, Government are in the process of imposing a fairly sweeping set of new rules on ISPs to better secure their networks against potential attacks. Governments want ISPs to engage in a great deal more network monitoring (using deep-packet inspection techniques) under threat of legal sanction if things go wrong. They admit there are corresponding costs and privacy concerns, but largely dismiss them and essentially asks the ISPs to just get over those concerns in the interest of a safer and more secure cyberspace.E. CONTROVERSY OVER TERMS:There is debate on whether the term "cyber war" is accurate. In October 2011, for instance,the Journal of Strategic Studies, a leading journal in that field, published an article by
Thomas Rid, "Cyber War Will Not Take Place." An act of cyber war would have to bepotentially lethal, instrumental, and political. Then not one single cyber offense on recordconstitutes an act of war on its own. Instead, all politically motivated cyber attacks, Ridargued, are merely sophisticated versions of three activities that are as old as warfare itself:sabotage, espionage, and subversion.Howard Schmidt, an American cyber security expert, argued in March 2010 that "there is nocyber war... I think that is a terrible metaphor and I think that is a terrible concept. There areno winners in that environment." Other experts, however, believe that this type of activityalready constitutes a war. The warfare analogy is often seen intended to motivate amilitaristic response when that is not necessarily appropriate.The European cyber security expert Sandro Gaycken argued for a middle position. Heconsiders cyber war from a legal perspective an unlikely scenario, due to the reasons linedout by Rid but the situation looks different from a strategic point of view. States have toconsider military-led cyber operations an attractive activity, within and without war, as theyoffer a large variety of cheap and risk-free options to weaken other countries and strengthentheir own positions.F. CONCLUSION:Considered from a long-term, geo-strategic perspective, cyber offensive operations cancripple whole economies, change political views, agitate conflicts within or among states,reduce their military efficiency and equalize the capacities of high-tech nations to that of low-tech nations, and use access to their critical infrastructures to blackmail them. The nationalsecurity perception of cyber war is to be taken seriously by all concerned before it is too late.Note: Article is based upon research conducted on the Internet. The article is in public domain and anybody can freely use it.Author:TALWANT SINGHSPECIAL JUDGE-CBINEW DELHIOctober 5, .2012