Cyber is a real threat and we can not keep our eyes shut to the same. Most of the countries surrounding us are involved in cyberwar covertly and we need to take steps to counter the same at the earliest.
WSO2's API Vision: Unifying Control, Empowering Developers
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
1. 1
CYBERWAR
THE NEXT THREAT TO
NATIONAL SECURITY
BY
TALWANT SINGH
DISTRICT & SESSIONS
JUDGE
DELHI (EAST), INDIA
2. 2
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Cyber War is a powerful but silent threat as the terrorism is, and it is equally dangerous to
our national security. We must know what cyber war is, how cyber weapons work, and how
vulnerable we are as a nation and as individuals to the vast and looming web of cyber
criminals.
Both in and out of government, people sound the alarms about "cyber war" for at least the
last about one decade. Most of the time their grasp of the technical aspects is limited, they
don't have a clear idea about what they're talking about, their scenarios read like movie plots,
and they're usually trying to sell their hardware and software.
In a report of the Group of Ministers of Government of India on National Security titled
“Challenges to the Management of National Security”, it has been observed that:
“The traditional concept of national security has undergone fundamental changes over the
years. It is no longer synonymous with sufficient military strength to defend the nation and
its interests. In today’s world, military might alone does not guarantee either sovereignty
or security. The more realistic and comprehensive approach to national security also
includes economic strength, internal cohesion, and technological prowess. The rapid
technological developments underway at the same time not only facilitate these events by
reducing our reaction time but add entirely new dimensions of threat and challenges, such
as the Revolution in Military Affairs (RMA) and offensive/defensive information warfare.”
Cyber warfare involves units organized along nation-state boundaries, in offensive and
defensive operations, using computers to attack other computers or networks through
electronic means. Hackers and other individuals trained in software programming and
exploiting the intricacies of computer networks are the primary executors of these attacks.
These individuals often operate under the auspices and possibly the support of nation-state
actors. In the future, if not already common practice, individual cyber warfare units will
execute attacks against targets in a cooperative and simultaneous manner.
3. 3
The words “effective cyber attack” by no means translate into the proverbial “take down” of
the Internet; on the contrary, such attacks might involve intrusions into unprotected networks
for the purpose of compromising data tables, degrading communications, interrupting
commerce, or impairing critical infrastructures (such as transportation or medical and
emergency services) in such a way that trust is undermined at the expense of a smoothly
running economy and society.
While the degree of damage that could be caused in a cyber attack bears no resemblance to
an electronic “Pearl Harbor,” inflicting significant economic costs on the public and private
sectors and impairing performance of key infrastructures (via IT networks linked to
embedded computer systems, for example) seem both plausible and realistic.
A cyber attack by enemy nation-states targeting the transportation, communications, or
banking sector computer systems in our country would, at a minimum, entail significant
economic costs that would affect jobs and growth. Cyber attacks could also indirectly lead to
disruptions in daily civilian life that go beyond the level of temporary nuisance to inflict
sustained uncertainty, confusion, and even chaos across significant elements of the
population. In most extreme cases, these disruptions could cause human casualties.
A. METHODS OF CYBER ATTACK:
Cyber attacks occur on a frequent basis and in a near-instantaneous manner; as the world
becomes more connected, more machines and more people will be affected by an attack. In
the months and years to come, cyber attack techniques will evolve even further, exposing
various—and possibly critical—vulnerabilities that have not yet been identified by computer
security experts. Moreover, such attacks could also be coordinated to coincide with physical
assaults, in order to maximize the impact of both.
Till date many times cyber attacks have been used by state actors. In all cases but one (The
Estonia attacks in 2007), the cyber attack was used to enhance a conventional attack. Cyber
war consists of many different threats:
4. 4
(i) Espionage and National Security Breaches:
Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or
classified information) from individuals, competitors, rivals, groups, governments
and enemies also for military, political, or economic advantage using illegal
exploitation methods on Internet, networks, software and or computers. Classified
information that is not handled securely can be intercepted and even modified,
making espionage possible from the other side of the world.
(ii) Sabotage:
Military activities that use computers and satellites for coordination are at risk of
equipment disruption. Orders and communications can be intercepted or replaced.
Power, water, fuel, communications, and transportation infrastructure all may be
vulnerable to disruption. The civilian realm is also at risk, as the security breaches
have already gone beyond stolen credit card numbers, and potential targets can
also include the electric power grid, trains, or the stock market.
Operation Aurora was a cyber attack which began in mid-2009 and continued
through December 2009. The attack was first publicly disclosed by Google on
January 12, 2010, in a blog post. In the blog post, Google said the attack originated
in China. The attacks were both sophisticated and well resourced and consistent
with an advanced persistent threat attack. The attack has been aimed at dozens of
other organizations. Official Chinese media responded stating that the incident is
part of a U.S. government conspiracy. The primary goal of the attack was to gain
access to and potentially modify source code repositories at these high tech,
security and defense contractor companies.
In mid July 2010, security experts discovered a malicious software program called
Stuxnet that had infiltrated factory computers and had spread to plants around the
world. It is considered the first attack on critical industrial infrastructure that sits at
the foundation of modern economies.
5. 5
(iii) Attacks on Electrical Power Grid:
The electric power transmission may be a potential target of cyber warfare. The
Government agencies have to work with industry to identify vulnerabilities and to
help industry enhance the security of control system networks and it is to be
ensured that security is to be in built in the next generation of "smart grid"
networks to be developed. One countermeasure would be to disconnect the power
grid from the Internet and run the network on VPN. Massive power outages caused
by a cyber attack could disrupt the economy, distract from a simultaneous military
attack, or create a national trauma. It is enough to remind ourselves that without
electricity, nothing would work: computers, trains, aircraft, hospitals,
telecommunications services, supply systems, etc. Also, in the event of a serious,
targeted attack, and not a simple, temporary malfunction, there is little that the
systems which control energy continuity could do to compensate for the system
being compromised and for damage which could not be repaired within 24 hours,
which would have the domino-effect of causing further blackouts as attempts were
made to make up for the deficit in the supply of electricity.
(iv) Attacks on Electronic Airport, Air Traffic & Airspace Control Systems:
Although under current security procedures it does not seem possible that these
could be used to cause mid -air collisions or other problems for aircraft coming in
to land, it is however highly plausible that these airspace control systems could be
remotely disabled, allowing, for example, carpet bombing of the territory by
hostile aircraft without any early-warning alarms being set off.
(v) Attacks on Electronic Control Systems on Civil And Military Aircrafts:
These systems becoming compromised can cause problems for aircraft during
take-off and landing, in addition to, aircraft falling out of the sky in mid-flight.
Current aeronautic (fly-by-wire) technology, in the event of any problems with the
on-board computer, can irredeemably compromise the safety of the flight and of
the passengers on that flight, giving the pilot very little chance to regain control of
the aircraft.
6. 6
(vi) Attacks on Electronic National Defence Systems:
After infiltrating national defence systems, a „non-willed‟ attack could be launched
(even a simple long-range missile) towards the territory of a specific nation.
(vii) Attacks on Electronic Emergency Management Systems:
This could cause a late response or even the total lack of a response, to
emergencies, with the result that the health and/or lives of one or more citizens
would be put at risk.
(viii) Attacks on Financial and Banking Systems:
Despite not being able to cause the direct loss of human lives, financial and
banking systems control assets so critical to the State that, at all times, they must
be taken into direct consideration while considering effects of cyber war. The
economic or financial collapse of an entire nation, in fact, could easily bring about
collapse of the financial systems of the entire world as the financial systems of the
countries are inter-connected.
B. INCENTIVES TO USE CYBER ATTACKS:
There are any numbers of incentives to use cyber attacks, including economic, industrial, and
military rationales. By way of example:
(i) Huge amount of money in financial transactions and commerce move over a
medium with minimal protection and only sporadic law enforcement—a structure
the most complex the world has ever known.
(ii) Increasing quantities of intellectual property reside on networked systems; and
(iii) Opportunities abound to disrupt military effectiveness and public safety while
maintaining the elements of surprise and anonymity.
C. DEFENDING AGAINST CYBER ATTACKS:
There has not been significant action in the area of defending against concerted cyber attacks.
A clear agenda for defending against cyber attacks which includes a mix of regulation, more
7. 7
technical controls at major network boundaries, and an expanded scope for Government
Agencies to protect the civilian infrastructure too. On the lines of international arms control
treaties, international cyber war treaties could be used to create "rules of the game" for
international war.
Real issue is that in all scenarios there is assumption that every combatant country or entity
has successfully hacked into every network that the other side controls, and left backdoors to
get back in. Further, none of these back doors have been discovered and removed. The
Governments while spending considerable resources could certainly gain access to many
networks in a relatively short period of time, and if they left backdoors some might not be
discovered, if someone left too many backdoors some would certainly be discovered.
Breaking in is not as simple as just pushing a button like it is in the movies- in fact, recent
studies have shown that the average security breach is the result of four separate mistakes.
While mistakes are made all the time (which means that breaches occur all the time,
somewhere), it's much harder to cause breaches in every system you target all at once.
The cyberwar information is a bit scary because, one does not know the extent to which the
Internet connects and controls so many aspects of our daily lives; in business as well as in
our personal lives. More and more machines and appliances are being built with the
capability to "talk" to the manufacturers who make them, a legitimate and smart way to
diagnose problems and download fixes.... but the idea that the new copy machine in an office
might be hacked, and ordered to malfunction to the point that it catches on fire, is unsettling
to say the least.
Cyber war is "actions by a nation-state to penetrate another nation's computers or networks
for the purposes of causing damage or disruption" as defined in “Cyber War: The Next
Threat to National Security and What to Do About It” by Clarke and Knake. We have the
most to lose if and when a major cyber war breaks out, since we are now so utterly dependent
upon digital technologies and networks.
8. 8
D. CO-ORDINATION BETWEEN PRIVATE SECTOR & GOVERNMENT:
ISPs and many other Internet related companies are doing their bit in this field but it is not
enough to ensure fool-proof security against cyber attacks. In reality, these companies have
powerful incentives to make sure that their networks are relatively safe and secure to avoid
costly attacks and retain customers who demand that their online information and activities
should be safe and trouble-free. But concerted efforts are required by all the players in
Internet world to thwart cyber attacks. World over, Government are in the process of
imposing a fairly sweeping set of new rules on ISPs to better secure their networks against
potential attacks. Governments want ISPs to engage in a great deal more network monitoring
(using deep-packet inspection techniques) under threat of legal sanction if things go wrong.
They admit there are corresponding costs and privacy concerns, but largely dismiss them and
essentially asks the ISPs to just get over those concerns in the interest of a safer and more
secure cyberspace.
E. CONTROVERSY OVER TERMS:
There is debate on whether the term "cyber war" is accurate. In October 2011, for instance,
the Journal of Strategic Studies, a leading journal in that field, published an article by
Thomas Rid, "Cyber War Will Not Take Place." An act of cyber war would have to be
potentially lethal, instrumental, and political. Then not one single cyber offense on record
constitutes an act of war on its own. Instead, all politically motivated cyber attacks, Rid
argued, are merely sophisticated versions of three activities that are as old as warfare itself:
sabotage, espionage, and subversion.
Howard Schmidt, an American cyber security expert, argued in March 2010 that "there is no
cyber war... I think that is a terrible metaphor and I think that is a terrible concept. There are
no winners in that environment." Other experts, however, believe that this type of activity
already constitutes a war. The warfare analogy is often seen intended to motivate a
militaristic response when that is not necessarily appropriate.
The European cyber security expert Sandro Gaycken argued for a middle position. He
considers cyber war from a legal perspective an unlikely scenario, due to the reasons lined
9. 9
out by Rid but the situation looks different from a strategic point of view. States have to
consider military-led cyber operations an attractive activity, within and without war, as they
offer a large variety of cheap and risk-free options to weaken other countries and strengthen
their own positions.
F. CONCLUSION:
Considered from a long-term, geo-strategic perspective, cyber offensive operations can
cripple whole economies, change political views, agitate conflicts within or among states,
reduce their military efficiency and equalize the capacities of high-tech nations to that of
low-tech nations, and use access to their critical infrastructures to blackmail them. The
national security perception of cyber war is to be taken seriously by all concerned before it is
too late.
Note: Article is based upon research conducted on the Internet. The article is in public
domain and anybody can freely use it.