Cyberwarfare

Computer security
Secure operating systems
Security architecture
Security by design
Secure coding
Computer insecurity
Vulnerability Social engineering
Eavesdropping
Exploits Trojans
Viruses and worms
Denial of service
Payloads Backdoors
Rootkits
Keyloggers

Cyberwarfare refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare[1] although this analogy is controversial for both its accuracy and its political motivation.

Government security expert Richard A. Clarke, in his book Cyber War (May 2010), defines "cyberwarfare" as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption."[2]:6 The Economist describes cyberwarfare as "the fifth domain of warfare,"[3] and William J. Lynn, U.S. Deputy Secretary of Defense, states that "as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space."[4]

In 2009, President Barack Obama declared America's digital infrastructure to be a "strategic national asset," and in May 2010 the Pentagon set up its new U.S. Cyber Command (USCYBERCOM), headed by General Keith B. Alexander, director of the National Security Agency (NSA), to defend American military networks and attack other countries' systems. The EU has set up ENISA (European Network and Information Security Agency) which is headed by Prof. Udo Helmbrecht and there are now further plans to significantly expand ENISA's capabilities.. The United Kingdom has also set up a cyber-security and "operations centre" based in Government Communications Headquarters (GCHQ), the British equivalent of the NSA. In the U.S. however, Cyber Command is only set up to protect the military, whereas the government and corporate infrastructures are primarily the responsibility respectively of the Department of Homeland Security and private companies.[3]

In February 2010, top American lawmakers warned that the "threat of a crippling attack on telecommunications and computer networks was sharply on the rise."[5] According to The Lipman Report, numerous key sectors of the U.S. economy along with that of other nations, are currently at risk, including cyber threats to public and private facilities, banking and finance, transportation, manufacturing, medical, education and government, all of which are now dependent on computers for daily operations.[5] In 2009, President Obama stated that "cyber intruders have probed our electrical grids."[6]

The Economist writes that China has plans of "winning informationised wars by the mid-21st century". They note that other countries are likewise organizing for cyberwar, among them Russia, Israel and North Korea. Iran boasts of having the world's second-largest cyber-army.[3] James Gosler, a government cybersecurity specialist, worries that the U.S. has a severe shortage of computer security specialists, estimating that there are only about 1,000 qualified people in the country today, but needs a force of 20,000 to 30,000 skilled experts.[7] At the July 2010 Black Hat computer security conference, Michael Hayden, former deputy director of national intelligence, challenged thousands of attendees to help devise ways to "reshape the Internet's security architecture", explaining, "You guys made the cyberworld look like the north German plain."[8]

Contents

Methods of attack

Cyberwarfare consists of many different threats:[9]

Espionage and national security breaches

Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers. Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world. Specific attacks on the United States have been given codenames like Titan Rain and Moonlight Maze. General Alexander notes that the recently established Cyber Command is currently trying to determine whether such activities as commercial espionage or theft of intellectual property are criminal activities or actual "breaches of national security."[10]

Sabotage

Military activities that use computers and satellites for coordination are at risk of equipment disruption. Orders and communications can be intercepted or replaced. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.[10]

In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies," notes The New York Times.[11]

Electrical power grid

The federal government of the United States admits that the electric power transmission is susceptible to cyberwarfare.[12][13] The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks, the federal government is also working to ensure that security is built in as the next generation of "smart grid" networks are developed.[14] In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials.[15][16] The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately protected from cyber attack.[17] China denies intruding into the U.S. electrical grid.[18][19] One countermeasure would be to disconnect the power grid from the Internet and run the net with droop speed control only.[20][21] Massive power outages caused by a cyber attack, could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.

Howard Schmidt, Cyber-Security Coordinator of the US, commented on those possibilities:[22]

It’s possible that hackers have gotten into administrative computer systems of utility companies, but says those aren’t linked to the equipment controlling the grid, at least not in developed countries. [Schmidt] has never heard that the grid itself has been hacked.

Motivations

Military

In the U.S., General Keith B. Alexander, first head of the recently formed USCYBERCOM, told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a "mismatch between our technical capabilities to conduct operations and the governing laws and policies. Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space." It will attempt to find and, when necessary, neutralize cyberattacks and to defend military computer networks.[23]

Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including "traditional battlefield prizes – command-and-control systems at military headquarters, air defense networks and weapons systems that require computers to operate."[23]

One cyber warfare scenario, Cyber ShockWave, which was wargamed on the cabinet level by former administration officials, raised issues ranging from the National Guard to the power grid to the limits of statutory authority.[24][25][26][27]

The distributed nature of internet based attacks means that it is difficult to determine motivation and attacking party, meaning that it is unclear when a specific act should be considered an act of war.[28]

Civil

Potential targets in internet sabotage include all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. Electrical grids and telecommunication systems are also deemed vulnerable, especially due to current trends in automation.

Private sector

Computer hacking represents a modern threat in ongoing industrial espionage and as such is presumed to widely occur. It is typical that this type of crime is underreported. According to McAfee's George Kurtz, corporations around the world face millions of cyberattacks a day. "Most of these attacks don’t gain any media attention or lead to strong political statements by victims."[29] This type of crime is usually financially motivated.

Cyberwarfare by country

The Internet security company McAfee stated in their 2007 annual report that approximately 120 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities.[30]

Cyberwarfare in the United States

Cyberwarfare in the United States is the United States military strategy of proactive cyber defence and the use of cyberwarfare as a platform for attack.[31] The new United States military strategy, makes explicit that a cyberattack is casus belli for a traditional act of war.[32]

In August 2010, the U.S. for the first time is publicly warning about the Chinese military's use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. The Pentagon also pointed to an alleged China-based computer spying network dubbed GhostNet that was revealed in a research report last year.[33] The Pentagon stated:

"The People's Liberation Army is using "information warfare units" to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. Commander Bob Mehal, will monitor the PLA's buildup of its cyberwarfare capabilities and will continue to develop capabilities to counter any potential threat."[34]

The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security.[1] The United States Joint Forces Command describes some of its attributes:

Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Furthermore, the globe-spanning range of cyberspace and its disregard for national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies.[35]

In February 2010, the United States Joint Forces Command released a study which included a summary of the threats posed by the internet:[35]

With very little investment, and cloaked in a veil of anonymity, our adversaries will inevitably attempt to harm our national interests. Cyberspace will become a main front in both irregular and traditional conflicts. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. Through cyberspace, enemies will target industry, academia, government, as well as the military in the air, land, maritime, and space domains. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Indeed, adversaries have already taken advantage of computer networks and the power of information technology not only to plan and execute savage acts of terrorism, but also to influence directly the perceptions and will of the U.S. Government and the American population.

American "Kill switch bill"

On June 19, 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010",[36] which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the President emergency powers over parts of the Internet. However, all three co-authors of the bill issued a statement that instead, the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks".[37]

Cyberwarfare in China

Diplomatic cables highlight US concerns that China is using access to Microsoft source code and 'harvesting the talents of its private sector' to boost its offensive and defensive capabilities.[38]

Cyber counterintelligence

Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions.[39]

Controversy over terms

There is debate on whether the term "cyberwarfare" is accurate. In October 2011, for instance, the Journal of Strategic Studies, a leading journal in that field, published an article by Thomas Rid, "Cyber War Will Not Take Place." An act of cyber war would have to be potentially lethal, instrumental, and political. Then not one single cyber offense on record constitutes an act of war on its own. Instead, all politically motivated cyber attacks, Rid argued, are merely sophisticated versions of three activities that are as old as warfare itself: sabotage, espionage, and subversion.[45]

Howard Schmidt, an American cybersecurity expert, argued in March 2010 that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment." Other experts, however, believe that this type of activity already constitutes a war.[22] The warfare analogy is often seen intended to motivate a militaristic response when that is not necessarily appropriate. Ron Deibert, of Canada's Citizen Lab, has warned of a "militarization of cyberspace."[46]

Incidents

Efforts at prohibition

The Shanghai Cooperation Organisation (members include China and Russia) defines cyberwar to include dissemination of information "harmful to the spiritual, moral and cultural spheres of other states". In contrast, the United States' approach focuses on physical and economic damage and injury, putting political concerns under freedom of speech. This difference of opinion has led to reluctance in the West to pursue global cyber arms control agreements.[69] However, American General Keith B. Alexander did endorse talks with Russia over a proposal to limit military attacks in cyberspace.[70]

A Ukrainian professor of International Law, Alexander Merezhko, has developed a project called the International Convention on Prohibition of Cyberwar in Internet. According to this project, cyberwar is defined as the use of Internet and related technological means by one state against political, economic, technological and information sovereignty and independence of any other state. Professor Merezhko's project suggests that the Internet ought to remain free from warfare tactics and be treated as an international landmark. He states that the Internet (cyberspace) is a "common heritage of mankind."[71]

See also

Further reading

References

  1. ^ a b DOD – Cyberspace. Dtic.mil. Retrieved on 2011-11-08.
  2. ^ a b Clarke, Richard A. Cyber War, HarperCollins (2010)
  3. ^ a b c "Cyberwar: War in the Fifth Domain" Economist, July 1, 2010
  4. ^ Lynn, William J. III. "Defending a New Domain: The Pentagon's Cyberstrategy", Foreign Affairs, Sept/Oct. 2010, pp. 97–108
  5. ^ a b The Lipman Report, Oct. 15, 2010
  6. ^ Clarke, Richard. "China's Cyberassault on America", Wall Street Journal, June 15, 2011
  7. ^ "Cyberwarrior Shortage Threatens U.S. Security" NPR, July 19, 2010
  8. ^ "U.S. military cyberwar: What's off-limits?" CNET, July 29, 2010
  9. ^ Cyberspace and the changing nature of warfare. Strategists must be aware that part of every political and military conflict will take place on the internet, says Kenneth Geers.
  10. ^ a b "Clarke: More defense needed in cyberspace" HometownAnnapolis.com, Sept. 24, 2010
  11. ^ "Malware Hits Computerized Industrial Equipment" New York Times, Sept. 24, 2010
  12. ^ Shiels, Maggie. (2009-04-09) BBC: Spies 'infiltrate US power grid'. BBC News. Retrieved on 2011-11-08.
  13. ^ Video. CNN (2009-04-08). Retrieved on 2011-11-08.
  14. ^ Reuters: US concerned power grid vulnerable to cyber-attack. In.reuters.com (2009-04-09). Retrieved on 2011-11-08.
  15. ^ Gorman, Siobhan. (2009-04-08) Electricity Grid in U.S. Penetrated By Spies. Online.wsj.com. Retrieved on 2011-11-08.
  16. ^ Video. Fox News (2011-05-01). Retrieved on 2011-11-08.
  17. ^ NERC Public Notice. (PDF) . Retrieved on 2011-11-08.
  18. ^ Xinhua: China denies intruding into the U.S. electrical grid. 9 April 2009
  19. ^ 'China threat' theory rejected. China Daily (2009-04-09). Retrieved on 2011-11-08.
  20. ^ ABC News: Video. Abcnews.go.com (2009-04-20). Retrieved on 2011-11-08.
  21. ^ Disconnect electrical grid from Internet, former terror czar Clarke warns. The Raw Story (2009-04-08). Retrieved on 2011-11-08.
  22. ^ a b "White House Cyber Czar: ‘There Is No Cyberwar’" Wired magazine, March 4, 2010
  23. ^ a b "Cyber-War Nominee Sees Gaps in Law", New York Times, April 14, 2010
  24. ^ Cyber ShockWave Shows U.S. Unprepared For Cyber Threats. Bipartisanpolicy.org. Retrieved on 2011-11-08.
  25. ^ Drogin, Bob (February 17, 2010). "In a doomsday cyber attack scenario, answers are unsettling". The Los Angeles Times. http://www.latimes.com/news/nation-and-world/la-na-cyber-attack17-2010feb17,0,305928.story?track=rss. 
  26. ^ Ali, Sarmad (February 16, 2010). "Washington Group Tests Security in ‘Cyber ShockWave'". The Wall Street Journal. http://blogs.wsj.com/digits/2010/02/16/washington-group-tests-security-in-cyber-shockwave/. 
  27. ^ Cyber ShockWave CNN/BPC wargame: was it a failure? – Computerworld Blogs. Blogs.computerworld.com (2010-02-17). Retrieved on 2011-11-08.
  28. ^ Steve Ragan Report: The Cyber ShockWave event and its aftermath. The Tech Herald. February 16 2010
  29. ^ "Google Attack Is Tip Of Iceberg", McAfee Security Insights, January 13, 2010
  30. ^ Government-sponsored cyberattacks on the rise, McAfee says. Networkworld.com (2007-11-29). Retrieved on 2011-11-08.
  31. ^ American Forces Press Service: Lynn Explains U.S. Cybersecurity Strategy. Defense.gov. Retrieved on 2011-11-08.
  32. ^ Pentagon to Consider Cyberattacks Acts of War. New York Times. 31 May 2006
  33. ^ ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People’s Republic of China 2010. (PDF) . Retrieved on 2011-11-08.
  34. ^ AP: Pentagon takes aim at China cyber threat
  35. ^ a b "The Joint Operating Environment", Report released, Feb. 18, 2010, pp. 34–36
  36. ^ A Bill. To amend the Homeland Security Act of 2002 and other laws to enhance the security and resiliency of the cyber and communications infrastructure of the United States.. Senate.gov. 111th Congress 2D Session
  37. ^ Senators Say Cybersecurity Bill Has No 'Kill Switch', informationweek.com, June 24, 2010. Retrieved on June 25, 2010.
  38. ^ "US embassy cables: China uses access to Microsoft source code to help plot cyber warfare, US fears". The Guardian. http://www.guardian.co.uk/world/us-embassy-cables-documents/214462?INTCMP=SRCH. Retrieved 31 December 2010. 
  39. ^ DOD – Cyber Counterintelligence. Dtic.mil. Retrieved on 2011-11-08.
  40. ^ Pentagon Bill To Fix Cyber Attacks: $100M. CBS News. Retrieved on 2011-11-08.
  41. ^ Senate Legislation Would Federalize Cybersecurity. Washingtonpost.com. Retrieved on 2011-11-08.
  42. ^ White House Eyes Cyber Security Plan. CBS News (2009-02-10). Retrieved on 2011-11-08.
  43. ^ CCD COE – Cyber Defence. Ccdcoe.org. Retrieved on 2011-11-08.
  44. ^ Press, Associated. (2009-05-11) FBI to station cybercrime expert in Estonia. BostonHerald.com. Retrieved on 2011-11-08.
  45. ^ Rid, Thomas (October 2011). "Cyber War Will Not Take Place". Journal of Strategic Studies. doi:10.1080/01402390.2011.608939. http://dx.doi.org/10.1080/01402390.2011.608939. Retrieved 21 October 2011. 
  46. ^ Deibert, Ron (2011). "Tracking the emerging arms race in cyberspace". Bulletin of the Atomic Scientists 67 (1). doi:10.1177/0096340210393703. http://bos.sagepub.com/content/67/1/1. 
  47. ^ Mathew J. Schwartz (November 21, 2011). "Hacker Apparently Triggers Illinois Water Pump Burnout". Information Week. http://www.informationweek.com/news/security/attacks/231903481. 
  48. ^ Kim Zetter (November 30, 2011). "Exclusive: Comedy of Errors Led to False ‘Water-Pump Hack’ Report". Wired.com. http://www.wired.com/threatlevel/2011/11/water-pump-hack-mystery-solved/. 
  49. ^ U.S. drone and predator fleet is being keylogged accessdate=2011-10-06
  50. ^ Hennigan, W.J. "Air Force says drone computer virus poses 'no threat'." LA Times, 13 October 2011.
  51. ^ "SK Hack by an Advanced Persistent Threat". Command Five Pty Ltd. http://www.commandfive.com/papers/C5_APT_SKHack.pdf. Retrieved 2011-09-24. 
  52. ^ Jim Finkle (2011-08-03). "State actor seen in "enormous" range of cyber attacks". Reuters. http://www.reuters.com/article/2011/08/03/us-cyberattacks-idUSTRE7720HU20110803. Retrieved 2011-08-03. 
  53. ^ Hacked by 'Pakistan cyber army', CBI website still not restored. Ndtv.com (2010-12-04). Retrieved on 2011-11-08.
  54. ^ 36 government sites hacked by ‘Indian Cyber Army’ – The Express Tribune. Tribune.com.pk. Retrieved on 2011-11-08.
  55. ^ Britain faces serious cyber threat, spy agency head warns. The Globe and Mail (2010-10-13). Retrieved on 2011-11-08.
  56. ^ AFP: Stuxnet worm brings cyber warfare out of virtual world. Google.com (2010-10-01). Retrieved on 2011-11-08.
  57. ^ Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on. Ted.com. Retrieved on 2011-11-08.
  58. ^ Sudworth, John. (2009-07-09) New cyberattacks hit South Korea. BBC News. Retrieved on 2011-11-08.
  59. ^ Williams, Martin. UK, Not North Korea, Source of DDOS Attacks, Researcher Says. PC World.
  60. ^ Danchev, Dancho (2008-08-11). "Coordinated Russia vs Georgia cyberattack". ZDnet. http://blogs.zdnet.com/security/?p=1670. Retrieved 2008-11-25. 
  61. ^ Website of Kyrgyz Central Election Commission hacked by Estonian hackers, Regnum, 14 December 2007
  62. ^ Fulghum, David A. "Why Syria's Air Defenses Failed to Detect Israelis", Aviation Week & Space Technology, 2007-10-03. Retrieved on 2007-10-03.
  63. ^ Fulghum, David A. "Israel used electronic attack in air strike against Syrian mystery target", Aviation Week & Space Technology, 2007-10-08. Retrieved on 2007-10-08.
  64. ^ "War in the fifth domain. Are the mouse and keyboard the new weapons of conflict?". The Economist. July 1, 2010. http://www.economist.com/node/16478792. Retrieved 2010-07-02. "Important thinking about the tactical and legal concepts of cyber-warfare is taking place in a former Soviet barracks in Estonia, now home to NATO’s “centre of excellence” for cyber-defence. It was established in response to what has become known as “Web War 1”, a concerted denial-of-service attack on Estonian government, media and bank web servers that was precipitated by the decision to move a Soviet-era war memorial in central Tallinn in 2007." 
  65. ^ Estonia accuses Russia of 'cyber attack'. Csmonitor.com (2007-05-17). Retrieved on 2011-11-08.
  66. ^ Ian Traynor, 'Russia accused of unleashing cyberwar to disable Estonia", The Guardian, May 17, 2007
  67. ^ Boyd, Clark. (2010-06-17) BBC: Cyber-war a growing threat warn experts. BBC News. Retrieved on 2011-11-08.
  68. ^ "Israel Adds Cyber-Attack to IDF", Military.com, Feb. 10, 2010
  69. ^ Tom Gjelten (September 23, 2010). "Seeing The Internet As An 'Information Weapon'". National Public Radio. http://www.npr.org/templates/story/story.php?storyId=130052701. Retrieved September 23, 2010. 
  70. ^ Gorman, Siobhan. (2010-06-04) WSJ: U.S. Backs Talks on Cyber Warfare. Online.wsj.com. Retrieved on 2011-11-08.
  71. ^ Український центр політичного менеджменту – Зміст публікації – Конвенция о запрещении использования кибервойны. Politik.org.ua. Retrieved on 2011-11-08.

External links

Books
Videos
Articles