Cyber warfare is warfare conducted in cyberspace that is usually politically or economically motivated with the goal of disrupting the infrastructure1 of organizations, essential services, classified data as well as targeted content in cyberspace. Cyberspace is the globally interconnected network of digital information and communications’ infrastructures, including the internet, telecommunications networks, and shared computer systems. Cyber warfare has become an increasing threat to the worldi.
According to a publication of the United Nation’s Institute for Disarmament Research, the number of active internet users has exploded in a very short time. While in 1995 there was an estimated 16 million active users, by 2010 that number had jumped to 1.7 billion. Many of these users have become technologically savvy enough to initiate varying degrees of cyber warfare. Many governments, private companies and other organizations have assembled teams of hackers and cyber experts for both the purposes of protection and attack. It is very difficult to prove where cyber attacks are rooted geographically as they are oftentimes waged anonymously. According to Jeffrey Carr, author of “Inside Cyber Warfare”, any country can wage cyber war on any other country, irrespective of resources, because most military forces are network-centric and connected to the internet, which is not always secure. In the same vein, non-governmental groups and private individuals can also launch cyber warfare attacks.
History of the Issue
The history of cyber space begins earlier than most would think. The ‘net’ had its beginning over 40 years ago when it was devised during a university experiment on military communication. During the Cold War, the U.S. saw the need for a system that would not get damaged in the event of a nuclear attack in order to send and receive intelligence. The computers were linked in a network to achieve this connection. Initially, each computer was physically linked by cable to the next computer but eventually they developed networks that used telephone lines. This network was deemed to be a beneficial communication tool for everyone, not just the military. As the potential of this phenomena grew, more and more community groups began developing separate networks, forming what is now know as the internet. The internet today is a vast collection of all of the users and their networks and as technology improves, it is expanding in ways that the Pentagon never dreamed of 40 years ago. Unfortunately, the Pentagon also didn’t anticipate it being used for cyber warfare either.
Siberian Pipeline/First Logic Bomb 1982
One of the earliest most damaging cyber attacks was between the United States and the former Soviet Union during the early 80’s. Using a ‘logic bomb’, which is a code of malware inserted into a software system in order to cause disruption, the CIA and U.S. Government went after the systems operating the largest pipeline in the Soviet Unionii. The inserted logic bomb made the actual software running the pipeline go haywire, causing massive havoc in its operations. This prime example of cold war economic warfare came at a time when the U.S. was trying to block Western Europe from importing Soviet natural gas. This logic bomb caused what would be dubbed “the most monumental non-nuclear explosion seen from spaceiii.” While there weren’t any casualties, the damage to the Soviet economy was immense, contributing to its ultimate bankruptcy and cold war demiseiv.
Robert Tappan Morris and the Morris Worm
The 1970’s witnessed the beginnings of worm attacks, which are self replicating computer programs similar to a computer virus. However, unlike a computer virus, worms can send copies of itself to other systems causing widespread havoc on a network. Over the years they have evolved and become more sophisticated. In 1988 a Cornell University student, Robert Tappan Morris, created the first computer worm to be transmitted through the Internet. Although his intent was not to cause harm, it eventually morphed into a virus that would infect other computers, resulting in a denial of service for about 6,000 users. This worm, costing up to $100 million in repairs, would be the pre-cursor to many future denials of service type attacksv.
Stuxnet, first identified by Iranian officials in June 2010, was a computer worm designed to infect industrial control systems that were using Siemens Step 7 software. In July of 2011 media reports claimed that the combined efforts of the U.S. and Israel led to Stuxnet targeting Iran’s newly launched nuclear power program. Stuxnet is believed to have destroyed 1,000 of Tehran’s nuclear centrifuges, setting its nuclear program back by at least two years. Currently, Iran is attempting to pursue legal action against the U.S.-Israel led Stuxnet cyber attack. This case could give the international community an opportunity to use the case as a precedent towards setting official international regulations on cyber warfare. Many believed the Stuxnet attack to be an illegal act of force that violated the charter of the United Nations and Iranian sovereignty as wellvi.
In April of 2007 disputes between Estonia and Russia were the worst they had been since the collapse of the Soviet Union, ending in the removal of a Bronze Soviet war memorial in the town of Tallinn. The large Russian minority of Estonia took great offense and staged protests, as relations between the two nations deteriorated even further. Then in the same month a series of cyber attacks, called distributed denial of service (DDoS), were launched on the Estonian websites of government ministries, political parties, newspapers, banks and companies. DDos attacks are designed to suddenly swamp websites through thousands of visits in order to jam and disrupt them.
The Estonian government and economy was completely hindered for weeks, as many of the websites had to be ultimately shut down. While the Estonian government could not prove it, they believed that Russia was behind them in retaliation for the relocation of the war memorial. NATO dispatched its top cyber-terrorism experts to investigate, however nothing concrete could actually be done since NATO could not define cyber-attacks as a clear military action. Much later it was determined that Nashi, a nationalist Russian youth group, had initiated the cyber attacks in accordance with the state. Estonia lacked the technology to combat and deal with these sophisticated cyber attacks, demonstrating that those behind technologically will continue to be most vulnerable.
In December of 2009, The Google Chinese headquarters were hit by a brazen security breech that allowed hackers to access corporate servers and steal intellectual property. Google believed that it had evidence suggesting that the primary goal of the attack was to access Gmail accounts of Chinese human rights activists. The finger pointed right at the Chinese government, long known for their poor human rights record and stance. This attack prompted Google to relocate its servers to Hong Kong in order to bypass the Chinese government’s strict internet filtering policyvii.
Discussion of the Problem
CAST STUDY – China
China is strongly considered the most active country in terms of cyber warfare, having been linked to several successful infiltrations of other technological world powers, including the United States. China is admired for being tech savvy however it has been criticized for their aggressive use of such skills for cyber attacks. In a publication called “China’s Cyber Warfare Capabilities” by Desmond Ball, there are many citations of government accusations against China for their cyber espionage.
Australia reported in September of 2007 that China had allegedly tried to hack into highly classified government computer networks …as part of a broader international operation to glean military secrets from western nations.
In February of 2011 Canadian media reported that “Chinese government hackers” had penetrated the computers of the Finance and Defense Departments and the Treasury Board in Canada in January. They reportedly “also infiltrated computers in the offices of senior government officials in a bid to steal passwords providing access to key government data.” A Chinese government spokesman denied involvement by Beijing in the attacks and stated that “the allegation that the Chinese government supports Internet hacking is groundless.”
Indian officials in May of 2008 claimed that in a one and a half year period China had “mounted almost daily attacks on Indian computer networks, both government and private.” The officials said that “the Chinese are constantly scanning and mapping India’s official networks” and that “this gives them a very good idea of not only the content but also of how to disable the networks or distract them during a conflict.”
Cyber warfare has been dominating the headlines of lateviii. Whether it is clandestine2 groups hacking computers for fun or alleged government agencies attempting to steal classified information, the internet landscape has become a binary3 battlefield. From governments to major corporations, cyber attacks have been growing rapidly in scope and frequency across the globe. There are primary methods of cyber warfare – sabotage, electronic espionage, and attacks on electrical power grids. Sabotage attacks involve coordinated cyber activity designed to compromise and corrupt equipment and operations. Electronic espionage is the act of illegally obtaining secrets in cyber space from governments, rivals, companies, and other groups for military, political, and economic advantage. The third, attacks on electrical power grids, is perhaps the most alarming as it could lead to massive power-outages, delayed military response, and economic disruption.
Cyber attacks have not only grown increasingly in number, but also in sophisticationix. “We operate in five domains: air, land, sea, outer space and cyber space,” says Dan Kuehl, manager of information operations at the National Defense University in Washington, D.C. Kuehl admitted in an interview with Al Jazeera that “a guy typing on a computer is one of the new faces of war”. What is more problematic is that the targets of these attacks would not know from where their attacker is coming from and why. The complexity of cyber warfare makes it difficult to know who or what to protect yourself from and who or what to retaliate against following an attack.
Past Internatioanl Actions
United Nations Charters, NATO laws, and Geneva and The Hague conventions all address the definition of a military action. However, cyber warfare does not unfortunately legally fall into the realm of what is considered an act of war. Many of the charters and conventions use language such as an “armed attack” or “the use of force against the territorial integrity or political independence of any state”. Cyber warfare does not clearly fall into those categories even if it is a government sponsored attack against another government. The lack of the use of actual force hinders the justification for an international response. However, it is being argued that cyber attacks while unlikely to result in death, injury, or destruction could still amount to an “armed attack” if they aim to incapacitate “critical infrastructures within the sphere of sovereignty of another state. “ The question then becomes what other bodies of law can address the problem of cyber warfare? Clearly a new legal framework is needed that can be enforced through global cooperation.
The UN General Assembly has passed several related resolutions. In August of 1999, the United Nations sponsored a meeting in Geneva to better grasp the security implications of emerging information technology. Follow up studies and resolutions would follow but little actual action has resulted. The UN sponsored the World Summit on the Information in Society but again with little result. In 2010 the UN did take a step in the right direction when government cyber security specialists from 15 countries, such as China, the United States and the Russian Federation, submitted a set of recommendations to the UN Secretary General as an initial step towards building the international framework for security and stability that these new technologies require.
NATO considers a cyber attack comparable to a missile strike. It has publicly warned nations and organizations that it will determine the perpetrator of any attacks and take action as needed. NATO has set up a cyber defense policy and an operational headquarters with full time analysts looking over all information and content for any suspicious activity. In May of 2010 the International Telecommunications Union proposed a treaty that would require countries to refrain from making initial cyber strikes against other nations. International cooperation is crucial to preventing a retaliatory cyber warfare environment.
THE UNITED STATES
The Pentagon has formally recognized cyberspace as a new domain in warfare and as a result has set up a new U.S. Cyber Command headed by the NSA and charged with defending American military networks. Cyber Command is only responsible for the military and the Department of Homeland Security protects the government and corporate infrastructures. The Bill “Protecting Cyberspace as a National Asset Act of 2010” has been dubbed “Kill Switchbill” because it would give the President emergency powers over parts of the Internet.
While China has often been accused of being behind a great many cyber attacks, the government still maintains that China is not the perpetrator but rather the victim of attacks. As a result, the Chinese government has expanded its cyber capabilities and technologies, utilizing what is known as space-based surveillance and intelligence gathering systems, anti-satellite weapons, anti-radar and infrared decoys among other defensive measures. China Is also stepping up the education of soldiers in cyber warfare by incorporating more virtual facilities and training programsx.
Vladmir Putin adopted the Russian Information Security Doctrine in 2000, which gave the government an enhanced framework for handling computer crime and providing security in cyberspace.
The Indian government created the National Critical Information Infrastructure Protection Centre to thwart cyber attacks against vital infrastructures such as energy and defense. The NCIIPC hopes to isolate security agencies so that a synchronized attack would not damage all fronts. They also are creating domestic security solutions that need not rely on foreign technologies that can be more easily compromisedxi.
In 2013, Germany unveiled the creation of a computer Network Operation Unit. The German Intelligence Agency hired hackers to serve as a new “cyber defense station” unit who’ve been given license to use cyber surveillance on up to 20% of total internet traffic, the maximum allowed by lawxii.
Questions to Consider:
Has your nation been a victim of a cyber attack?
Has your nation used cyber warfare in military actions?
Does your nation have a task force or law to fight cyber warfare?
Does your nation believe cyber warfare is an acceptable form of military conflict?
Citations and Photo Credits
1Infrastructure: The basic physical and organizational needs for a society to function such as roads, bridges,water supply,sewers, andelectrical grids
2Clandestine: an act carried out in secret
3Binary: something made of or based on 2 parts
i Photo Credit: http://www.bruceonpolitics.com/2011/07/29/we-need-a-cyber-command/cyber-warfare/
iv Photo Credit: http://www.fitsnews.com/2012/10/29/democrats-demand-answers-from-nikki-haley-over-security-breach/