Cyberspace is a vast, complex and rapidly changing battle space. The key to prevailing in a hostile cyber space environment may lie in the ability to generate a comprehensive picture of that environment. In the kinetic realm, the “fog of war” is a term derived from Clausewitz referring to uncertain knowledge about the adversary, and the position and activities of the own forces in the midst of an operation. While situational awareness is a major challenge already in traditional warfare, the ‘fog of cyber war’ may well be so thick that it could become the primary impediment to victory. Thus, developing the techniques and tools for cyber situational awareness would be paramount to achieving strategic, operational or tactical advantage in this novel domain.
The world powers have moved over from waging war for land, control of sea, superiority of air, dominance in space to capture of cyberspace…
In January 1982, President Ronald Reagan approved a CIA plan to sabotage the Soviet Union’s economy through covert transfer of technology that contained hidden malfunctions including software that later triggered a huge explosion in a Siberian natural gas pipeline1.The result was the most monumental non-nuclear explosion and fire ever seen from space2.
In a 1983 episode that dramatically raised Cold War tensions, Soviets took out a Korean plane Flight 007 carrying a US Congressman Lawrence McDonald of Georgia. After the plane entered prohibited Soviet airspace, a Soviet fighter jet blew it out of the sky3. Another Korean Air Lines plane flying within a few minutes of Flight 007 had four US Senators onboard4.
Different variants of Stuxnet targeted five Iranian organisations, with the probable target widely suspected to be uranium enrichment infrastructure in Iran. Symantec noted in August 2010 that 60 per cent of the infected computers worldwide were in Iran. Siemens stated that the Iranian nuclear programme, which uses embargoed Siemens equipment procured secretly, has been damaged by Stuxnet. On June 01, 2012, an article in The New York Times said that Stuxnet is part of a US and Israeli intelligence operation called “Operation Olympic Games”. Started under President George W. Bush, it was expanded under President Barrack Obama and is part of a US-Israeli intelligence operation.5
It has been endeavoured to disaggregate complicated cyber technical jargon but at the same time graduate the general readers from anecdotal understanding to informed awareness. It is more difficult to gauge the intent and destruction ability of an electron than it is to gauge the intent and destruction ability of a tank. The aim is to simply put across to the political, military, corporate leadership and social scientists the perils and unimaginable costs thereof to national security and interests, of ignoring the threats lurking in cyberspace. The failure of imagination today on the part of leadership will tomorrow lead to catastrophic failure of intelligence spiraling nation states into black holes.
Cyberspace is a global and dynamic domain subject to constant change, characterised by the combined use of electrons and electro-magnetic spectrum…
The world powers have moved over from waging war for land, control of sea, superiority of air, dominance in space to capture of cyberspace for controlling human minds and actions. Cyberspace6 is a global and dynamic domain subject to constant change, characterised by the combined use of electrons and electro-magnetic spectrum, whose purpose is to create, store, modify, exchange, share, extract, use, eliminate information and disrupt physical resources7. Oxygen is a source of life for human beings and cyberspace has become their soul.
Cyberspace encompasses and overrides virtually all human activities viz communications, airspace control, avionics, commerce, banking, corporate finance, electric power grids, water management, hydro-electric dams, gas pipelines, refineries, nuclear plants, weapon guidance and social networking. Cyberspace is increasingly becoming a theatre of conflict to dominate political, economic, military and social domains. The ability to master the generation, management, use and manipulation of activities in cyberspace has become a highly desired power resource in international relations. From a nuclearised world we are now evolving into a cyberised world.
Cyberised world has brought about a new type of clear and present danger – cyber war. A nuclear strike destroys, annihilates and vapourises living and non-livings beings; a cyber strike manipulates spirit, soul and life of living beings. Nuclear arsenal are threats in being, rarely if ever used whereas cyber weapons are being used routinely by states and non-state actors against friends and adversaries alike; most victims being oblivious to the threat and damage it is causing and dangers of impending cyber explosion.
Since information technology and the internet have developed to an extent to become a major instrument of national power, cyber war has become the drumbeat of the day as nation states are arming themselves for the cyber battle space8. Through cyber war, control and manipulation of human minds of population of target countries is aimed to be achieved to attain political objectives and national interests.
Cyberspace is increasingly becoming a theatre of conflict to dominate political, economic, military and social domains…
Due to the increasing reliance on technology in both civil and military sectors, vulnerability to cyber attacks increases exponentially. In countries with rapidly growing economies like China that currently invest heavily in offensive technology, the outcome of a potential cyber war might already be determined9. China’s Cyber Warfare Doctrine is designed to achieve global ‘electronic dominance’ by 2050. This doctrine includes strategies that will disrupt financial markets, military and civilian communications as well as other parts of the enemy’s critical infrastructure prior to the initiation of conventional military operations. China’s estimated cyber warfare budget is $55 million and cyber workforce is 10,000 plus10. Given China’s propensity to build military prowess through huge annual defence budget and stated cyber warfare doctrine, this is a gross under estimation.
The US and Russia are far advanced in cyber warfare closely followed by EU, Koreas and other developing economies. Russia has demonstrated her capabilities in cyber warfare many times over in the past and has gained considerable experience and developed expertise in cybercraft. In April-May 2007, Russia had subjected Estonia to a barrage of cyber warfare, disabling the websites of government ministries, political parties, newspapers, banks and companies11.
Russian attacks against Georgia’s internet infrastructure began as early as July 20, 2008, with coordinated barrages of millions of requests known as Distributed Denial of Service (DDOS) attacks that overloaded and effectively shut down Georgian servers before conventional military intervention12. Early this year, Russia had even launched a spate of sophisticated and coordinated cyber attacks on Ukraine, which crippled communications networks and overwhelmed government websites13. Nation states or non-state actors, which do not have in-house cyber technology, wherewithal or expertise have an option of outsourcing cyber attack tools or engage cyber mercenaries.
Russian Business Network (RBN) is one such organisation which is physically based at St. Petersburg in Russia. RBN has developed partners and affiliate marketing techniques in many countries to provide a method for organised crime to target victims internationally14. Cyberspace is increasingly being characterised with elements as equivalents of robbers, criminals, intellectual property thieves, sea pirates, mercenaries, terrorists, saboteurs, religious groups15 and commercial espionage among other destructive and criminal elements.
China’s Cyber Warfare Doctrine is designed to achieve global ‘electronic dominance’ by 2050…
Along with evolution of cyberspace and the increasing dependence of the world on, cyber warfare, methods, techniques and players are also proliferating exponentially. No nation can afford to insulate itself from the impending threats from friends and foes alike, as proverbially, in international arena as well as in cyberspace “there are no permanent friends or enemies but permanent national interests”. Therefore, creatively preparing for the cyber situation or line of attack “that has not happened yet” is mandatory.
Cyber Threats and Vulnerabilities
Cyberspace consists of a maze of inter-connected computers through servers and routers over terrestrial cable networks and space based satellites. The networks transcend national boundaries. There is no definable beginning or end, entry or exit points as cyberspace is in continuum. Reliance on cyberspace is only increasing. It is a logical prediction that as network connectivity and dependency on the internet increases, the number and the overall disruptive effect of vulnerabilities and exploits will also increase. Cyber threat can manifest itself in a variety of ways i.e. viruses, worms, zero day exploits, Trojan Horses incapacitating systems as under:
- Internet: Root servers, Domain Name Servers and central servers operated by Internet Service Providers.
- Telecommunications infrastructure. Non-discriminatory spread of viruses, worms, software exploits infecting email servers and application software all the way to vulnerabilities at the end-user level.
- Embedded Real Time Computing. Avionics, Supervisory Control And Data Acquisition (SCADA) systems controlling physical plants such as hydroelectric dams, power grids and pipelines
- Dedicated Computing Devices. Desktop computers particularly those always on16.
No nation can afford to insulate itself from the impending threats from friends and foes alike…
The cumulative impact of long term exposure to these exploitative vulnerabilities can be debilitating on people and their trust in the system apart from potential danger and threat of physical disruption and destruction.
Cyberspace provides anonymity to the criminals and mischief mongers. Non-state actors can gain asymmetrically in cyberspace by inflicting damage on vulnerable targets; the virtual terrain of cyberspace is said to favour offence because cyber attacks are inexpensive and conducting them rarely has consequences. A cyber attacker can choose to remain anonymous as attribution and possibility of tracing the origin of attack is extremely difficult if not impossible. In addition to hiring or sponsoring cyber warfare “agents,” a nation-state can spoof or conceal the origin of the digital “hops” through cyberspace in conducting an attack.
Current technology permits a variety of methods to conceal points of origin. Such “laundering” techniques by masking the origin of the attack tend to weaken conventional deterrence predicated on the threat of swift and accurate retaliatory response17.
There are innumerable instances worldwide wherein cyber intrusions have taken place in critical Infrastructure (air space control, dams, power grids, water management, nuclear plants, gas pipelines), Financial and Banking Sector as well as Military and National Security Sector. As of now these attacks have caused substantive financial loss and considerable annoyance to the victims. Technology is accelerating virtually at the speed of light and days are not far when the bar of losses will be raised to unacceptable limits.