Indian Defence Review

Cyber Attacks

The RAND Corporation recently warned, “Osama bin Laden’s Egyptian followers can immediately cripple the information infrastructure of Russia and India27.” The consequences of an attack “through the wires,” and the degree of potential disruption, will often hinge on the pervasiveness and therefore importance of the network impaired by the attack – national versus regional, local or municipal in scope.

Israel is believed to be behind ‘kinetic’ (destructive to real-world objects) Cyber attacks on energy facilities in Saudi Arabia and Qatar as well as Distributed Denial Of Service (DDOS) attacks on several American Banks. This constant threat of attack has led to the establishment of some of the best military intelligence organisations in the world; the best of the best being Unit 8200 of Israel28.

The aims and objectives of cyber attacks are dependent on the motivation of the attacker. It may be driven by provocation to settle old scores; by perceived grievance against an adversary to make an adversary capitulate; to establish own writ; as a pre-emptive protective shield against an established adversary or to purely establish cyber dominance and superiority. Therefore, the type and intensity of attack will be dictated by the aims, the resources available, and the risk and cost analysis among others.

The popular media discuss a Digital Pearl Harbour in which an adversary would attack the internet, dismembering the cyberspace “backbone” plunging the economy into chaos. Some of the types of cyber attacks launched in the past decades and likely in the future with varying degrees of sophistication and intensity is enumerated here.

Bold and Direct

The origin and source of attack directly or in a subtle manner is made known to the adversary. The aim is generally punitive and retaliatory with a view to enforce the attacker’s will through a show of strength. The potential of causing physical damage and economic loss through dominance in cyberspace is demonstrated to the opponent. The weapons chosen are such that the impact is either local or regional.

Subtle and Calibrated

The aim is slow cyber poisoning of an adversary or friend by masking the identity of the attacker to achieve national mid or long term objectives. The idea is also to slowly prepare the cyber ground to launch the ultimate cyber attack achieving total surprise on the day of reckoning. It is a slow and gradual process of recce and surveillance followed by cyber infection by stealth particularly in closed networks, those not connected to internet and air gapped, to ensure that no stakeholder in the network is disturbed and becomes suspicious. It takes the form of data theft, business espionage, insertion of Trojans, opening backdoors, rewriting software commands, positioning insider access and proximity access resources in vital infrastructure among others. Cyber craft is used imaginatively and creatively to instigate conflict between political factions, harass disfavoured leaders and entities or influence decision making or even the outcome of elections at various levels.

Combination of Bold and Subtle

This method inherits the advantages of both i.e. turn the cyber tap on or off at will and keep the cyber throttle under control. It gives the cyber attacker an overwhelming strategic advantage to choose the point, place and time of attack to catch the opponent totally off guard. In the final attack the weapons chosen are such so as to dismember the cyberspace backbone, plunging the economy and critical national security infrastructure into chaos and putting the nation state at the risk of its existence itself.

The success of any of the above stated methods of cyber attacks is dependent fully on the highest degree of preparedness, meticulous planning and precise execution. More importantly, national will and understanding to dominate the cyberspace, which supports freedom of action in all other domains and denies freedom of action to adversaries.

Cyber Protection

Cyber protection includes response to cyber assault incidents to mitigate, investigate, monitor, detect and identify the source of attack. Cyberspace is an open domain with no frontiers or boundaries. It is open to any and every one and if a user chooses to remain anonymous, can do so with ease. An attacker can remain untraceable as attribution – determining the source, location, and the identity of an attacker is extremely difficult for both technical and non-technical reasons. Smart hackers hide within the maze-like architecture of the Internet. Those with sufficient technical skill can remain anonymous at will. The most sophisticated cyber attack or exploitation may never be discovered.

Just like nuclear deterrence, cyber deterrence also does not work. And this situation is not likely to change soon; it is a systemic aspect of the internet, not a simple problem that can be fixed. Thus, states face the prospect of losing a cyber conflict without knowing the identity of their adversary. This is particularly true of the recent attacks that are suspected to have been committed by China, Russia, and North Korea29.

Cyberspace favours the attacker. Therefore, cyber protection has to be fashioned imaginatively and creatively for active defence strategy thereby stopping the attacker at the source itself. In essence, either one acts first to stop the opponents’ actions, or one must be in a position to react before being struck by cyber assaults of the opponent. It, therefore, is a sound strategy that opponents’ cyber or kinetic weapons should be infected with malware to redirect them to launch sites.

Cyber Structure

Innumerable cyber organisations under different ministries with diverse mandate and often overlapping charters are existing. These are either working at cross purposes or engaged in wasteful turf wars. Some interact, meet, debate, exchange and pursue policies which without a national cyber doctrine and a well-stated cyber strategy. The effort is in vain as it may not be in synergy with the government’s focus or thrust and thus, unexploitable.

A well-stated national cyber doctrine and strategy with well-defined objectives in definitive achievable timelines, after allocation of matching resources with freedom of use and accountability to deliver, can only be successful. Furthermore, any intervention by audit organisations, that have not moved on from ‘bricks and mortar’ mindset to ‘bits and bytes’ thinking, is an invitation to national cyber disaster.

A possible coherent structure for cyber warfare could be directly placed under the Prime Minister as Executive Head with operational command delegated to the Defence Minister. It could be designated as Cyber and Nuclear Warfare Command (CNWC). It could comprise Cyber Command (CC), CDS, ISRO, SFC, DRDO, NTRO, R&AW and CII. The hierarchical chain of existing organisation could be severed and re-aligned to ensure resolute operation directly under the PM through the National Security Adviser who could be of Cabinet Rank. Many existing cyber entities could be subsumed in CC. The responsibility of CC would be to establish complete cyber dominance in the world.

CC could have a structure tailored and responsible for the continents and specific group of countries. Thus it could be sub divided into divisions, groups, units and entities with resources, tasks and responsibilities of identifying cyber targets, carrying out surveillance and monitoring, assigning cyber weapons to designated targets and undertaking active cyber defence of the nation and national assets worldwide and launch cyber assaults as the situation develops.

National Cyber Will

Political, military, corporate and industry leadership and social scientists need to understand that to unleash cyber charge now is an attempt to react to times. Imagination failure on part of the current leadership for not being creative to construct cyber warfare organisation, while there are cyber skill sets available within the country and with the Indian diaspora, to become a dominant cyber power, will be considered the biggest failure in history.

It is time to imbue and ignite fire in citizens and netizens with a national will and passion to transform from being a “soft power” (read cyber coolies) to “smart power” (read cyber rulers).

Prognosis

Cyber race to dominate the world has already taken off much after independence. The countries that gained independence afterwards are seemingly ahead in the race. Cyberspace has become the Centre of Gravity for all instruments of national power. Unimpeded access to cyberspace can be denied through hostile cyber actions and manipulations wherein economic, financial, commercial, telecommunications, military activity and even day-to-day functioning of the population would be paralysed.

Cyber power is an instrument to produce preferred outcome in domains outside cyberspace in the international arena by use of coercive ability of dominance in cyberspace. Nations whose political, military and corporate leadership understand this reality and use imagination and creativity to achieve dominance in cyberspace will be leading the world and the others, despite having the wherewithal, will be cursed to remain in slavery.

The past has been left behind but it may be instructive to recall – 9/11 attack, and Operation Geronimo launched to eliminate Osama bin Laden. The Parliament attack happened; our response was to launch Operation Parakram which ended without even firing a single shot. The 26/11 attack happened and the only Foreign Policy response was that the cricket series run by a private society – the Board of Control for Cricket in India (BCCI) were called off! Employing India’s ‘Soft Power’?

This millennium belongs to a nation that conquers and dominates cyberspace through cyber power. India has everything that it takes to become the dominant cyber power…just resolve to conquer…“Sab ka haath, Cyber Power ke saath”.