Military & Aerospace

Cyberspace: No Man’s Land
Star Rating Loader Please wait...
Issue Vol. 29.4 Oct-Dec 2014 | Date : 30 Mar , 2015

Cyber Attacks

The RAND Corporation recently warned, “Osama bin Laden’s Egyptian followers can immediately cripple the information infrastructure of Russia and India27.” The consequences of an attack “through the wires,” and the degree of potential disruption, will often hinge on the pervasiveness and therefore importance of the network impaired by the attack – national versus regional, local or municipal in scope.

The aims and objectives of cyber attacks are dependent on the motivation of the attacker…

Israel is believed to be behind ‘kinetic’ (destructive to real-world objects) Cyber attacks on energy facilities in Saudi Arabia and Qatar as well as Distributed Denial Of Service (DDOS) attacks on several American Banks. This constant threat of attack has led to the establishment of some of the best military intelligence organisations in the world; the best of the best being Unit 8200 of Israel28.

The aims and objectives of cyber attacks are dependent on the motivation of the attacker. It may be driven by provocation to settle old scores; by perceived grievance against an adversary to make an adversary capitulate; to establish own writ; as a pre-emptive protective shield against an established adversary or to purely establish cyber dominance and superiority. Therefore, the type and intensity of attack will be dictated by the aims, the resources available, and the risk and cost analysis among others.

The popular media discuss a Digital Pearl Harbour in which an adversary would attack the internet, dismembering the cyberspace “backbone” plunging the economy into chaos. Some of the types of cyber attacks launched in the past decades and likely in the future with varying degrees of sophistication and intensity is enumerated here.

The origin and source of attack directly or in a subtle manner is made known to the adversary…

Bold and Direct

The origin and source of attack directly or in a subtle manner is made known to the adversary. The aim is generally punitive and retaliatory with a view to enforce the attacker’s will through a show of strength. The potential of causing physical damage and economic loss through dominance in cyberspace is demonstrated to the opponent. The weapons chosen are such that the impact is either local or regional.

Subtle and Calibrated

The aim is slow cyber poisoning of an adversary or friend by masking the identity of the attacker to achieve national mid or long term objectives. The idea is also to slowly prepare the cyber ground to launch the ultimate cyber attack achieving total surprise on the day of reckoning. It is a slow and gradual process of recce and surveillance followed by cyber infection by stealth particularly in closed networks, those not connected to internet and air gapped, to ensure that no stakeholder in the network is disturbed and becomes suspicious. It takes the form of data theft, business espionage, insertion of Trojans, opening backdoors, rewriting software commands, positioning insider access and proximity access resources in vital infrastructure among others. Cyber craft is used imaginatively and creatively to instigate conflict between political factions, harass disfavoured leaders and entities or influence decision making or even the outcome of elections at various levels.

Combination of Bold and Subtle

This method inherits the advantages of both i.e. turn the cyber tap on or off at will and keep the cyber throttle under control. It gives the cyber attacker an overwhelming strategic advantage to choose the point, place and time of attack to catch the opponent totally off guard. In the final attack the weapons chosen are such so as to dismember the cyberspace backbone, plunging the economy and critical national security infrastructure into chaos and putting the nation state at the risk of its existence itself.

The success of any of the above stated methods of cyber attacks is dependent fully on the highest degree of preparedness, meticulous planning and precise execution. More importantly, national will and understanding to dominate the cyberspace, which supports freedom of action in all other domains and denies freedom of action to adversaries.

The aim is slow cyber poisoning of an adversary or friend by masking the identity of the attacker to achieve national mid or long term objectives…

Cyber Protection

Cyber protection includes response to cyber assault incidents to mitigate, investigate, monitor, detect and identify the source of attack. Cyberspace is an open domain with no frontiers or boundaries. It is open to any and every one and if a user chooses to remain anonymous, can do so with ease. An attacker can remain untraceable as attribution – determining the source, location, and the identity of an attacker is extremely difficult for both technical and non-technical reasons. Smart hackers hide within the maze-like architecture of the Internet. Those with sufficient technical skill can remain anonymous at will. The most sophisticated cyber attack or exploitation may never be discovered.

Just like nuclear deterrence, cyber deterrence also does not work. And this situation is not likely to change soon; it is a systemic aspect of the internet, not a simple problem that can be fixed. Thus, states face the prospect of losing a cyber conflict without knowing the identity of their adversary. This is particularly true of the recent attacks that are suspected to have been committed by China, Russia, and North Korea29.

Cyberspace favours the attacker. Therefore, cyber protection has to be fashioned imaginatively and creatively for active defence strategy thereby stopping the attacker at the source itself. In essence, either one acts first to stop the opponents’ actions, or one must be in a position to react before being struck by cyber assaults of the opponent. It, therefore, is a sound strategy that opponents’ cyber or kinetic weapons should be infected with malware to redirect them to launch sites.

Cyber Structure

Innumerable cyber organisations under different ministries with diverse mandate and often overlapping charters are existing. These are either working at cross purposes or engaged in wasteful turf wars. Some interact, meet, debate, exchange and pursue policies which without a national cyber doctrine and a well-stated cyber strategy. The effort is in vain as it may not be in synergy with the government’s focus or thrust and thus, unexploitable.

Cyber protection includes response to cyber assault  incidents to mitigate, investigate, monitor, detect and identify the source of attack…

A well-stated national cyber doctrine and strategy with well-defined objectives in definitive achievable timelines, after allocation of matching resources with freedom of use and accountability to deliver, can only be successful. Furthermore, any intervention by audit organisations, that have not moved on from ‘bricks and mortar’ mindset to ‘bits and bytes’ thinking, is an invitation to national cyber disaster.

A possible coherent structure for cyber warfare could be directly placed under the Prime Minister as Executive Head with operational command delegated to the Defence Minister. It could be designated as Cyber and Nuclear Warfare Command (CNWC). It could comprise Cyber Command (CC), CDS, ISRO, SFC, DRDO, NTRO, R&AW and CII. The hierarchical chain of existing organisation could be severed and re-aligned to ensure resolute operation directly under the PM through the National Security Adviser who could be of Cabinet Rank. Many existing cyber entities could be subsumed in CC. The responsibility of CC would be to establish complete cyber dominance in the world.

CC could have a structure tailored and responsible for the continents and specific group of countries. Thus it could be sub divided into divisions, groups, units and entities with resources, tasks and responsibilities of identifying cyber targets, carrying out surveillance and monitoring, assigning cyber weapons to designated targets and undertaking active cyber defence of the nation and national assets worldwide and launch cyber assaults as the situation develops.

National Cyber Will

Political, military, corporate and industry leadership and social scientists need to understand that to unleash cyber charge now is an attempt to react to times. Imagination failure on part of the current leadership for not being creative to construct cyber warfare organisation, while there are cyber skill sets available within the country and with the Indian diaspora, to become a dominant cyber power, will be considered the biggest failure in history.

Imagination failure on part of the current leadership for not being creative to construct cyber warfare organisation will be the biggest failure in history…

It is time to imbue and ignite fire in citizens and netizens with a national will and passion to transform from being a “soft power” (read cyber coolies) to “smart power” (read cyber rulers).

Prognosis

Cyber race to dominate the world has already taken off much after independence. The countries that gained independence afterwards are seemingly ahead in the race. Cyberspace has become the Centre of Gravity for all instruments of national power. Unimpeded access to cyberspace can be denied through hostile cyber actions and manipulations wherein economic, financial, commercial, telecommunications, military activity and even day-to-day functioning of the population would be paralysed.

Cyber power is an instrument to produce preferred outcome in domains outside cyberspace in the international arena by use of coercive ability of dominance in cyberspace. Nations whose political, military and corporate leadership understand this reality and use imagination and creativity to achieve dominance in cyberspace will be leading the world and the others, despite having the wherewithal, will be cursed to remain in slavery.

The past has been left behind but it may be instructive to recall – 9/11 attack, and Operation Geronimo launched to eliminate Osama bin Laden. The Parliament attack happened; our response was to launch Operation Parakram which ended without even firing a single shot. The 26/11 attack happened and the only Foreign Policy response was that the cricket series run by a private society – the Board of Control for Cricket in India (BCCI) were called off! Employing India’s ‘Soft Power’?

This millennium belongs to a nation that conquers and dominates cyberspace through cyber power. India has everything that it takes to become the dominant cyber power…just resolve to conquer…“Sab ka haath, Cyber Power ke saath”.

Notes

  1. Hoffman David E. , Reagan Gave Green Light To Sabotage Of Soviet Oil Pipeline, 27 Feb 2004, Retrieved from http://articles.sun-sentinel.com/2004-02-27/news/0402261365_1_pipeline-explosion-soviet-economy-cold-war.
  2. Siberian pipeline sabotage, 20Nov2013.Retrieved from http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage.
  3. MyreGreg , 17 Jul 2014, A Brief History Of Civilian Planes That Have Been Shot Down, Retrieved from, http://www.npr.org/blogs/parallels/2014/07/17/332318322/a-brief-history-of-civilian-planes-that-have-been-shot-down.
  4. Prendergast Lara, Spectator archive: A history of passenger planes shot down, 18 July 2014 , Retrieved from http://blogs.spectator.co.uk/coffeehouse/2014/07/civilian-plane-crashes-through-the-eyes-of-the-spectator.
  5. Stuxnet, 08 Aug 2014, Retrieved from, http://en.wikipedia.org/wiki/Stuxnet.
  6. As defined in Wikipedia‘ Cyberspace as an Internet Metaphor’, Firstly, cyberspace describes the flow of digital data through the network of interconnected computers: it is at once not “real”, since one could not spatially locate it as a tangible object, and clearly “real” in its effects. Secondly, cyberspace is the site of computer-mediated communication (CMC), in which online relationships and alternative forms of online identity were enacted, raising important questions about the social psychology of internet use, the relationship between “online” and “offline” forms of life and interaction, and the relationship between the “real” and the virtual. Cyberspace draws attention to remediation of culture through new media technologies: it is not just a communication tool but a social destination, and is culturally significant in its own right.
  7. Cyberspace, 22 Jul 2014, Retrieved from, http://en.wikipedia.org/wiki/Cyberspace#Recent_definitions_of_Cyberspace.
  8. Schreier Fred, On Cyberwarfare, DCAF Horizon 2015, Retrieved from, http://www.dcaf.ch/Publications/On-Cyberwarfare.
  9. NellesMattia, 29 Jul 2012, China’s Growing Cyber War Capacities.Retrieved from. http://www.e-ir.info/2012/07/29/chinas-growing-cyber-war-capacities.
  10. Dept of Defence, USA ANNUAL REPORT TO CONGRESS, Military and Security Developments Involving the People’s Republic of China 2013. Retrieved from. http://www.defense.gov/pubs/2013_china_report.
  11. Traynor Ian, 17 May 2007, Russia accused of unleashing cyberwar to disable Estonia, Retrieved from ,http://www.theguardian.com/world/2007/may/17/topstories3.russia.
  12. Markoff John, 12 Aug 2008, Before the GunfireCyberattacks, Retrieved from, http://www.nytimes.com/2008/08/13/technology.
  13. Russian cyber attacks on Ukraine: the Georgia template. 03 May 2014, Retieved from, http://www.channel4.com/news/ukraine-cyber-warfare-russia-attacks-georgia.
  14. Russian Business Network, Retrieved from, http://en.wikipedia.org/wiki/Russian_Business_Network.
  15. According to the Internet security firm mi2g, individual hacker groups are joining together to launchcyber attacks against the U.S., Israel, and India. The most important lesson learnt from these events is the coming together of pro-Islamic groups to simultaneously participate in joint digital attacks on U.S./UK, Israeli and Indian targets. Retrieved from, BBC World News, “Pro-Islamic hackers join forces,” June 19, 2002.http://news.bbc.co.uk/2/hi/sci/tech/2052320.stm.
  16. BilloCharles, Chang Welton, Cyberwarfare, INSTITUTE FOR SECURITY TECHNOLOGY STUDIES, DARTMOUTH COLLEGE, Dec 2014, Retrieved from http://www.ists.dartmouth.edu/docs/cyberwarfare, p. 124.
  17. Ibid, p. 120.
  18. The Ukrainian crisis – a cyber warfare battlefield. Russia has managed to hit almost all Ukraine government websites and it was able to take control and to put on surveillance and monitoring all the Internet and telephone communications lines, before the invasion and occupation of Crimea by its military. Russian Special Forces managed to derail all important communications systems through direct physical impact on them by combined field and high-tech operation. News analysis, 05 Apr 2014, Retrieved from, http://defense-update.com/20140405_ukrainian-crisis-cyber-warfare-battlefield.
  19. Schreier Fred, Op.Cit. p. 40.
  20. BilloCharles, Chang Welton, Cyberwarfare, INSTITUTE FOR SECURITY TECHNOLOGY STUDIES, DARTMOUTH COLLEGE, Dec 2014, Retrieved from http://www.ists.dartmouth.edu/docs/cyberwarfare.pp3.
  21. Schreier Fred, Op.Cit. p. 66.
  22. A Trojan horse, or Trojan, in computing is a generally non-self-replicating type of malware program containing malicious code that often acts as a backdoor, contacting a controller which can then have unauthorized access to the affected computer. Trojans and backdoors are not easily detectable by themselves. Retrieved from, http://en.wikipedia.org/wiki/Trojan_horse_(computing).
  23. SCADA (supervisory control and data acquisition) is a system operating with coded signals over communication channels so as to provide control of remote equipment. It is a type of Industrial, Infrastructure and Facility control systems that monitor and control Industrial processes those of manufacturing, production, power generation, fabrication; Infrastructure processes of water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, civil defense siren systems, and large communication systems, and Facility processes of buildings, airports, ships, and space stations. Retrieved from.http://en.wikipedia.org/wiki/SCADA.
  24. Schreier Fred, Op.Cit. p. 67.
  25. Botnets sometimes compromise computers whose security defenses have been breached and control conceded to a third party. Each such compromised device, known as a “bot”, is created when a computer is penetrated by software from a malware (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers through communication channels formed by standards-based network protocols. Computers can be co-opted into a botnet when they execute malicious software. Retrieved from, http://en.wikipedia.org/wiki/Botnet.
  26. Schreier Fred, Op.Cit. p. 68.
  27. BilloCharles , Chang Welton. Op. Cit. p. 102.
  28. Bender Jeremy, 04 Feb 2014, Israel: Cyber Is A Bigger Revolution In Warfare Than Gunpowder, Retrieved from, http://www.businessinsider.in/Israel-Cyber-Is-A-Bigger-Revolution-In-Warfare-Than-Gunpowder.
  29. Schreier Fred, Op.Cit. p. 68.
1 2 3
Rate this Article
Star Rating Loader Please wait...
The views expressed are of the author and do not necessarily represent the opinions or policies of the Indian Defence Review.

About the Author

Maj Gen AK Chadha

former head of Signal Intelligence Directorate in Defence Intelligence Agency.

More by the same author

Post your Comment

2000characters left

3 thoughts on “Cyberspace: No Man’s Land

  1. Good article – well researched and informative content .

    Regarding ‘Cyber Weapons’ on page 2, a few years ago there was a some time ban by the Indian Govt on importing telecom equipment from Chinese equipment manufacturers, by any big telecom operator in India , for the fear of cyber weapons.

    Regarding ‘Cyber Structure’ on page 3 ; C-DAC (http://cdac.in) could also figure in that.

More Comments Loader Loading Comments