The world's reliance on information and communications technology (ICT) is
increasing exponentially as it becomes a major source of innovation and rapid
growth. However, one must consider the possibility that our trust in technology
could be more harmful than beneficial, especially with the advent of the newest
front of warfare – in cyberspace. The threat and occurrences of attacks in
cyberspace, or cyber warfare, has increased since the arrival of the new
millennium, and with the escalating number of Internet users – exclusive of the
current 2 billion– these asymmetrical and ambiguous attacks are only likely to
increase in frequency.
The potential hazard a strategically coordinated cyber-attack poses to
governments and organizations alike around the world is very real. Since the new
millennium, the world has experienced major cyber-attacks on Estonia, the United
States, China, South Korea and Iran, as well as on major corporations such as
NASA and Lockheed. One only has to look as far back as May last year, when the
United States charged five Chinese officials of cyber espionage.
Cyber warfare is not rooted in physical attack, but merely in cyberspace, and
this is what makes it so incredibly dangerous. Cyber warfare does not involve
stockpiling weapons, obtaining illegitimate materials via illegal methods or
even any direct bodily harm. Rather, it is even more alarming since all one
requires is a computer and the appropriate skill set. Cyber attacks work on some
sort of intrusion through the Internet, usually done through complex computer
It is in the nature of a cyber attack to be difficult to detect, problematic to
stop, and near impossible to track and locate, especially as hackers tend to use
a plethora of techniques to cover up their tracks.
In addition to this, a major hindrance in combating cyber warfare is the lack of
involvement of developing countries. Computer and Internet usage around the
world is still largely limited to developed countries in North America and
Europe, and NICs in Asia and South America. More than 60% of the world has no
access to Internet facilities, ergo, leaving this percentage of the world's
population unconcerned about such threats.
Furthermore, hackers look to target entities withholding sensitive information
that could potentially lead to financial or military rewards. This constrains
the concern regarding cyber warfare to a small quantity of parties. But the
truth remains that cyber warfare is not limited to large corporations. It can
span from hacking and spying on individuals, to corporate espionage, and even
large-scale attacks on countries. This is what makes it such a dangerous front
of warfare. In today's world, where technology and the
Internet are such an integral part of everyday lives, everyone is susceptible.
It is imperative that the framework for a global solution, at the least, should
be proposed to deal with the threat of cyber warfare. Only a synergetic global
network and a modicum of transparency are likely to curtail any possible
government, individual or third-party infringements.
Overview of the rise and role of cyber warfare
Since the advent of information and communications technology in the late 20th
century, major public as well as private services have been relocated online,
including commerce, research and development, communications, power and fuel
grids, and transportation. This relocation to the realm of cyberspace has made
these services more susceptible to disruption, with the advent of cyber warfare.
Cyber warfare is, in its essence, information warfare, although by no means does
it encompass all the different forms of it. Cyber warfare can present itself in
the shape of a military offensive, cyber terrorism, industrial espionage,
ransomware, hacktivism or whistle blowing, and even general individual offenses
and hacking. Cyber warfare is incredibly dangerous simply because the number of
potential victims never decreases, as long as Internet usage increases. Everyone
is at risk, especially if they are privy to sensitive or protected information,
which could hand suitors a substantial advantage.
Rather surprisingly, despite the looming peril, the UN, along with most affected
countries, has not engaged in active discussions or proposed any possible
solutions or treaties, other than to sparsely elaborate on security in
telecommunications. The only attempt to address the issue has been by the NATO,
with the formation of the NATO Cooperative Cyber Defence Centre of Excellence
(NATO CCD COE) in 2008 to conduct research and training on cyber security. The
underlying reasons for this inactivity, and the base of the issue, is the
inability to implicate an entity so far.
Motivations behind cyber warfare
Cyber warfare fundamentally operates on the same principles as classical
warfare. It involves overwhelming the attacked party to gain control of the
victim's resources for a financial, military, social or political advantage. The
front for war has simply been shifted to cyberspace, and the fighting is now
more symbolic than material. Hackers are now looking to gain unauthorized access
to sensitive organizations or systems to hand either the third-party
organization or government they are employed under a vital advantage. China and
Russia are amongst a few countries to have purportedly conducted cyber attacks
for corporate espionage and political purposes in the last 3 decades.
Similarly, it can also be used to bring harm. Cyber terrorism is the next
suspected threat, especially with the relocation of communications,
transportation and power grids online. If exposed or hacked, millions of people
who depend on such systems could be at risk, and mass hysteria and panic could
ensue. However, some groups looking to broadcast their political or social views
may only take to the platform the Internet provides. Groups such as Anonymous
and Lulzsec have perpetrated a flood of cyber attacks on civilian and corporate
infrastructure since their formations in 2004 and 2011 respectively.
Problems with tackling cyber warfare
Cyber attacks are, by design, difficult to trace and uncover, since they are
designed for privately disrupting or stealing from systems. Hackers use a
variety of method to distort their IP address, which can usually be used to
track the location of the attack. The use of or a combination of botnets, data
encryption or using the IP address of another machine are just some of the ways
in which attacks can be masked. In addition, hacktivist groups such as Anonymous
use hackers from all over the world to further their cause, thus making it quite
implausible to implicate one entity for a campaign at this current time. The
software used by hackers is similarly advanced.
Computer viruses can be spread by opening infected files on an attached email,
or downloading an infected file from the internet, and after they propagate
themselves in the machine, they are usually difficult to locate and eradicate.
Viruses such as Zeus in 2009 (theft of financial information) and Flame
(reconnaissance) in 2012 were highly sophisticated viruses, far ahead of their
time, and comprised thousands of systems before discovery.
Antivirus software also do not successfully eradicate all possible viruses. The
effectiveness of antivirus software has been declining in recent years, as
malware grows more widespread. Malware developed earlier was easy to detect, as
its destructive aftereffects were evident, but more recent viruses are highly
advanced, and often developed by criminal organizations or entire governments,
thus evolving into untraceable, dangerous programs. Additionally, internal
issues plague antivirus software, including false positives, detection issues
and damaged files.
Major Countries and Organizations Involved
North Atlantic Treaty Organization (NATO)
NATO countries have been subject to countless cyber attacks in previous decades.
As an intergovernmental military alliance, they take any threats to member
states very seriously, well documented by the establishment of the Cooperative
Cyber Defence Centre of Excellence (CCD COE) in 2008 in Tallinn, Estonia in the
wake of the disastrous cyber attacks in Estonia in 2007. As an organization
encompassing some of the most developed countries in the world, NATO takes the
threat of cyber warfare very seriously, and is trying to integrate cyber defence
systems into all NATO networks. The organization plays a key role in this issue
since it is the only organization actively planning and developing methods to
tackle cyber warfare, along with annual summit meets to discuss solutions and
plans of action.
International Telecommunication Union (ITU)
The ITU is a member of the United Nations Development Group (UNDP), a group
which aims to give direction to the quality and impact of UN support at the
country level. The ITU is tasked with spreading ICT in an affordable and
equitable route to every member state, and hence is the only telecommunications
organization with outreach to almost every country on the planet, in addition to
700 sector members and associates. The ITU plays a major role since it is the
biggest link to the UN in this issue; thus any solutions will be run through the
ITU before they are implemented.
United States of America (USA)
At the forefront of tackling cyber warfare due to their position as a global
superpower, the United States has received more than its fair share of cyber
attacks, including the largest state-sponsored cyber attack in Titan Rain in
2003-06. In 2013, they considered cyber warfare a larger cause of concern than
extremist groups, thus highlighting that they are ready to address it as a
serious threat. In addition to establishing the United States Cyber Command (USCYBERCOM)
to tackle cyber warfare, the National Security Agency (NSA) also actively deals
with similar threats. Home to large antivirus developers and some of the most
technologically secure and advanced corporations in the world, the USA is at the
forefront of the cyber war, and is the most devoted to finding a solution.
Estonia has suffered the second-largest state-sponsored cyber attack in history
in 2007, when Russia allegedly launched a mass DoS attack on numerous Estonian
systems. As such, the cyber attack was what brought cyber warfare international
coverage and attention. Years on, the Estonian cyber security system is
considered the optimal model to implement for defence against cyber attacks
today. Home to the CCD COE and a myriad of other cyber security projects,
Estonia is the leader in implementing stratagems against cyber attacks.
People's Republic of China (PRC)
In recent years, China has become infamous for numerous alleged offenses
regarding cyber warfare and online censorship. Perpetrators of some of the
largest cyber attacks in history, such as the alleged involvement in Titan Rain
in the USA, Operation Aurora in China itself (against Google, Yahoo, and more
than 20 other corporations), and most recently, corporate espionage in the USA,
China is perceived as a threat not only because of the vast numbers of cyber
attacks originating from the country, but also because it is seeking to achieve
the status of a ‘superpower' in a possible fight for supremacy with the USA.
This makes it a major entity and perhaps one of the initial locations for
implementation of a solution.
Russia has moved its fight to cyberspace. Russia is home to countless
allegations of cyber attacks, subterfuge and corporate espionage, including: one
of the most advanced cyber attacks of all time in Estonia in 2007, attacks
during the South Ossetia War in 2008 and now in Ukraine in 2014, making it
another major entity in the fight against cyber warfare. However, other than
allegations, there is no real evidence of Russia being involved in cyber warfare
Written by: Sayed Qudrat Hashimy
- Developments in the field of information and telecommunications in the
context of international security, 4 January 1999 , December 2011
- International Law Student
E-mail : [email protected]
, Phone no. +91-9008813333