Cyberwarfare refers to the politically motivated hacking into classified accounts, personal accounts or websites with an aim to conduct sabotage and espionage. It can be described as information warfare. Companies have established website that store classified information about their plans, motivation, files and marketing strategies among other information. In the face of stiff competitions, the competitors may require this information from the rivalry companies for purposes of strategizing. To obtain the data, they may result to cyber war.
Methods of attack
Cyber warfare occurs in various methods. These can be classified as cyber espionage and cyber-attacks. Cyber-attacks are listed as one of the top security threats in the United States of America.
Espionages
Cyber espionage involves the activities involving obtaining of data that has been classified from either individuals, competitors, groups, rivals, government, military, political groups, etc. it also involves the use of economic advantage using methods like internet, software, networks and computers. Any information that is classified and handled carelessly can be intercepted and modified. There are differing opinions as to whether commercial espionage in the United States of America can be categorized as criminal activities or pose a threat to national security.
Sabotages
The use of computers and satellites can lead to disruption of the equipments. Data been transited via the satellites can be intercepted and maliciously replaced. Communications, power, water and fuel lines can be vulnerable to disruption. The power grid, the stock markets and the stock markets have been reported to be vulnerable (Clarke).
Electrical power grid
It has been reported that the federal governments of the United States of America acknowledges the vulnerability of the power grid. It has admitted that the power grid can be used for cyber warfare. The North American Electricity Reliability Corporation has warned the public that the power grid is not adequately protected(NERC public notice)
Examples of cyber warfare softwares
According to BullGuard Security Centre, malware sophistication has reached an all-time high with attacks been able to be localized. This means that a certain malware can be used towards a specific company or country. Consider, for example, the following; Stuxnet that was discovered in 2010 has been used to sabotage Iran’s nuclear weapon program. The initial plan was to target particular computers in specified regions, but the code replicated and wildly and spread the entire world. The coding that is over 50 times bigger than normal malware was the first to be developed to spy and subvert industrial system. It made it very much possible to attach and gather as much information as possible without the owner knowing.
In September 2011, Dugu was developed. The worm could spread in the form or a normal word document through e-mail. Variants have been discovered since then. It has been found in countries like Iran. It captures keystrokes and steals information. It has been claimed to be associated with the Stuxnet since they have similarities in coding. This worm can be very dangerous due to its easiness of spread from one computer to the other.
In May 2012, the Flame that is a bigger and more sophisticated malware than stuxnets was discovered in windows computers belonging to the governments, institutions of education as well in private computers for individuals in Iran, Saudi Arabia, Lebanon, Syria and Egypt. This malware can attach itself and spread through USB sticks or spread across a local network. It can as well replicate itself in audio files, keyboard activities, Skype conversations and any other internet traffic. It however does not damage the computers and hence it is considered as espionage.
In July 2012, Gauss was found ravaging windows computers mainly in countries found in the Middle East. It showed similar characteristic between to flame. It is thus considered as a cyber-espionage tool. The main activity for Gauss is to steal cookies, browser history and online credentials for login in into banks and other payment accounts. In the social network, it is used to stealing of social network connections and email accounts.
In August 2012, another cyber weapon was discovered named Shamoon. It is not a state sponsored cyber weapon, but it is used by hacktivists to protest the tyranny and oppression found in the Middle East. It was targeting mainly the energy sector. It has the capability to wipe out data and spread across computers in a network even to those that are not connected to the internet.
There are several motivations behind cyber warfare activities. This varies from one country to another. The main ones include military motivated cyber warfare. This is mainly experienced in the United Sates of America. Keith B. alexander states that the computer warfare has evolved rapidly without matching technical capabilities to counter the activities. There are those motivated by terrorism activities. They find weaknesses in government organization and/or information and target certain when vulnerability is highest. This can be said to be cyber terrorism.
The private sector has had its share of cyber terrorism. Industrial espionage has become one of the most occurring cyber warfare. The motivation behind this is economic gain by stealing crucial data from the competing industries and companies. Most of these attacks are not reported and hence tend to be underestimated.
Examples of cases of cyber warfare
China has been reported to be attacking USA. An article by Jason Fritz, published in Culture Mandala (2008) the Bulletin of the Centre for East-West Culture and Economy Studies claimed that Chinese has been involved in numerous high profile espionage activities since 1995 to 2005. They used business people, devolved student networks, engineers, scientists, diplomats as well as scientists from within the Chinese diaspora population. China has also been claimed to be responsible for a series of cyber-attacks in various countries like Russia, Canada, and France among others.
In Germany, the country hired a 60 person’s network operation unit that was aimed and protecting the country’s networks from cyber-attacks. It also hired up to 130 hackers in the year 2013. This is after the government noted up to 5 attacks from china that targeted telecommunication companies, arms manufacturers and the government military agencies. This made the country increase the budget to 100 million Euros and consequently increased data surveillance from 5 % to the maximum 20 % as per the German laws.
The United States of America is one of the most targeted states by cyber warfare groups and individuals. Cyberwarfare has since become one of the United States military strategy employing proactive cyber defense and the use of cyber warfare as a platform for attack (American Forces Press Service). America used cyber warfare tactics to attack the Iran’s nuclear enrichment processes. Although the United Nations had found no weapons of mass destruction, the information gathered was very crucial and that lead to the USA/UK preventive war against Iraq.
Coping mechanisms
There are several different methods that can be employed to prevent cyber warfare. The United States employs cyber counterintelligence to identify and penetrate and or neutralize foreign operations that use the cyber as means of primary attack platforms. The USA inn 2009 had spent up to $ 100 million for six months to repair damages caused by cyber-attacks. In April 2009, the United States legislating bodies pushed for an establishment of white house cyber security (Czar) to improve the defense against cyber-attacks.
The Shanghai Cooperation Organization whose membership included china and Russia Suggested in 2011 to the United Nations the creation of international code of conduct in a document titled “International code of conduct for information security”. The suggestion was endorsed by the western countries. It included political censorship of the internet.
Companies have been forced to establish information and communication departments whose mandate is to man the information flow from outside and within the companies. These IT specialists are also mandated in the management of data security in the company so as to reduce the vulnerability of the data. There are several other mechanisms used to cope with cyber-attacks. These include the use of firewalls to limit access from outside. There are millions of antivirus’s software’s developed since the advent of computers that can be used to reduce the viral attacks. Companies have invested in these software and keep updating them to reduce the chances of cyber-attack.
Work cited
http://www.bullguard.com/bullguard-security-center/internet-security/internet-threats/cyberwarfare-and-hacktivism-vs-internet-security.aspx
Google Attack Is Tip Of Iceberg", McAfee Security Insights, 13 January 2010 retrieved, 5th March 2014.
"2013 Aspen Institute Security Forum". "Clear and Present Danger" Transcript of interview with GEN Keith Alexander, NSA director. Archived from the original on 2013-07-17. Retrieved 5th March 2014.
Clarke: More defense needed in cyberspace" HometownAnnapolis.com, 24 September 2010
NERC Public Notice. (PDF) . Retrieved 5th March 2014. .
Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies, Vol. 8, Iss. 1 [October 2008], Art. 2. pp.37 (2008). Retrieved March 2014
American Forces Press Service: Lynn Explains U.S. Cybersecurity Strategy. Defense.gov. Retrieved 5th March 2014.
