Connect with us

Technology

A new cyber arms race

Alexandra Goman

Published

on

Not long time ago cyber threats were not even on agenda in security, let along national security landscape. Now, the situation is different. Now, everyone recognizes the risks of hyper-connected world: from an individual in front of the computer to a high-level officer, operating a nuclear facility. As new tools are being developed, cyber-security occupies an important niche in decision-making and planning.   As more and more people are securing their laptops, tablets, phones; the military started doing that too.

Just six years ago the US Defence Secretary warned[1] about a possible Cyber Pearl Harbour. Cyber Pearl Harbour is a strategic surprise attack which could potentially incapacitate computational and communication capabilities, leading to a devastating impact on the country (Goldman and Arquilla, 2014, p. 13). This notion is usually fuelled by ongoing media reports that countries are in active pursuit of offensive cyber capabilities which could jeopardize any sector, penetrate any system and cause major disruptions. Regardless of the accuracy of these reports, every country understands that these cyber insecurities can be and, probably, will be exploited by an enemy. That is why many states are now allocating enormous amount of resources to develop defensive cyber means along with the offensive capabilities.

The number of cyberattacks is increasing. One can argue about its future potential targets, but it is clear that we should assume that cyberattacks will become only more sophisticated and, possibly, more deadly in the future. That is why vulnerabilities should be addressed, and the nations should be prepared to the cyber challenge.

Along the most well-known cyberattacks happened in Estonia (2007), Syria (impacted air defence systems 2007), Georgia (2008), Iran (Stuxnet 2009-10), The Saudi Arabia (Aramco 2012), Ukraine (2014), U.S. (electoral campaign 2016). Additionally, the world was quite agitated about WannaCry and Petya attacks in 2017. All in all, most of the recent attacks targeted commercial sectors, showing that there might be a constraining norm in regards to military sector and critical infrastructures.

 This consequently might indicate that states might be pursuing more sophisticated technologies in order to target more sophisticated systems. It might as well suggest a possibility of on-going cyber arms races between the countries. However, there are clear limitations of cyber warfare, as no physical damage occurred and no people were killed. Even the damage inflicted on critical infrastructures was limited and failed to cause major consequences. However, financial losses as a result of cyberattacks can be rather substantial and might have a great impact on economically weaker states.

Based on the scale of current attacks, we can only assume that the technology will spread and get more sophisticated with the time. As Mazanec has outlined, cyber warfare capabilities will play a role in future military conflicts, as they are being integrated into military and state doctrines (2015, pp. 80-83). However, despite cyber challenges to national security, it does not necessarily reflect that deterrence methods and tactics will be applicable to cyberspace.

This technology is quite cheap, requires less resources and personnel, and therefore allows less economically advanced countries developing cyber. As a result, there is a clear asymmetry with weaker states competing with the world powers. Consequently, the threat is multiplied internationally.   So the states are now in an unprecedented situation, because of the high level of uncertainty that cyberspace poses. This compels the states to adapt to the fast changing environment in international relations.

According to the report of McAfee[2], a global security technology company, 57% believe that cyber arms race is taking place now. The top officials in the West are convinced too.  For example, NATO secretary general Stoltenberg said[3] that cyber would become integral to any military conflict. Following this, NATO Defence Ministers have agreed[4] that cyber will be a part of military planning and operations. It is clear that the West is fully aware of cyber developments and eager to use it in its actions.

Similarly, the Chinese Military Strategy of 2015 has also admitted that cyberspace will take a place in strategic competition among all parties. The Indian Army is also not falling behind and strengthening its cyber arsenal. General Rawat has recently said[5] that India is now more concerned about developing these cyber capabilities than fighting on the border.  The chain-reaction follows as in the case of the Cold War in pursuing the technologies and keeping up-to-date with the others states.

In this situation a leader faces similar challenges as in proliferation of any other military technology. There are four possible scenarios that make it difficult to calculate probabilities (According to Goldman and Arquilla, 2014):

1)    We develop a cyber capability[6] – They develop a cyber capability;

This is a frequent scenario and occurs when both countries have technological capability to develop cyber means.

2)    We develop a cyber capability – They don’t develop a cyber capability;

There are certain problems in verifying if a country really lacks a capability to pursue cyber weapons. However, this case gives obvious advantage and leverage to a state that develops cyber capability.

3)    We don’t develop a cyber capability – They develop a cyber capability;

From a political and strategic point of view, it puts a state into a disadvantageous position, therefore, making it undesired.

4)    We don’t develop a cyber capability – They don’t develop a cyber capability;

It is more desirable; however, no direct experience exists. Usually if there is a possibility that a technology can be developed, it will be developed at least by some state.

Interestingly enough, there is not much concrete information available in regards to these developments, whether it is amount of arsenal, types of cyber capability, or just simple information on the notions. Information which is accessible is usually written by the Western authors (it is particularly covered by US officials/military and academia) or can be found in government’s documents. NATO common strategy, perhaps, contributes towards it. On a broader scale, cyber is treated as a state secret and specific information is classified. There is much information which is not available (for example, development of cyber weapons, its employment, reasons for its employment, legality of the use of cyber weapons etc.). In some countries, there is nothing to find at all.

The good example is cyber capabilities of Russia. There is no available information: no official statements, no official policy, no academic articles published, it goes to the extent that even media is not engaged in these issues. Alexei Arbatov (2018), an internationally recognized scholar on global security, has recently confirmed that even academic debate in Russia does not officially exist, only at the university level or informal. Notwithstanding, the Military Doctrine of the Russian Federation recognizes[7] the fact that military threats and dangers are now shifting towards cyberspace (“informatsionnoe prostranstvo”).

Similarly to Russia, China also maintains secrecy concerning its developments in the military. According to the report of the Institute for Security Technology Studies (2004), available sources insist that Beijing is pursuing cyber warfare programs, but classified nature of specifics aggravates assessments.

 This secrecy around cyber resembles the secrecy surrounding nuclear developments. All of this information was classified too, yet the principles of nuclear governance have managed to emerge even in the tight environment of the Cold War. Similar situation arose in regards to the use of drones. All the initial strikes of drones were classified, and only with time the debate started to evolve. At the moment it is quite vigorous.

As for cyber, it will certainly take time to talk freely about cyber capabilities and warfare. It will be different in different countries, but in the end the debate will open up as well as new technologies will come and cyber would have become a history.

References

Arbatov, A. (2018). Stability in a state of flux. Opinion presented at the 31st ISODARCO Winter Course – The Evolving Nuclear Order: New Technology and Nuclear Risk, 7-14 January 2018, Andalo.

Billo, Ch. and Chang, W. (2004). Cyber Warfare, an Analysis of the Means and Motivations of selected Nation States. Institute for Security Technology Studies, [online] Available at http://www.ists.dartmouth.edu/docs/cyberwarfare.pdf [Accessed on 27.12.2017].

Goldman, E. and Arquilla, J., ed. (2014). Cyber Analogies. Monterey: Progressive Management.

Mazanek, B. (2015). Why International Order is not Inevitable. Strategic Studies Quarterly, 9 (2), pp. 78-98. [online] Available at: http://www.airuniversity.af.mil/Portals/10/SSQ/documents/Volume-09_Issue-2/mazanec.pdf [Accessed on 28.01.2018].

[1] U.S. Department of Defense (2012). Remarks by Secretary Panetta on Cybersecurity to the Business Executives for National Security, New York City, [online] Available at: http://archive.defense.gov/transcripts/transcript.aspx?transcriptid=5136 [Accessed on 22.01.2018].

[2] McAfee (2012). Cyber Defense Report. [online] Available at: https://www.mcafee.com/uk/about/news/2012/q1/20120130-02.aspx [Accessed on 22.01.2018].

[3] Hawser, A. (2017). NATO to Use Cyber Effects in Defensive Operations. Defense Procurement International, [online] Available at: https://www.defenceprocurementinternational.com/features/air/nato-and-cyber-weapons [Accessed on 22.01.2018].

[4] NATO (2017). NATO Defense Ministers agree to adopt command structure, boost Afghanistan troops levels. [online] Available at: https://www.nato.int/cps/ic/natohq/news_148722.htm?selectedLocale=en [Accessed on 22.01.2018].

[5] Gurung, Sh. (2018). Army stepping up cyber security. The Economic Times, [online] Available at: https://economictimes.indiatimes.com/news/defence/army-stepping-up-cyber-security/articleshow/62482582.cms [Accessed on 23.01.2018].

[6] Here it means both offensive and defensive capabilities (Author’s note).

[7] The Military Doctrine of the Russian Federation (edited in 2014). Moscow: p. 4. [online] Available at: http://www.mid.ru/documents/10180/822714/41d527556bec8deb3530.pdf/d899528d-4f07-4145-b565-1f9ac290906c [Accessed on 23.01.2018].

Use your ← → (arrow) keys to browse

Specialist in global security and nuclear disarmament. Excited about international relations, curious about cognitive, psycho- & neuro-linguistics. A complete traveller.

Continue Reading
Comments

Opinion

On the issue of cyber security of critical infrastructures

Alexandra Goman

Published

on

There is a lot of talk in regards to cyberattacks nowadays. A regular user worries about its data and tries to secure by all means necessary. Yet, no one really thinks whether the power plants or nuclear facilities are well secured. Everyone assumes that they should be secured.

The reality, however, differs. According to many reports of cyber security companies, there is an increased risk of cyberattacks, targeting SCADA and ICS. Supervisory Control and Data Acquisition (SCADA) is used for the systems that control physical equipment – power plants, oil and gas pipelines, they can also control or monitor processes such as heating or energy consumption. Along with Industrial Control Systems (ICS) they control critical elements of industrial automation processes. Exploiting vulnerabilities of critical infrastructures can lead to the consequences of unimaginable scale. (These types of attacks are actually used in a cyberwar scenarios and hypothetical military settings).

Source: Fortinet, 2015

There are many reasons why these systems are vulnerable for attacks. First of all, the main problem is that these systems have an old design; they were built before they were connected to any networks. They were later configured to connect via Ethernet, and that’s when they became a part of a larger infrastructure. The more advanced SCADA system is becoming, the more vulnerabilities are these to exploit. The updates should be regular and on time. Secondly, there is a lack of monitoring. New devices that are connected allow remote monitoring, but not all devices have the same reporting capabilities. There are also authentication issues (weak passwords, authentication process), however, this is supposed to restrict unauthorized access (See Common SCADA Threats and Vulnerabilities at Patriot Technologies, Inc. Online).

In these scenarios, there is no certainty to know what is going to backfire because of the complexity of communications and power networks. This is also called a cascading effect of attacks. Not knowing who is connected to who may cause major disruptions. The example of the US East Coast power blackout in 2003 proves this point (a failure in one element of the grid spreads across other electrical networks). However, given this, it is also complicated for an attacker to predict consequences, if an attack executed. This kind of attack can easily escalate into more serious conflict, so it might not be the best option for states to employ such methods.

Moreover, there is a risk to damage a critical infrastructure unintentionally. That is if a virus or worm did not intend to target SCADA but happen to spread there as well. The uncontrollability of the code may seriously impair the desire to use it, especially when it comes to nation-states. For instance, in 2003 a worm penetrated a private network of the US Davis-Besse Nuclear Power Station and disabled a safety monitoring system for 5 hours. In 2009, French fighter jets could not take off because they were infected with a virus.

Indeed, a scenario where an attacker gains access to a SCADA system and manipulates with the system, causing disruptions on a large-scale, might be hypothetical but it does not make it less possible in the future. However, the only known case so far, which affected an industrial control centre, is Stuxnet. It did not result in many deaths, yet it drew attention of the experts on the plausibility of future more sophisticated attacks. These potential upcoming attacks might cause the level of destruction, comparable to that of a conventional attack, therefore resulting in war.

Further reading:

Bradbury, D. (2012). SCADA: a Critical Vulnerability. Computer Fraud & Security, 4, p. 11-14.

Prev postNext post
Use your ← → (arrow) keys to browse

Continue Reading

Technology

Cyber impact on global security landscape

Alexandra Goman

Published

on

Computer and information development has brought us a new brand virtual world. Social networks where people share their personal details; online banking where they manage their financial activities, and many other things. Everything from personal identity and wealth, intellectual property to national security secrets have been placed in virtual domain. Many things already reside in and/or depend upon cyberspace; many more will soon join the virtual space. So it is not surprising that the information age is transforming global security landscape.

According to Kaspersky Lab, a multinational cyber security and anti-virus provider, these are boom times for cyber threats, cyberattacks and cybercrime (2015). Another leading cyber security company Symantec says that recent years have revealed unprecedented levels of ambitions among cyber perpetrators. 2016 alone has been marked by extraordinary multi-million dollar virtual heists, cyber attempts to affect the US electoral process, and some of the biggest distributed denial of service attacks (Symantec, 2017). While the disruptions caused by such cyber activities are enormous, attackers use rather simple tools and tactics, giving an asymmetric advantage to weaker actors.

At the same time digital technologies are now being incorporated into military planning and operations. Modern nuclear and conventional weapons systems are more complex than they are used to be. They rely and depend on digital technologies and information systems for launching, targeting, command and control, including technologies that govern safety and security. It is clear that future military conflicts will all include a digital aspect and cyber technologies.

Moreover, a malware Stuxnet, which affected an Iranian nuclear facility and was discovered in 2010, crossed the line between cyber and physical domain, showing that it was possible to use a code to damage a critical infrastructure.  Before it, a general debate on how a critical infrastructure can be targeted and damaged through the information system has only been theoretical.  After Stuxnet it was evident that cyberspace could be exploited and used to launch cyberattacks in order to cause physical damage.

The highly sophisticated piece of technology is one of the first uses of cyber offensive technology (or a cyber weapon) in history. Believed to be sponsored by a state, the malware introduced a new page in international security and showed that these capabilities can be developed and used against an opponent. It did not cause disruption (as any other cyberattack before it), it caused actual physical damage. Nonetheless, it is still unattributed and believed to be a part of highly-covert operation which has not been officially confirmed. There is no verified information available, everything is classified and the most of the sources are newspapers, claiming that the operation targeted Iran’s nuclear facilities and it was meant to slow down the Iran’s nuclear program.

Stuxnet resembles a similar dramatic change in warfare and reflects similar impact on international affairs after 1945 (the introduction of nuclear weapons, its first use in Hiroshima and the consequences in politics). Similarly to nuclear era, we are now in a new age, which is bound to be transformed. In order to be prepared for this change, these issues are to be addressed.

As General Michael V. Hayden, former Director of the NSA and of the CIA, highlighted, “Rarely has something been so important and so talked about with less clarity and less apparent understanding than this phenomenon” (2011, p. 3).

The first exploration into cyber warfare started in the 90s with the writings of Arquilla and Ronfeldt. In the beginning they were rather hypothetical assumptions, only discussed within a limited group of experts. 9/11 changed this perception, introducing a new view on the very definition of threat. After 2001 it became clear that cyber threats are to be addressed and taken into account seriously. The discovery of Stuxnet in 2010 only proved that point.

Generally, information about cyber technology is classified and that is why limits the research. Even though everyone knows that there is an arms race in acquiring and developing cyber technology, no one really knows anything for sure. Only the Western writings shed some light on what is going on in the field. Most of current writings in this field are done and elaborated by the Western researchers and military. Due to the transparency requirements, there are many NATO and national documents (redacted and/or edited for public use) that address these issues and communicate the main strategies in cyberspace.  However, there is much less academic research on it. Some countries, like Russia, stay completely secretive about the issue with absolutely no information online, neither state nor public.

Considering that cyber technology has low entry costs and high chances for success, it is a powerful tool for states and non-state actors to prove their capabilities and show their authority. The development and pursuit of cyber capabilities, therefore, pose new risks for escalation; invite new threats and tensions that may cause new conflicts. These conflicts could destabilize international stability and jeopardize nuclear deterrence. Moreover, constant cyber threats in military installations, particularly those associated with nuclear, undermine constitutional confidence, generate new risks, and pose new challenges for deterrence theory.

Naturally, cyber issues have now become a main agenda for politicians and policy-makers. Building resilience, strengthening cyber defense and deterring such attacks occupy all minds in international relations. Yet, due to the high secrecy around cyber issues and general media hype over them, there are still many misconceptions and misunderstanding about cyberspace and cyber capabilities, especially when it comes military setting.

References

Kaspersky Lab. (2015). Top Cyber Security Threats to Watch Out For. [online] Available at: https://www.kaspersky.com/resource-center/threats/top-7-cyberthreats [Accessed on 22.02.2018].

Symantec. (2017). Internet Security Threat Report. [online] Available at: https://www.symantec.com/content/dam/symantec/docs/reports/istr-22-2017-en.pdf [Accessed on 22.02.2018].

Hayden, M. (2011). The Future of Things Cyber. Strategic Studies Quarterly, 5(1), pp. 3-7.

Use your ← → (arrow) keys to browse

Continue Reading

Technology

Technological change and new challenges in war

Alexandra Goman

Published

on

The notion of war has been changing for a long time due to technological advances. This subsequently has caused new arms races. Since the first military revolution in infantry and artillery during the Hundred Years’ War, many things have been indeed reshaped. New technologies consistently redefined the way wars are conducted and altered the notion of risk (both for combatants and civilians).

For a long time land and sea were the main domains for a war. As the technology further developed and a flight capability was introduced, air has become a new domain.  That posed new risks and challenges that one could not overlook. To keep balancing on the battlefield one needed to adjust accordingly and develop its own air capability. Having only land troops and naval ships were suddenly not enough to prevail in these new circumstances. The military planning and strategy changed with it, shifting from the trench warfare during the World War I to a blitzkrieg and air raids during the World War II.

In the middle of 20th century nuclear weapons were invented which greatly impacted the warfare and the balance of international relations. The bombings of Hiroshima and Nagasaki showed more than just a massive destructive power that could obliterate millions in a blink of the eye. Years later demonstrated a real impact of a nuclear bomb and its long-lasting consequences as well as how poorly prepared were the infrastructures for a nuclear attack.

The advent of internet and its rapid development brought another military revolution, introducing computer-assisted battlefield and precision-guided munitions (PGM). More sophisticated weapons like missiles increased the distance between enemies, hence changing the risks involved and recalculating political strategy and tactics. Increased dependency on information technology resulted in new threats and opened new vulnerabilities of national security (Ohlin, Govern and Finkelstein, 2015, x-xiii).

Meanwhile, the amount of cyber threats and vulnerabilities are rapidly increasing. At the moment there are several tendencies for cyberattacks. First, it takes less time to launch a cyberattack as its speed of transmission is very high. Second, such attacks are becoming more frequent and have more serious impact on systems. Third, there are now different types of actors, capable of launching a cyberattack.

Estonia was the first to experience the effects of growing technological dependency in the history. In 2007 its government infrastructure, financial sector and media were targeted and attacked entirely in cyberspace[1]. The country proved to be highly vulnerable and unable to give a timely response, yet after these attacks Estonia started a public discussion on the issues of cyber defense in security and pushed other countries to take these issues into consideration. In a way, it was a stimulus to raise awareness on increased vulnerabilities and cyber threats (See also Aaviksoo, 2010).

This new space has clearly its threats as any other physical domain. As online interconnectivity increases, cyber threats are increasing with them. All digital technologies that receive, transmit, and manage digital data can be potentially interfered through a cyberattack (Lewis and Unal, 2017). Cyber security expert Rod Beckstrom, who is a former Chief Executive Officer of ICANN, said[2]: “Everything networked can be hacked. Everything is being networked, so everything is vulnerable”.

That was further proven by the Black Hat Briefings, the biggest computer security conferences in the world. These vulnerabilities can be easily exploited. Cyberattacks vary from data theft and financial fraud to data manipulation and manipulation of machine instructions. Furthermore, they can interfere with enemy sensors, communications, command-control systems, and weapon systems. In this sense, defending electronic infrastructure grows consistently as our dependence on information system grows.

Similarly to the development of nuclear weapons back to the 20th century, it is well-known that many countries are currently developing cyber capabilities and boosting research and investment in this area. This means that the arms race in cyberspace has already started. In 2007 there were 120 countries, already developed ways to use the internet to target different sectors (Ohlin, Govern, and Finkelstein, 2015, xii).

As much as the debate in regards to offensive cyber capacities is increasing its pace, two distinct patters are emerged in the way it is discussed. Some say that cyber can lower the threshold in war; others worry about its use in taking down critical infrastructures.

In the first optimistic case, military and states regard these capabilities capable of occupying a new niche in diplomatic tools. In 2014 Eric Rosenbach, an Assistant Secretary of Defense for Homeland Defense and Global Security at that time, has indeed referred[3] cyber operations as helpful in reaching national goals.  Specifically, he mentioned “the space between” diplomacy, economic sanctions and military action, meaning using cyber space to accomplish national interest. Cyberattacks can be used as an addition to military strikes or can become an alternative to direct kinetic confrontation, complimenting other tools used in politics. Thus, they can further lower the threshold of the use of force in a war.

In other case, however, it can possess as much destructive power as nuclear weapons, for example if it is targeted on power grids or critical infrastructures. Increased connectivity from consumer goods to critical infrastructure control systems poses great risks and vulnerabilities across the world (Weber, 2010). These vulnerabilities can be used as leverage or they can be used exploited instead of launching a missile, following a similar ultimate goal of taking down an adversary.

Traditionally, national and international security has been seen through a physical lens. Normally there is always a state that secures its land borders, sea boundaries, and protects airspace. In contrast, there is no equivalent to city police or a state army that protects its citizens in cyberspace. As professor of National Security Affairs Reveron summarizes[4], unlike other domains, the government does not have a natural role in cyberspace to promote security. In its turn cyber challenges the traditional framework of security.

Today people willingly share, transmit or store all sort of data through the internet. It is not surprising that a new strategy evolves by planting software into an electronic device to manipulate this data. For instance, by manipulating e-mails of nuclear power plant employees it is possible to acquire sensitive information and use it as a leverage tool. This shift in the notion of warfare merged military and corporate espionage functions. Militarization of cyberspace subsequently blurred legal and moral definitions of privacy rights. In the 21st century any individual may be targeted in the virtual world, depending on the information niche s/he is occupying. In result, the line between military and civil sectors is fading away.

All in all, cyber capabilities have indeed brought a new technological change and now re-shifting security, definitions and rules of war. International law, at the same time, has been slow in adjusting to a new evolving order and establishing an appropriate legal regime for cyberattacks.  Moreover, this technological advance has coined a new term for the notion of war – a cyberwar. Ohlin, Govern, and Finkelstein suggest that this change brings not only new weapons to be employed, but transforms the entire notion of war (2015, xiii).

References

Lewis, P. and Unal, B. (2017). Cyber Threats and Nuclear Weapons System. In: Borrie, J., Caughley, T., and Wan, W., (Eds.), Understanding Nuclear Weapons Risks, 1st ed. Geneva: UNIDIR, pp.  61-72.

Ohlin, J.D., Govern, K. and Finkelstein, C., eds. (2015). Cyberwar Law and Ethics for Virtual Conlicts. New York: Oxford University Press.

Sulek, D. and Moran, N. (2009).What Analogies Can Tell Us About the Future of Cybersecurity. Cryptology and Information Security Series, 3, pp. 118-131.

Weber, R. (2010). Internet of Things: New Security and Privacy Challenges. Computer Law & Security Review, 26 (1), pp. 23-30.

[1] Davis, J. (2007). Hackers Take Down the Most Wired Country in Europe. Wired, [online] Available at: https://www.wired.com/2007/08/ff-estonia/ Accessed on [19.12.2017].

[2] Flanagan, B. (2016). Hacked Asteroids Destroying Earth and Other Cybergeddon Scenarios. Knowledge Hub, [online] Available at: https://www.worldgovernmentsummit.org/knowledge-hub/hacked-asteroids-destroying-earth-and-other-cybergeddon-scenarios [Accessed 20.12.2017].

[3] Cyber Leaders: A Discussion with the Honorable Eric Rosenbach. (2014). Centre for Strategic & International Studies,

Available at: https://www.csis.org/events/cyber-leaders-discussion-honorable-eric-rosenbach [Accessed on 20.12.2017].

[4] Reveron, D. (2017). How Cyberspace is Transforming International Security. Faculty insight at Harvard Extension School, [online] Available at: https://www.extension.harvard.edu/inside-extension/how-cyberspace-transforming-international-security [Accessed 28/12/2017].

Use your ← → (arrow) keys to browse

Continue Reading

Trending