Connect with us

Technology

Technological change and new challenges in war

Alexandra Goman

Published

on

The notion of war has been changing for a long time due to technological advances. This subsequently has caused new arms races. Since the first military revolution in infantry and artillery during the Hundred Years’ War, many things have been indeed reshaped. New technologies consistently redefined the way wars are conducted and altered the notion of risk (both for combatants and civilians).

For a long time land and sea were the main domains for a war. As the technology further developed and a flight capability was introduced, air has become a new domain.  That posed new risks and challenges that one could not overlook. To keep balancing on the battlefield one needed to adjust accordingly and develop its own air capability. Having only land troops and naval ships were suddenly not enough to prevail in these new circumstances. The military planning and strategy changed with it, shifting from the trench warfare during the World War I to a blitzkrieg and air raids during the World War II.

In the middle of 20th century nuclear weapons were invented which greatly impacted the warfare and the balance of international relations. The bombings of Hiroshima and Nagasaki showed more than just a massive destructive power that could obliterate millions in a blink of the eye. Years later demonstrated a real impact of a nuclear bomb and its long-lasting consequences as well as how poorly prepared were the infrastructures for a nuclear attack.

The advent of internet and its rapid development brought another military revolution, introducing computer-assisted battlefield and precision-guided munitions (PGM). More sophisticated weapons like missiles increased the distance between enemies, hence changing the risks involved and recalculating political strategy and tactics. Increased dependency on information technology resulted in new threats and opened new vulnerabilities of national security (Ohlin, Govern and Finkelstein, 2015, x-xiii).

Meanwhile, the amount of cyber threats and vulnerabilities are rapidly increasing. At the moment there are several tendencies for cyberattacks. First, it takes less time to launch a cyberattack as its speed of transmission is very high. Second, such attacks are becoming more frequent and have more serious impact on systems. Third, there are now different types of actors, capable of launching a cyberattack.

Estonia was the first to experience the effects of growing technological dependency in the history. In 2007 its government infrastructure, financial sector and media were targeted and attacked entirely in cyberspace[1]. The country proved to be highly vulnerable and unable to give a timely response, yet after these attacks Estonia started a public discussion on the issues of cyber defense in security and pushed other countries to take these issues into consideration. In a way, it was a stimulus to raise awareness on increased vulnerabilities and cyber threats (See also Aaviksoo, 2010).

This new space has clearly its threats as any other physical domain. As online interconnectivity increases, cyber threats are increasing with them. All digital technologies that receive, transmit, and manage digital data can be potentially interfered through a cyberattack (Lewis and Unal, 2017). Cyber security expert Rod Beckstrom, who is a former Chief Executive Officer of ICANN, said[2]: “Everything networked can be hacked. Everything is being networked, so everything is vulnerable”.

That was further proven by the Black Hat Briefings, the biggest computer security conferences in the world. These vulnerabilities can be easily exploited. Cyberattacks vary from data theft and financial fraud to data manipulation and manipulation of machine instructions. Furthermore, they can interfere with enemy sensors, communications, command-control systems, and weapon systems. In this sense, defending electronic infrastructure grows consistently as our dependence on information system grows.

Similarly to the development of nuclear weapons back to the 20th century, it is well-known that many countries are currently developing cyber capabilities and boosting research and investment in this area. This means that the arms race in cyberspace has already started. In 2007 there were 120 countries, already developed ways to use the internet to target different sectors (Ohlin, Govern, and Finkelstein, 2015, xii).

As much as the debate in regards to offensive cyber capacities is increasing its pace, two distinct patters are emerged in the way it is discussed. Some say that cyber can lower the threshold in war; others worry about its use in taking down critical infrastructures.

In the first optimistic case, military and states regard these capabilities capable of occupying a new niche in diplomatic tools. In 2014 Eric Rosenbach, an Assistant Secretary of Defense for Homeland Defense and Global Security at that time, has indeed referred[3] cyber operations as helpful in reaching national goals.  Specifically, he mentioned “the space between” diplomacy, economic sanctions and military action, meaning using cyber space to accomplish national interest. Cyberattacks can be used as an addition to military strikes or can become an alternative to direct kinetic confrontation, complimenting other tools used in politics. Thus, they can further lower the threshold of the use of force in a war.

In other case, however, it can possess as much destructive power as nuclear weapons, for example if it is targeted on power grids or critical infrastructures. Increased connectivity from consumer goods to critical infrastructure control systems poses great risks and vulnerabilities across the world (Weber, 2010). These vulnerabilities can be used as leverage or they can be used exploited instead of launching a missile, following a similar ultimate goal of taking down an adversary.

Traditionally, national and international security has been seen through a physical lens. Normally there is always a state that secures its land borders, sea boundaries, and protects airspace. In contrast, there is no equivalent to city police or a state army that protects its citizens in cyberspace. As professor of National Security Affairs Reveron summarizes[4], unlike other domains, the government does not have a natural role in cyberspace to promote security. In its turn cyber challenges the traditional framework of security.

Today people willingly share, transmit or store all sort of data through the internet. It is not surprising that a new strategy evolves by planting software into an electronic device to manipulate this data. For instance, by manipulating e-mails of nuclear power plant employees it is possible to acquire sensitive information and use it as a leverage tool. This shift in the notion of warfare merged military and corporate espionage functions. Militarization of cyberspace subsequently blurred legal and moral definitions of privacy rights. In the 21st century any individual may be targeted in the virtual world, depending on the information niche s/he is occupying. In result, the line between military and civil sectors is fading away.

All in all, cyber capabilities have indeed brought a new technological change and now re-shifting security, definitions and rules of war. International law, at the same time, has been slow in adjusting to a new evolving order and establishing an appropriate legal regime for cyberattacks.  Moreover, this technological advance has coined a new term for the notion of war – a cyberwar. Ohlin, Govern, and Finkelstein suggest that this change brings not only new weapons to be employed, but transforms the entire notion of war (2015, xiii).

References

Lewis, P. and Unal, B. (2017). Cyber Threats and Nuclear Weapons System. In: Borrie, J., Caughley, T., and Wan, W., (Eds.), Understanding Nuclear Weapons Risks, 1st ed. Geneva: UNIDIR, pp.  61-72.

Ohlin, J.D., Govern, K. and Finkelstein, C., eds. (2015). Cyberwar Law and Ethics for Virtual Conlicts. New York: Oxford University Press.

Sulek, D. and Moran, N. (2009).What Analogies Can Tell Us About the Future of Cybersecurity. Cryptology and Information Security Series, 3, pp. 118-131.

Weber, R. (2010). Internet of Things: New Security and Privacy Challenges. Computer Law & Security Review, 26 (1), pp. 23-30.

[1] Davis, J. (2007). Hackers Take Down the Most Wired Country in Europe. Wired, [online] Available at: https://www.wired.com/2007/08/ff-estonia/ Accessed on [19.12.2017].

[2] Flanagan, B. (2016). Hacked Asteroids Destroying Earth and Other Cybergeddon Scenarios. Knowledge Hub, [online] Available at: https://www.worldgovernmentsummit.org/knowledge-hub/hacked-asteroids-destroying-earth-and-other-cybergeddon-scenarios [Accessed 20.12.2017].

[3] Cyber Leaders: A Discussion with the Honorable Eric Rosenbach. (2014). Centre for Strategic & International Studies,

Available at: https://www.csis.org/events/cyber-leaders-discussion-honorable-eric-rosenbach [Accessed on 20.12.2017].

[4] Reveron, D. (2017). How Cyberspace is Transforming International Security. Faculty insight at Harvard Extension School, [online] Available at: https://www.extension.harvard.edu/inside-extension/how-cyberspace-transforming-international-security [Accessed 28/12/2017].

Use your ← → (arrow) keys to browse

Specialist in global security and nuclear disarmament. Excited about international relations, curious about cognitive, psycho- & neuro-linguistics. A complete traveller.

Continue Reading
Comments

Technology

9 disruptive technologies that will bloom before 2019 ends

Published

on

Technology-in-2019

Since the beginning of time, each new technological invention has meant a change of paradigm for the way people work. However, in recent years the frequency of changes has accelerated to such an extent that companies have to renew themselves and their daily procedures almost every season. Usually they are small changes or mere adaptations, but sometimes an innovation appears that makes the previous mechanisms obsolete. This is what is known as disruptive technology.

2019 is a disruptive year as far as technology is concerned: the trend of innovation continues at an accelerated pace, deepening the technological revolution. Innovative industries keep evolving and they are overcoming barriers only imaginable in Isaac Asimov’s sci-fi novels or in TV series and films such as Black Mirror or Gattaca. Check the technological trends that are making a disruptive change in the digital transformation.

1. 5G mobile networks

Some companies have started to launch pilot experiments of this kind of technology. 5G prepares the ground for navigating at speeds of up to 10 gigabytes per second from mobile devices.

2. Artificial intelligence (AI)

This will be the year of its definitive take-off. Included in the political agendas, the European Commission has made it one of the mandates for member states to develop a strategy on this matter by the middle of the year.

3. Autonomous devices

Robots, drones and autonomous mobility systems are some of the innovations related to AI. They all aim to automate functions that were previously performed by people. This trend goes beyond mere automation through rigid programming models, as it explores AI to develop advanced behaviors that interact more naturally with the environment and users.

4. ‘Blockchain’.

Finally, this technology it is no longer associated only to the crypto coins world, and experts are starting to notice its likely application in other fields. In congresses such as the annual IoT World Congress by Digitalizing Industries, -coming in october 2019-, we will witness the actual implementation of many projects based on ‘blockchain’, which will try to solve the challenges still faced by technology in different fields such as banking and insurance. It will also be a decisive year for the deployment of ‘decentralised organisations’ operating around smart contracts.

5. Advanced analytics

‘Big data’, is taking a step further with this trend, which combines this technology with artificial intelligence. Automatic learning techniques will transform the way data analysis is developed, shared and consumed. It is estimated that the capabilities of advances analytics will soon be widely adopted not only to work with information, but also to implement them in business applications of the departments of Human Resources, Finance, Sales, Marketing or Customer Service, in order to optimize decisions through a deep analysis of data.

6. Digital twins

Digital Twins are one of the disruptive technologies that will have more impact on the simulation and analysis of industrial processes. A digital twin is the virtual representation of a real-world entity or system capable to maximize the benefits of the digital transformation of companies. Many companies and organizations are already implementing these representations and will develop them over time, improving their ability to collect and visualize the right data, apply improvements to it, and respond effectively to business objectives.

7. Enhanced Edge Computing

Edge computing is a trend mostly applied to the Internet of Things. It consists of the location of intermediate points between connected objects in order to process information and perform other tasks in places closer to the reception of content by the user, in order to reduce traffic and latency in responses. This is a way to keep processing near the endpoint rather than on a centralized cloud server. However, instead of creating a new architecture, cloud computing and perimeter computing will evolve as models complementary to cloud services, managed as a centralized service that runs not only on centralized servers, but on local distributed servers and on the perimeter devices themselves.

8. Immersive experiences in intelligent spaces

Chatbots integrated into different conversation platforms and voice assistants are transforming the way people interact with the digital world, as are virtual reality (VR), augmented reality (AR) and mixed reality (MR). The combination of these technologies will lead to a profound change in the perception of everything that surrounds us through the creation of intelligent spaces where more immersive, interactive and automated experiences can be lived for a specific group of people or for specific scenarios in an industry.

9. Digital ethics and privacy

Digital ethics and privacy are issues of increasing interest to individuals, organizations and governments. It is no coincidence that people are increasingly concerned about how their personal information is being used by public and private sector entities, so in the coming months companies will be proactively addressing these concerns and to gain the trust of users.


Prev postNext post
Use your ← → (arrow) keys to browse

Continue Reading

Technology

You haven’t virtualized yet – why you should do so as soon as possible

Published

on

keyboard laptop virtualization

Virtualization is not a new thing, it has been around for some time now, and is one of the key ways a business can protect their IT infrastructure and reduce costs.

Opting for cloud vdi (virtual desktop infrastructure), is absolutely the way forward for businesses, but there could be many reasons why you haven’t been able to make the change yet.

Maybe you have not had a good enough network to support externally hosted desktops and applications, or you are a smaller business that is only just beginning to think of moving to a virtual enterprise structure. It could also be that you are suffering from the hangover of an older infrastructure with your own onsite servers and just coming to the end of the asset life time. Either way your next move should be to look at virtualization and here is why.

The savings can be substantial

Without a doubt the biggest reason is the cost savings you will make. Any company or business needs to be fully aware of the bottomline, and while the project to virtualize will need a little investment, long term it will save your business a lot more.

For example, you will no longer need onsite servers. Hardware is expensive to replace, and in order to keep up with technological investment they need to be replaced every few years. They also need to be upgrades, require server engineers to manage them, a specialised location to store them with adequate cooling and they use a lot of electricity. And this is before you even begin to think about the licences for the operating systems and applications.

Increased reliability and security

With security becoming so much more important, especially if you are holding any personal data, you need to be sure that you have adequate security measures in place to protect your IT services. Through application virtualization a data centre via the cloud, you can make sure that those provisions meet exactly what you need.

You can also increase the uptime and availability for your users, through better mirroring and failover provisions. Data centres are geared towards maximum uptime, and even should something go wrong with a server, users will like never even know as the services move over to alternative servers. To create and host this type of infrastructure yourself will require a whole IT department!

Increased productivity for your workforce

By moving to desktop virtualization your employees will be able to access their documentation and applications from almost any device. From mobile devices, tablets, laptops they will be able to do whatever they need, whenever and wherever they need it. For companies operating internationally or with a lot of travel involved this is absolutely vital.

It can also set the scene for flexible working – already proved to make the workforce much more productive. It also means that should a device breakdown, it is simple enough to switch to another.

Management of company devices is also a lot simpler, with setup and deployment happening remotely. All your installations, updates and patches, back ups and virus scans can be controlled centrally. It also means much better management of software assets.

In addition your service provider should be able to provide a whole range of support for your IT teams, with access to many disciplines and expertise to keep you running at your maximum 24 hours a day if needed.

Desktop virtualisation is definitely the way forward for any business. It makes end user environments much more secure. Reliability and uptime is better, which also keeps those end users happy and productive in their own work. No more lost working hours due to broken servers. Approached strategically, this can revolutionise your business and its operations well into the future.

Use your ← → (arrow) keys to browse

Continue Reading

Technology

Concerns and Limitation of Cyber Warfare

Alexandra Goman

Published

on

cyberwarfare stuxnet

The discovery of Stuxnet, a malware that targeted a nuclear facility, was somewhat revolutionary and groundbreaking. It targeted ICS which monitor and run industrial facilities. Before that, most of malicious programs were developed to steal information or break-in into financial sector to extort money. Stuxnet went beyond went and targeted high-level facilities. It is not hard to imagine what damage it could have inflicted if the worm were not detected. What is more worrisome, the technology is out. It might not be perfect, but it is definitely a start. Regardless of the intentions behind Stuxnet, a cyber bomb has exploded and everyone knows that cyber capabilities indeed can be developed and mastered.

Therefore, if they can be developed, they will probably be. The final goal of Stuxnet was to affect the physical equipment which was run by specific ICS. It was done in order to manipulate computer programs and make it act as an attacker intended it to act. Such a cyberattack had a particular motivation; sabotage of industrial equipment and destruction could have been one of the goals. So, if they were indeed the goals, it might have been an offensive act, conducted by an interested party, presumably, a state for its political objective. Yet, there are certain limitations when it comes to so-called “cyber weapons” (malware that might be employed for military use or intelligence gathering). 

One of the main concerns of cyber offence is that code may spread uncontrollably to other systems. In terms of another physical weapon, it is like a ballistic missile that anytime can go off-course and inflict damage on unintended targets and/or kill civilians. Cyber offensive technology lacks precision, which is so valued in military. For example, in ICS and SCADA systems one may never know what can backfire because of the complexity of the system.  The lack of precision consequently affects military decisions. When launching a weapon, officers should know its precise capabilities; otherwise, it is too risky and is not worth it. 

In case of Stuxnet, the program started replicating itself and infected computers of many countries. For this moment we do not know if it were planned in that way.  However, provided that that target was Natanz facility, it is unlikely. Symantec Corporation started analyzing the case only with external help; it did not come from Natanz. This exacerbates the case if a country decides to launch an offensive cyberattack.

If the military planning cannot prevent cyber technology to go awry or to go out in the public, it brings more disadvantages than advantages.  Moreover, given a possibility of the code being discovered and broke down to pieces to understand what it does, it may potentially benefit an opposing party (and any other interested party along the way). This is unacceptable in military affairs.

Similarly, when the code is launched and it reaches the target, it can be discovered by an opponent. In comparison to nuclear, when a bomb explodes, it brings damage and destruction, but its technology remains in secret. In case of cyber, it may not be the case, as when a malware/virus is discovered, it can be reverse engineered to patch vulnerability. By studying the code, an enemy would find out the technology/tactics used that could be unfavourable in the long-run for the attacker.

Additionally, it should be said that not every malware is meant to spread by itself. In order to control the spread, vulnerability can be patched, meaning updating the software which had that vulnerability. An anti-malware can also be introduced; this will make the computer system immune to that particular vulnerability. Nonetheless, if the malware spreads uncontrollably, there is nothing much that an attacker can do. It is not possible to seize the attack. In this scenario, an attack may only release information about this certain vulnerability so that someone else can fix it. However, a state is highly unlikely to do so, especially if the damage is extensive. It would not only cost the state diplomatic consequences, but also it might severely impact its reputation.

An AI-enabled cyberattack could perhaps fulfill its potential. That means involvement of artificial intelligence. AI systems could make digital programs more precise, controlling the spread. In contrast, it could also lead to a greater collateral damage, if a system decides to target other facilities that may result in human death. Similar concerns are raised in the area of autonomous weapon systems in regard to the need of leaving decision-making to humans and not to technology. AI technology has a potential to make existing cyberattacks more effective and more efficient (Schaerf, 2018).

Aforementioned concern leads to another and affects the end result. When a certain weapon is employed, it is believed to achieve a certain goal, e.g. to destroy a building. With cyber capabilities, there is no such certainty. In the case of Stuxnet, the malware clearly failed to achieve its end goal, which is to disrupt the activities of the industrial facility.

Alternatively, the true costs of cyberattacks may be uncertain and hard to calculate. If that is so, an attacker faces high level of uncertainty, which may also prevent them from a malicious act (particularly, if nation states are involved). However, the costs and the benefits may always be miscalculated, and an attacker hoping for a better gain may lose much more in the end (e.g. consider Pearl Harbour).

Another concern refers to the code becoming available to the public. If it happens, it can be copied, re-used and/or improved. Similar concerns in regards to proliferation and further collateral damage emerged when Stuxnet code became available online.  An attacker may launch a cyberattack, and if it is discovered, another hacker can reverse engineer the code and use it against another object. Moreover, the code can be copied, improved and specialized to meet the needs of another party. Technology is becoming more complex, and by discovering a malware developed by others, it also takes less time to produce a similar program and/or develop something stronger. (For instance, after Stuxnet, more advanced malwares were discovered – Duqu and Flame).

Furthermore, there are other difficulties with the employment of cyber offensive technology. In order to maximize its result, it should be supported by intelligence. In case of Stuxnet, an offender needed to pinpoint the location of the facility and the potential equipment involved. It has to find zero-days vulnerabilities that are extremely rare and hard to find[1]. Cyber vulnerability is all about data integrity. It should be reliable and accurate. Its security is essential in order to run an industrial infrastructure.

After pinpointing vulnerability, security specialists need to write a specific code, which is capable of bridging through an air-gapped system. In case of Stuxnet, all of abovementioned operations required a certain level of intelligence support and financial capability. These complex tasks involved into development were exactly the reason why Stuxnet was thought to be sponsored and/or initiated by a nation state. If intelligence is lacking, it may not bring a desirable effect. Moreover, if cyber offense is thought to be used in retaliation, malicious programs should be ready to use (as on “high-alert”) in the event of necessity.

Regardless of some advantages of cyber offence (like low costs, anonymity etc), this technology appears to be unlikely for a separate use by military. There is a high level of uncertainty and this stops the army of using technology in offence. Truth is when you have other highly precise weapons, it does not make sense to settle for some unreliable technology that may or may not bring you a wanted result. Yet, other types of cyberattacks like DDoS attacks can give some clear advantages during military operations and give an attacker some good cards in case of a conflict. When such attacks used together with military ground operations, they are much more likely to bring a desired result.


[1] For better understanding, out of twelve million pieces of malware that computer security companies find each year, less than a dozen uses a zero-day exploit.

Use your ← → (arrow) keys to browse

Continue Reading

Trending