Connect with us

Technology

Technological change and new challenges in war

Alexandra Goman

Published

on

The notion of war has been changing for a long time due to technological advances. This subsequently has caused new arms races. Since the first military revolution in infantry and artillery during the Hundred Years’ War, many things have been indeed reshaped. New technologies consistently redefined the way wars are conducted and altered the notion of risk (both for combatants and civilians).

For a long time land and sea were the main domains for a war. As the technology further developed and a flight capability was introduced, air has become a new domain.  That posed new risks and challenges that one could not overlook. To keep balancing on the battlefield one needed to adjust accordingly and develop its own air capability. Having only land troops and naval ships were suddenly not enough to prevail in these new circumstances. The military planning and strategy changed with it, shifting from the trench warfare during the World War I to a blitzkrieg and air raids during the World War II.

In the middle of 20th century nuclear weapons were invented which greatly impacted the warfare and the balance of international relations. The bombings of Hiroshima and Nagasaki showed more than just a massive destructive power that could obliterate millions in a blink of the eye. Years later demonstrated a real impact of a nuclear bomb and its long-lasting consequences as well as how poorly prepared were the infrastructures for a nuclear attack.

The advent of internet and its rapid development brought another military revolution, introducing computer-assisted battlefield and precision-guided munitions (PGM). More sophisticated weapons like missiles increased the distance between enemies, hence changing the risks involved and recalculating political strategy and tactics. Increased dependency on information technology resulted in new threats and opened new vulnerabilities of national security (Ohlin, Govern and Finkelstein, 2015, x-xiii).

Meanwhile, the amount of cyber threats and vulnerabilities are rapidly increasing. At the moment there are several tendencies for cyberattacks. First, it takes less time to launch a cyberattack as its speed of transmission is very high. Second, such attacks are becoming more frequent and have more serious impact on systems. Third, there are now different types of actors, capable of launching a cyberattack.

Estonia was the first to experience the effects of growing technological dependency in the history. In 2007 its government infrastructure, financial sector and media were targeted and attacked entirely in cyberspace[1]. The country proved to be highly vulnerable and unable to give a timely response, yet after these attacks Estonia started a public discussion on the issues of cyber defense in security and pushed other countries to take these issues into consideration. In a way, it was a stimulus to raise awareness on increased vulnerabilities and cyber threats (See also Aaviksoo, 2010).

This new space has clearly its threats as any other physical domain. As online interconnectivity increases, cyber threats are increasing with them. All digital technologies that receive, transmit, and manage digital data can be potentially interfered through a cyberattack (Lewis and Unal, 2017). Cyber security expert Rod Beckstrom, who is a former Chief Executive Officer of ICANN, said[2]: “Everything networked can be hacked. Everything is being networked, so everything is vulnerable”.

That was further proven by the Black Hat Briefings, the biggest computer security conferences in the world. These vulnerabilities can be easily exploited. Cyberattacks vary from data theft and financial fraud to data manipulation and manipulation of machine instructions. Furthermore, they can interfere with enemy sensors, communications, command-control systems, and weapon systems. In this sense, defending electronic infrastructure grows consistently as our dependence on information system grows.

Similarly to the development of nuclear weapons back to the 20th century, it is well-known that many countries are currently developing cyber capabilities and boosting research and investment in this area. This means that the arms race in cyberspace has already started. In 2007 there were 120 countries, already developed ways to use the internet to target different sectors (Ohlin, Govern, and Finkelstein, 2015, xii).

As much as the debate in regards to offensive cyber capacities is increasing its pace, two distinct patters are emerged in the way it is discussed. Some say that cyber can lower the threshold in war; others worry about its use in taking down critical infrastructures.

In the first optimistic case, military and states regard these capabilities capable of occupying a new niche in diplomatic tools. In 2014 Eric Rosenbach, an Assistant Secretary of Defense for Homeland Defense and Global Security at that time, has indeed referred[3] cyber operations as helpful in reaching national goals.  Specifically, he mentioned “the space between” diplomacy, economic sanctions and military action, meaning using cyber space to accomplish national interest. Cyberattacks can be used as an addition to military strikes or can become an alternative to direct kinetic confrontation, complimenting other tools used in politics. Thus, they can further lower the threshold of the use of force in a war.

In other case, however, it can possess as much destructive power as nuclear weapons, for example if it is targeted on power grids or critical infrastructures. Increased connectivity from consumer goods to critical infrastructure control systems poses great risks and vulnerabilities across the world (Weber, 2010). These vulnerabilities can be used as leverage or they can be used exploited instead of launching a missile, following a similar ultimate goal of taking down an adversary.

Traditionally, national and international security has been seen through a physical lens. Normally there is always a state that secures its land borders, sea boundaries, and protects airspace. In contrast, there is no equivalent to city police or a state army that protects its citizens in cyberspace. As professor of National Security Affairs Reveron summarizes[4], unlike other domains, the government does not have a natural role in cyberspace to promote security. In its turn cyber challenges the traditional framework of security.

Today people willingly share, transmit or store all sort of data through the internet. It is not surprising that a new strategy evolves by planting software into an electronic device to manipulate this data. For instance, by manipulating e-mails of nuclear power plant employees it is possible to acquire sensitive information and use it as a leverage tool. This shift in the notion of warfare merged military and corporate espionage functions. Militarization of cyberspace subsequently blurred legal and moral definitions of privacy rights. In the 21st century any individual may be targeted in the virtual world, depending on the information niche s/he is occupying. In result, the line between military and civil sectors is fading away.

All in all, cyber capabilities have indeed brought a new technological change and now re-shifting security, definitions and rules of war. International law, at the same time, has been slow in adjusting to a new evolving order and establishing an appropriate legal regime for cyberattacks.  Moreover, this technological advance has coined a new term for the notion of war – a cyberwar. Ohlin, Govern, and Finkelstein suggest that this change brings not only new weapons to be employed, but transforms the entire notion of war (2015, xiii).

References

Lewis, P. and Unal, B. (2017). Cyber Threats and Nuclear Weapons System. In: Borrie, J., Caughley, T., and Wan, W., (Eds.), Understanding Nuclear Weapons Risks, 1st ed. Geneva: UNIDIR, pp.  61-72.

Ohlin, J.D., Govern, K. and Finkelstein, C., eds. (2015). Cyberwar Law and Ethics for Virtual Conlicts. New York: Oxford University Press.

Sulek, D. and Moran, N. (2009).What Analogies Can Tell Us About the Future of Cybersecurity. Cryptology and Information Security Series, 3, pp. 118-131.

Weber, R. (2010). Internet of Things: New Security and Privacy Challenges. Computer Law & Security Review, 26 (1), pp. 23-30.

[1] Davis, J. (2007). Hackers Take Down the Most Wired Country in Europe. Wired, [online] Available at: https://www.wired.com/2007/08/ff-estonia/ Accessed on [19.12.2017].

[2] Flanagan, B. (2016). Hacked Asteroids Destroying Earth and Other Cybergeddon Scenarios. Knowledge Hub, [online] Available at: https://www.worldgovernmentsummit.org/knowledge-hub/hacked-asteroids-destroying-earth-and-other-cybergeddon-scenarios [Accessed 20.12.2017].

[3] Cyber Leaders: A Discussion with the Honorable Eric Rosenbach. (2014). Centre for Strategic & International Studies,

Available at: https://www.csis.org/events/cyber-leaders-discussion-honorable-eric-rosenbach [Accessed on 20.12.2017].

[4] Reveron, D. (2017). How Cyberspace is Transforming International Security. Faculty insight at Harvard Extension School, [online] Available at: https://www.extension.harvard.edu/inside-extension/how-cyberspace-transforming-international-security [Accessed 28/12/2017].

Use your ← → (arrow) keys to browse

Specialist in global security and nuclear disarmament. Excited about international relations, curious about cognitive, psycho- & neuro-linguistics. A complete traveller.

Continue Reading
Comments

Technology

The Impact of Blockchain For Businesses

Published

on

Blockchain

Throughout the years, the concept of blockchain technology has gradually overtaken the business world. But no longer is it only being associated with cryptocurrency. Now it’s finding its way into other industries such as eCommerce and logistics management. 

Helping to digitize businesses, it’s a popular technology due to its ability to solve challenges such as security breaches. But that’s not the only benefit that comes with investing in blockchain technology. If your business is interested in investing in enterprise software development and in blockchain in particular, then the following information can prove to be invaluable. 

What is it?

Before getting into the advantages, it’s important to first understand exactly what blockchain is. Arguably one of the most disruptive technologies, it’s something that should no longer be ignored. To put it simply, blockchain is a collection of digital technology information which is stored within a database.  This will typically include:

  • Information about certain customer transactions including key data such as the time, monetary amount, date and more. 
  • Information about exactly who is buying your products or services. Revealing shopping behaviors, it’s stored with a digital signature rather than a specific name. 
  • Unique blocks of information – which can easily be distinguished from one another. For example, if one customer buys one item and then in the future buys a different one, they will be in different blocks.

What Are The Benefits?

  1. An Increased Level of Efficiency

One of the most important benefits that come with implementing blockchain technology within your business is the elevated level of efficiency it can provide. Removing the need for a third-party due to its more decentralized design, it will make your operating processes far more streamlined. 

With blockchain technology, you can step away from the more traditional, time-consuming processes that were rife with human error and automate them. Ensuring that they are completed more quickly and accurately, you can spend the time that you saved on other areas of your business. 

As well as making the overall process more streamlined and convenient, it allows for everyone to access the same information at one time – making financial record-keeping more trustworthy in the long term. 

One industry that could particularly benefit from faster payments and transactions is the real estate market. With a simpler system of ownership records, it will make the process of selling properties far easier. It will also open up the possibility of automating agreements between tenants and landlords, which will similarly speed up the process. 

  1. Greater Transparency Overall

A notable characteristic that blockchain has is its ability to be transparent. As the technology is a type of a transaction or distributed ledger, it allows those within a network to share all of the same documentation instead of individual copies. 

By making this open to viewing, it directly adds a remarkable layer of accountability, giving each sector within the business the responsibility to act correctly towards the company’s growth and its customers. The fact that each document can only be updated through the agreement of all participants also ensures that no illegitimate changes can be made. More consistent, transparent and accurate, the staff will perform better together in the long run.

  1. An Increased Level of Security 

As aforementioned, an increased level of security is one of the key benefits that come with blockchain technology. Far more secure than the more traditional record-keeping systems, it will ensure that each transaction that’s made is heavily encrypted and linked to the last transaction. But how does it do this?

Without getting too technical, blockchain technology is created with several ‘blocks’ which are formed by a computer network. Once created, they are added to a ledger which fuses a chain of information. As it is such a complex technology that exists across several serves rather than one (as most traditional technologies are), it’s one of the most protected from breaches. 

This level of security is particularly important for businesses that store sensitive customer data such as – healthcare, within the government and in financial services. 

  1. Reduced Costs

For many businesses, it’s important to cut costs where you can. And with blockchain technology, you can do exactly that. Although the initial investment might seem expensive, the benefits that come with it make it more than worth it for many businesses. As mentioned above, it removes the need for third parties. And because of this, you can work directly with your clients and customers.

This will, in turn, help to reduce your overall costs. With this new automated technology, you also no longer have to review information separately. Helping to save time and therefore save money. You can then reinvest the money that you’ve saved by not having to deal with third parties in other aspects of your business – such as marketing or IT.

  1. Enhanced Traceability 

Traceability is key within many businesses – as without it, you can’t identify transactions. With blockchain technology, you can reap the benefits that come with an enhanced level of traceability. For example, every time that someone purchases a product from your business, it will create a digital audit trail which is recorded within the blockchain. Showcasing who and when they were bought, it can easily be traced if need be.

Helping to prevent fraud (if you have a business that’s involved in exchange), verify the authenticity and improve security, it’s an essential addition for many. In particular, this heightened level of traceability can be ideal if your business traditionally deals with products which are traded through a very complex supply chain – such as within medicine. Tracking exactly who manufactured and distributed each item, it will be easier to recall products if need be.

Final Thoughts

The impact that blockchain technology can have within a business is clear. A type of technology that is ever-developing and growing in popularity, it’s something that’s here to stay. Of course, before you invest in the technology, it’s vital that you thoroughly research the pros and cons and how it could directly affect your business’ operations.

Prev postNext post
Use your ← → (arrow) keys to browse

Continue Reading

Technology

Inside the New WhatsApp Buffer Overflow Vulnerability

Published

on

Whatsapp

Facebook’s WhatsApp mobile app has had a rough time lately with regard to software vulnerabilities. In November 2019, the social media company quietly issued a security patch for a buffer overflow vulnerability contained in their messaging application.

However, the vulnerability disclosed in November 2019 is not the only recent vulnerability discovered and patched in the secure messaging application. Earlier in 2019, another buffer overflow vulnerability was discovered and patched by the company. Both of these vulnerabilities are rated as “severe” due to the fact that an attacker exploiting them can run malicious code on the target device.

To make things worse, the vulnerabilities in WhatsApp can be exploited by an unauthenticated attacker. These vulnerabilities were discovered in functions that process data sent by another WhatsApp user to the target. By taking a simple action – initiating a WhatsApp call or sending an MP4 video to the target – an attacker can trigger the vulnerability, giving them control over the device. These vulnerabilities can then be exploited to place spyware on the victim’s device and to view the user’s messaging history within the app.

A Brief History of WhatsApp Security

The recent WhatsApp vulnerability is not the first buffer overflow contained within the mobile app. In May 2019, a different buffer overflow vulnerability was discovered in how WhatsApp processed the data contained within an incoming call.

This vulnerability was created because WhatsApp uses a special binary format for sending data between devices and then unpacks this data at the recipient device. If an attacker sent a specially formatted packet, which lied about the length of a certain field, the recipient’s WhatsApp would unpack the data into a place on the stack that did not have sufficient space for it. As a result, the attacker would have the ability to write to memory that should have been outside of their control. This vulnerability was concerning since it allowed remote code execution on a target device without any user interaction required. The malicious packet was sent as part of initiating a call, so, even if the user rejected the call, the damage was already done.

This past WhatsApp vulnerability has been the source of significant controversy. While Facebook was in the process of patching the vulnerability, they observed someone trying to exploit it on the device of a UK-based human rights lawyer. Additional investigation pointed to the use of the vulnerability to spy upon individuals who would be of interest to certain governments.

The Israeli-based NSO Group is well known for developing and selling exploits to governments for use in surveillance activities that fall outside the scope of law enforcement activities. This, and the fact that the observed attack used infrastructure previously linked to the NSO Group, has led Facebook to believe that the company was beyond the exploitation of the WhatsApp vulnerability. As a result, Facebook has begun a lawsuit against the NSO Group for exploitation of a vulnerability in one of their products.

The Newest WhatsApp Vulnerability

The buffer overflow vulnerability disclosed in May was not the last such vulnerability in the WhatsApp platform. In November 2019, Facebook patched another vulnerability in WhatsApp that was similar in scope, severity, and potential impact.

This vulnerability dealt with how WhatsApp handled MP4 video files. Along with a video file comes a stream of metadata containing details about the file. When parsing this metadata, WhatsApp is vulnerable to a stack-based buffer overflow attack. This would allow the attacker to perform a Denial of Service attack (crashing the app) or to run attacker-controlled code on the app that could give access to previous conversations that the user has performed on the app. Exploitation of the vulnerability only requires an attacker to know the phone number of the victim and to send them a malicious MP4 video via WhatsApp.

Luckily, while the new vulnerability had the potential to be at least as damaging as the previous buffer overflow flaw, it appears that this one was not being actively exploited by attackers prior to being patched by Facebook. However, this demonstrates the importance of keeping such applications up-to-date (so that Facebook-provided security patches are applied) and to consider the risks associated with using these applications for personal communications.

Protecting Against Buffer Overflow Vulnerabilities

Buffer overflow vulnerabilities are nothing new. They are extremely simple vulnerabilities – only involving a failure to properly manage memory and user input – yet they can be extremely difficult to detect. A wide range of buffer overflow vulnerabilities exist, and sometimes apparently “safe” code can be vulnerable since another vulnerability can be exploited to bypass existing protections against buffer overflows.

The two major WhatsApp vulnerabilities disclosed and patched in 2019 demonstrate the potential impact of a buffer overflow vulnerability in a critical application. Both of these vulnerabilities could be exploited without user interaction, and enabled an attacker to run malicious code within the victim application. In one case, the vulnerability was exploited multiple times to spy upon parties of interest to various governments, leading to a lawsuit by Facebook against the suspected perpetrator.

Protecting against buffer overflow vulnerabilities requires the ability to identify and block potential exploits before they reach a vulnerable application. Deploying a strong web application firewall (WAF) to protect an organization’s web presence and runtime application self-protection (RASP) for critical or potentially vulnerable assets is an important first step toward protecting an organization and its software assets against exploitation.

Use your ← → (arrow) keys to browse

Continue Reading

Technology

3 2020 Developments That Could Make Your Life Easier

Published

on

There are many systems under development right now that could eventually make your life easier – but below, we’re going to look at 3 of them. We could be using these developments a lot sooner than you think! 

5G

Why do we need 5G when we have 4G – 4G is fast enough, right? People are worried about the health implications, but everybody seems willing to look past that to get more speed. More speed could really help businesses. Also, while 5G is generally operating from the same infrastructure as before, mass adoption will cause issues for data centers. This could make the situation both better and worse in some respects. 

Virtual Reality 

Virtual reality is already being used by many people, but it could actually be put to good use soon. When it comes to simple things like shopping, you could make your life so much easier and more enjoyable. Whether you’re shopping for furniture or clothes, virtual reality could mean checking out the fit easily. Try on clothes in the comfort of your home without even ordering them first. See what a sofa looks like before you buy. The options are endless! 

Artificial Intelligence 

We’re still going to need human intelligence, but AI can have a huge impact in our personal and working lives. In work alone it could mean enhanced automation with no need to do tedious tasks. Then, there’s next gen disaster response. It’s the technology of the future!

With these developments in mind, what are some of the most important developments in human history? Check out the infographic to find out!


check out an infographic about human history
Use your ← → (arrow) keys to browse

Continue Reading

Trending