Is Cyber Warfare a Serious Threat?

Twenty first century being the post-industrial knowledge era where information is greatly valued, begs the question: is our information in safe hands? Created in 1969, the Internet continues to rise in its popularity to an extent where its incumbency is almost a subject of dependence for prosaic lives. Huge organizations and even governments use the Internet as a means of communication. Henceforth, extremely confidential and high priority commands run through wires as binary making it extremely theft prone. Cyberspace is the place harboring various computer network communications and a virtual world synopsis where cyber-weapon as a development of the era plays a vital role in constituting a virtual war - the cyber-war. Nations and various organizations have hence been taking part in cyber warfare, developing their capabilities for both defensive and offensive purposes. Cyber warfare is greatly driven by motives classified into military, civil, political and research bills. The ways in which cyber warfare allows the attacker to fulfill its purpose is analogous to real life methods such as espionage, sabotage and propaganda. Cyber warfare continues to emerge as an extremely serious threat due to the recent cyber-attacks carried out by various nations across the globe; not only has the United Nations recognized cyber warfare to be a threat to world peace, but the technological products that surround us have also been deemed to be involved in it however despite it being argued that a cyber-war is very improbable coupled with the hype being largely made by tech firms in order for them to make huge profits.

Across the globe, numerous countries and organizations have been a victim to the cyber-attacks leading to various financial and political losses (Morris). The cyber-weapons used have vastly spread out across social media platforms and infiltrated into online banking systems and even personal computers, where these very weapons monitor the users’ activities at such a large scale that extremely sensitive information is obtained without consent and with no trace left behind of the attacker. One of the earliest deadly cyber-weapons was a worm called ‘Stuxnet’ that infiltrated many computer systems and kept on replicating. The nature of this worm was prevalent enough to infiltrate the USB and the computer system alike, provided an effected USB was plugged into the system (Holloway). “In October 2012, U.S. defence secretary Leon Panetta warned that the United States was vulnerable to a “cyber Pearl Harbour” that could derail trains, poison water supplies, and cripple power grids. The next month, Chevron confirmed the speculation by becoming the first U.S. corporation to admit that Stuxnet had spread across its machines” (Kushner). Pearl Harbour was a devastating surprise attack carried by the Japanese against the United States in 1941. Since the same country which got attacked uses the event to draw the contrast to the new age’s coming cyber-attacks it proves that cyber warfare has emerged to be a huge threat. According to an article in the New York times, Stuxnet has been estimated to have destroyed roughly a fifth of Iran’s nuclear centrifuges which fulfilled the motive to delay Tehran’s ability to make its first nuclear arms. (Markoff et al.). From this it was clearly seen that a mere worm could lead to such a huge financial loss whilst keeping the attacker invisible. However, in this case, the sophisticated worm was not the work of an individual, but of a group. According to Thomson, “NSA whistle-blower, Edward Snowden, confirmed that the Stuxnet malware used to attack Iranian nuclear facilities was created as part of a joint operation between the Israelis and the NSA's Foreign Affairs Directorate”. This revelation showed the whole world how invested states are into cyber warfare and that too in a way that makes them invincible. It also shows for cyber warfare geographical distances are not a hindrance if compared to conventional warfare hence making the cyber-attack both rapid and lethal.

Another extremely complicated and broad spectrum cyber-weapon is Flame. Flame, according to a multinational cyber security and anti-virus provider, Kaspersky Lab, is a complex malware used for spying and collecting sensitive information. In an article published in BBC by Dave lee, Kaspersky’s chief malware expert said, “Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on” (D. Lee). This is not just breaching of privacy, but also equivalent to espionage. However, in cyber-espionage, the attacker is almost untraceable, making it a more convenient way of acquiring sensitive information. This proves cyber warfare can have far-reaching consequences. Machines in middle-eastern countries, including Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt, were infected; and, according to cyber experts, the massive malicious software was 20 times more powerful than a cyber-warfare programme called the Stuxnet virus, that could only have been created by a state (McElroy). Imagine information on such a large-scale being stolen, open for manipulation where you cannot follow any trace leading to the spy. A lot of the public networks that we use - even our own workstations - might be vulnerable or are already under an attack of such malwares, showing how threatening cyber warfare is becoming. Moreover, there is another powerful threat actor, ‘Equation Group’, which dominates the other cyber-weapons in terms of techniques.

Equation Group was a name Kaspersky Lab researchers gave to the hacking unit that was responsible for a series of cyber-attacks deemed sophisticated for about 14 years while which hackers had surveillance of computers in an estimated amount of 42 countries (Goodin). Countries counting up to such a huge number were affected adversely, losing a massive amount of information, and were prone to all sorts of other vulnerabilities the group created. Moreover, the backdoors which they hid inside computer hardware had their own self-destruct mechanisms, making it impossible for outsiders to keep track of the group’s activity (Goodin). Since the backdoor could be attached to the hard drive, there is no way to remove or detect it using an anti-virus. This not only allows the attackers to walk away without facing any consequences, but leaves almost no trace, which enables them to carry out the acts of cyber warfare. According to an article in Forbes, a security expert, Claudio Guarnieri, told them, “the Equation attacks were “100 per cent” the work of the US intelligence agency” (Fox-Brewster). This attack affected networks across the globe, undermining many essential projects in various countries. Mainly countries like Iran, Russia, Pakistan, Afghanistan, India, China, and Syria were infiltrated by this group (Iyengar). Many of the economic crises, power blackouts, and terrorist attacks were all complimented by this group directly or indirectly. Aforementioned cyberattacks combine to be just some of the many more showing how advanced and technical cyber warfare has become. Making it evident that cyber warfare is a threat upon which various organizations and countries across the globe are beginning to agree on.

Countries have started developing themselves in order to fight against cyber-attacks to avoid the damages they cause. For instance, according to an article in CNBC, “the global cost of cybercrime has now reached as much as $600 billion — about 0.8 percent of global GDP” (Lau). From this it can certainly be seen that cyber warfare is also contributed towards a huge economic crisis. Eventually countries will want to develop their own arsenal in a way that they are able to defend as well as attack if necessary leading to a possible increase in cyber warfare present at the moment. According to a recent study by the UN Institute for Disarmament Research, “more than 40 states have now developed certain amounts of military cyber-capabilities - 12 of them for offensive cyber warfare” (UNIDR). Not only does this prove cyber warfare is a threat, but also that a cyberwar might not be that far; and countries are increasingly preparing themselves for it. Moreover, with the advancements in cyber-capabilities, the route which states will adopt in times of war or espionage will greatly be taken over by cyber-weapons, showing that cyber warfare is becoming as lethal as conventional warfare. “I am absolutely convinced that, differently from the great battles of the past, which opened with a barrage of artillery or aerial bombardment, the next war will begin with a massive cyber-attack to destroy military capacity… and paralyze basic infrastructure”, warned Antonio Guterres - U.N.’s Secretary General.

As the matter of cyber warfare keeps rising on a global level, the need for regulation has emerged as well. Rules made by international forums such as the United Nations, have been unable to keep up with the rapidly evolving technology. According to Guterres, “episodes of cyber warfare between states already exist. What is worse is that there is no regulatory scheme for that type of warfare, it is not clear how the Geneva Convention or international humanitarian law applies to it.” Not only does this highlight cyber warfare being a very pressing issue nowadays, but also that the laws present at the moment do not properly address this issue. If United Nations considers that the issue really has not been addressed properly and the need is still there, it means cyber warfare has grown to be a threat to world peace. As quoted in an article, “Guterres further offered the United Nations as a platform where various players from scientists to governments could meet and work out such rules to guarantee a more humane character, of any conflict involving information technology” (Thankappan). This shows that U.N. sees how pressing control over cyber warfare is; and countries need to sit down and draw regulatory terms accordingly, just as if it were nuclear weapons we were talking about. This further emphasizes that cyber warfare can be extremely damaging, and has led to huge tech firms taking up their stances on cyberwar accordingly.

When it comes down to the digital age, tech companies are the key players and they surely have great potential in terms of cyber warfare. Huawei, a prominent Chinese multinational networking, telecommunications equipment has surfaced to being an accomplice for China’s cyber warfare. The owner of this company was a member of China’s Communist party getting support from the government for its secret operations. In 2011, U.S banned Huawei from bidding for its emergency communications network; the following year Australian government blocked a Huawei bid for working on its National Broadband Network (Mason). This shocking news leaves most of the users doubtful about the security of the sensitive information dealt through Huawei’s products. In an era where the internet has become an essential commodity to merely go about daily routines, it could be that companies have their own motives and are state-sponsored for cyber espionage. Yet another example that surfaces is Kaspersky Labs. Russia’s intelligence agencies obtained some of the National Security Agency’s secrets about its own cyber-weapons, it appeared to do so by manipulating a virus protection program sold by Kaspersky, a Russian firm (Sanger). A cyber security provider was using its products as a cover, furthering Russia’s motives against the United States of America. Another company is Cisco Systems who were responsible for making routers and switches used as essential components for internet usage. Edward J. Snowden was a former N.S.A. contractor according to who revealed that Cisco System’s hardware was tweaked by American officials just enough, so that the equipment directed traffic back to American intelligence agencies that, too, without any evidence that Cisco cooperated (Sanger). Counties involved in the acts carried out by these various technological companies have brought into attention all the products that surround us. The dependence on the products is so tremendous that complete boycott is out of the question, allowing cyber-weapons designed to extrapolate data. Geographically, cyber warfare has the ability to cover a larger area if compared to conventional warfare, making the attacks extremely rapid and damaging. However, there is no evidence that a full-fledged cyber-war exists, which brings the threat of cyber warfare almost equivalent to a hypothetical situation.

Many experts believe that cyber warfare is not a threat but an exaggerated fiction since there is no evidence of a cyberwar that ever happened in the past. Thomas Rid, an expert on cyber security and intelligence writes in his book, “Cyber War Will Not Take Place”, “Cyber war has never happened in the past, it does not occur in the present, and it is highly unlikely that it will disturb our future.” The absence of such an event in the past and the likeliness of it toning down the damages caused by conventional warfare, cyber warfare if seen from a different perspective happens to be yet a better alternative to sabotage or espionage. Rid further goes on to say, “cyber-attacks are not creating more vectors of violent interaction; rather, they are making previously violent interactions less violent.” This, according to Rid, proves that cyberwar would never happen and it is not that big of a threat. Cyber warfare could also serve as a means to reduce violence. Take spying for example, which if done using a drone or deployment of a spy will cost more money and risk the lives of humans too whereas cyber-espionage hardly needs any physical interaction. Moreover, there’s a possibility the whole concept of how cyber warfare is extremely dangerous is being overvalued by tech firms so that they themselves can capitalize and make profits in this digital era. According to an article in CNBC, Daniel Ives (an analyst at FBR Capital Markets) said, “there is a huge amount of runway for security software companies to sell their technology to enterprises around the world to guard against hackers and protect loss of data that could be devastating to companies” (Thompson). This shows to be what is a constant trend in the capitalist economies that surround us. There no doubt is a shred of truth in it but it is hyped up as tech firms are making huge profits on it already. Another expert on the matter shared the same view. Robert Lee (a US Cyber Warfare Operations Officer) spoke to the BBC World Service Inquiry in an episode saying, “Security companies are ramping up the threat. The military's relabelled a lot of things 'cyber warfare' because they want to get the budget from Congress. Nato and the different alliances ramp up the threat to encourage other countries to invest in security.” This further proves the budget allocated to the concerned departments also revolves around cyber warfare being a real threat hence they continue to solidify their claims by showing both the public and the governments in order for themselves to function. However, this is merely evolution. Just as once the focus shifted from conventional warfare to nuclear and other methods of it, this is cyber warfare taking over. Conventional warfare has far been outdated and this seems to be just the right substitute. Hence, the organizations with expertise on the matter find themselves in charge of the whole situation which governments recognize, too. Moreover, technology wasn’t always this advanced and hand to hand combats were happening since a very long time. Which brings us to the conclusion that if no evidence of a cyberwar from the past is present, it is because technology evolved just recently to such a position where it seems very likely to happen. Furthermore, cyber warfare is considered less violent but damaging, nonetheless; almost as violent as conventional warfare - maybe even more. Flame, a virus we discussed earlier, infects infrastructure and mission-critical computer systems in such a way that according to Kaspersky Labs could mean “the end of the world as we know it” (Shamah). Also those nuclear weapons are extremely expensive weapons if compared to the cheaper cyber-weapons eventually pivoting the focus from biological or nuclear warfare to cyber warfare, hence increasing its lethality. Lastly, if cyber warfare never really led to a cyber war and instead brought us down to military combats, does not prove it being improbable. It only explains how deadly cyber warfare is, and that it could lead to either a cyberwar which still is quite probable for the near future, or start a war in a whole new domain out of the cyberspace.

Cyber warfare compared to conventional warfare may seem intangible since the domain it works in is virtual, however, the consequences surface very quickly and are extremely detrimental, especially because, unlike conventional warfare, there hardly is any trace left behind in cyber-attacks. Computers are integrated into the modern life to such an extent that the dependency cannot be eliminated and many cyber-attacks in the past have been able to exploit this very dilemma. Nations have started building themselves up in terms of cyber warfare which raises the need for a regulatory system so that peace is ensured. This is quite similar to the case when nuclear warfare surfaced for the very first time. Therefore, the United Nations has recognized cyber warfare as a threat and is bringing the topic under discussion. It has been argued that cyber warfare is to an extent less violent than nuclear, biological or conventional warfare coupled with the fact that a cyber war alone, seems improbable; but it is the very same cyber warfare that has been responsible for the disruption of world peace, damage to infrastructure, and has proven to be cheaper and more convenient, making it just as detrimental as other forms of warfare. Cyber warfare, under the present circumstances, is emerging as one of the biggest threats of the twenty first century.

(Words: 2910)

Bibliography

Fox-Brewster, Thomas. “Equation = NSA? Researchers Uncloak Huge 'American Cyber Arsenal'.” Forbes, Forbes Magazine, 25 Feb. 2015, www.forbes.com/sites/thomasbrewster/2015/02/16/nsa-equation-cyber-tool-treasure-chest/#3838121d417f.

Goodin, Dan. “After NSA Hacking Exposé, CIA Staffers Asked Where Equation Group Went Wrong.” Ars Technica, Ars Technica, 7 Mar. 2017, arstechnica.com/information-technology/2017/03/after-nsa-hacking-expose-cia-staffers-asked-where-equation-group-went-wrong/.

Holloway, Michael. “Stuxnet Worm Attack on Iranian Nuclear Facilities.” Fossil Fuel vs. Nuclear Energy, 16 July 2015, large.stanford.edu/courses/2015/ph241/holloway1/.

Iyengar, Rishi. “U.S. Group Has Embedded Spyware in Foreign Computers, Report Says.”Time, Time, 17 Feb. 2015, time.com/3711462/u-s-cyber-warfare-equation-group-kaspersky-lab/.

Kushner, David. “The Real Story of Stuxnet.” IEEE Spectrum: Technology, Engineering, and Science News, IEEE Spectrum, 26 Feb. 2013, spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet.

Lau, Lynette. “Cybercrime 'Pandemic' May Have Cost the World $600 Billion Last Year.”CNBC, CNBC, 23 Feb. 2018, www.cnbc.com/2018/02/22/cybercrime-pandemic-may-have-cost-the-world-600-billion-last-year.html.

Lee, Dave. “Flame: Massive Cyber-Attack Discovered, Researchers Say.” BBC News, BBC, 28 May 2012, www.bbc.com/news/technology-18238326.

Lee, Robert. “Is Cyber-Warfare Really That Scary?” Http://Www.bbc.com/News/World-32534923, BBC, 6 May 2015.

Markoff, John, et al. “Stuxnet Worm Used Against Iran Was Tested in Israel.” The New York Times, The New York Times, 15 Jan. 2011, www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html.

Mason, Bob. “So Who Has the Most Advanced Cyber Warfare Technology?” NASDAQ.com, Nasdaq, 19 Oct. 2017, www.nasdaq.com/article/so-who-has-the-most-advanced-cyber-warfare-technology-cm861979.

McElroy, Damien, and Christopher Williams. “Flame: World's Most Complex Computer Virus Exposed.” The Telegraph, Telegraph Media Group, 28 May 2012, www.telegraph.co.uk/news/worldnews/middleeast/iran/9295938/Flame-worlds-most-complex-computer-virus-exposed.html.

Morris, Stephen. “Business, Political Leaders List Cyber Attacks, Geopolitical Tensions as Top Concerns: WEF Survey.” Insurance Journal, 18 Jan. 2018, www.insurancejournal.com/news/international/2018/01/18/477622.htm.

Rid, Thomas. “Cyber War Will Not Take Place.” Journal of Strategic Studies, vol. 35, no. 1, 2012, pp. 5–32., doi:10.1080/01402390.2011.608939.

Sanger, David E. “Tech Firms Sign 'Digital Geneva Accord' Not to Aid Governments in Cyberwar.” The New York Times, The New York Times, 17 Apr. 2018, www.nytimes.com/2018/04/17/us/politics/tech-companies-cybersecurity-accord.html.

Shamah, David. “Cyber Espionage Bug Attacking Middle East, but Israel Untouched - so Far.”The Times of Israel, 4 June 2013, www.timesofisrael.com/new-cyber-bug-targeting-middle-east-but-israel-untouched-so-far/.

Thankappan, Jeevan. “UN Chief Urges Global Rules for Cyber Warfare.” Tahawul Tech, Tahawul Tech, 21 Feb. 2018, www.tahawultech.com/securityadvisorme/mobility/un-chief-urges-global-rules-cyber-warfare/.

Thompson, Cadie. “Cyberattacks: Big Business for Small Security Firms.” CNBC, CNBC, 3 June 2013, www.cnbc.com/id/100777039.

Thomson, Iain. “Snowden: US and Israel Did Create Stuxnet Attack Code.” The Register® - Biting the Hand That Feeds IT, The Register, 8 July 2013, www.theregister.co.uk/2013/07/08/snowden_us_israel_stuxnet/.

UN Institute for Disarmament Research (UNIDIR), “The Cyber Index: International Security Trends and Realities,” UNIDIR/2013/3 (2013).