Archive | Cyberwar RSS feed for this section

The dawn of offensive cyberwarfare – Pragati article

I have an article in the November edition of Pragati that covers the Stuxnet malware and its relevance to India. If you don’t feel like registering over at the Pragati website, you are welcome to post your comments here.

Imagine a deadly computer virus makes its way around a well-guarded, critical industrial complex—say a nuclear plant—sabotaging its operations by sending bad commands to the centrifuge controller. “Storyline of a B-grade Hollywood movie,” you might say. The Stuxnet worm, a piece of malicious software or malware, whose origins are yet unknown, is designed to do such things.

(…)

Jeffrey Carr, a noted authority on cyber security, suggested in a blog post published by Forbes that the glitch experienced by India’s INSAT-4B communication satellite on July 7th could be the handiwork of the Stuxnet worm. The glitch, attributed to a power supply anomaly in one of its two solar panels led to the shutdown of 12 of the 24 transponders on the satellite. Carr bases his hypothesis, partially at least, on the fact that the Indian Space Research Organisation (ISRO) is a Siemens customer and that two former engineers’ resumes seem to suggest that Siemens PLC and WinCC software were used by ISRO’s Liquid Propulsion Systems Centre.

(…)

Comments { 1 }

Cyberwar makes NPT useless?

Dr. Kalam, former President of India believes that nuclear non-proliferation treaties (NPT) have been made useless by the advent of cyberwar. He made this remark while addressing the students and faculty of the MGIMO University of International Relations. Cyber war would be more devastating for all the countries with networked financial and economic resources, he says. Interesting twisted logic. More on that later. He goes on to say:

Cyber war, with the speed of light can destroy whole economies and one cannot defend with the help of ICBMs and nuclear weapons. My diplomatic mission is how to make nuclear weapons useless!

Is it just me or did Dr. Kalam, by the twisted logic expounded earlier, just say that he is going to advancement of cyberwar his diplomatic mission?

Putting that aside, let us go back to the first remark made by Dr. Kalam that NPT has been rendered useless by threat of cyberwar. While I don’t know enough about NPT to judge its overall success, I think there is enough gyan floating around to say that cyberwar just does not invalidate or make useless conventional warfare, especially the use of nuclear weapons. Let us examine some of these points.

  • There is not enough “umph” in cyberwar, notwithstanding the Stuxnet scare, to replace the power and influence held by the possession of or capability to produce nuclear weapons. Even if the consequences of engaging in cyberwar can equal that of nuclear weapons, one cannot imagine that many scenarios where it can exceed the destruction of nuclear war. The images from Hiroshima and Nagasaki are too well engraved in our collective conscience to allow us think otherwise.
  • Cyberwar has one very distinguishing factor compared to conventional warfare that works against it – the “one timeness” of its delivery mechanism. By this I mean the way the enemy is attacked using a specific vector. Nuclear bombs can be dropped again and again over the years by, say, aircrafts. Software vulnerabilities that are exploited for the conduct of cyberwar have the lifetime of single use. Stuxnet exploited four 0-day vulnerabilities but now that these have been identified, patching systems to inoculate against the attack becomes an easy job. You can deploy anti-aircraft guns to shoot down aircrafts that could deliver nuclear bombs, but there is no sure-fire way to protect against all of them.
  • The non-proliferation of nuclear weapons is, in theory, something that can at least be worked towards. Cyberweapons are too varied, too easy to proliferate (can fit into a DVD, if not a CD) and too hard to  control or supervise. Sure, the amount of investment needed to develop a Stuxnet-like malware could run into millions but the final malware itself takes hardly any effort to copy, replicate or even modify.
  • The logic that, because missiles cannot block cyber attacks one might as well as give up on trying to defend against or prevent further use, is flawed at two levels. As per prevailing theory, the fear of kinetic attack is one of the key deterrents against full-blow digital wars. While the rules of engagement for this new war front is still being formulated, any nation, if pushed hard enough to the corner, would consider responding with kinetic action against an act of digital aggression aimed at its interests.  At the other level, just because one cannot counter weapon 2 with weapon 1, it does not make sense to neither give up on developing weapon 1 nor given up on fighting against its spread. That would be pretty short-sighted.

The way I see it, cyberwar can only be part (a big part, but still a part) of a bigger war strategy. One can use cyber components to weaken the enemy, disrupts supply chain, create economic havoc, push back technology progress and what-not, but in the end the “no bullets fired” war is not really the war in conventional sense and does not have the same effect.

Comments { 3 }

Bruce Sterling – “India india india hack hack hack”

Bruce Sterling, yes that one, has an “in-depth” analysis of an Economic Times article announcing India’s decision to give “shape to an IT infrastructure setup manned by a small army of software professionals to spy on the classified data of hostile nations by hacking into their computer systems.”

Somewhere there’s an Indian IIT graduate watching a Bollywood movie, and he’s leaning into the next seat to whisper into the fiancee’s shell-like ear, and he’s like: “Baby: I’ve gone to work for the ‘National Technical Research Organization.’ And, from now on, I can’t tell you any more than that.” And she’s, like, squeezing his hand, all proud of him.

The act of creating such an “army” is not the subject of the ridicule, or at least should not be. Calling it such should be, but what bears the brunt of Sterling’s jokes is the sensation-styled reporting of the journalist involved. It is a pity that there is still a lack of good quality reporting that goes beyond parroting of (un)official statements and fifth-standard level reconstruction of simple sentences into compound ones, without an iota of analysis in them.

(I realise this is an old article but in my defense, I had disappeared in that month from Vyūha. Slowly getting back into the groove, you know!)

Comments { 1 }

Sam Liles – Cyber Fugue

Professor Sam Liles over at Selil has a though provoking post on cyber war – Cyber Fugue. Several ideas worth keeping in mind when one talks about cyber warfare – differentiating between cyber warfare and computer security, the human element in cyber warfare, the loss of perception that conflicts are cross-domain etc.

It is easy to discuss the catastrophic and fear inducing cascading failure to gain support for the cybergeddon treatise. There are certain inherent fear responses that must be present for an argument of cybergeddon to be accepted as real thus requiring a response. Absent unreasoning fear and accepting evidence to the contrary a rational decision can only be met by decrying cybergeddon as a fairly tale. This does not suggest that cybergeddon could not happen anymore than saying land warfare would be used as a single terrain to answer end-of-the-world war scenarios. Any substantial conflict is going to be a hybrid war but a blind eye to any domain could be the fulcrum that asymmetric warfare is balanced upon.

Comments { 0 }

Week 33 links – defining cyber war

This weeks links are on recent article on the issue of how to define cyber war (via)

Comments { 0 }

Article in Pragati July 2010 Issue

The July 2010 issue of Pragati carries an article titled “Zeros, ones and attackers” by yours truly. The summary reads:

India must gear up to the cyber warfare challenge: China must be pressed to crack down on possible ‘non-state actors’ responsible for the cyber attack on Indian targets.

Head over there and post your comments, or of course, put them down here too.

Comments { 0 }

General Keith Alexander speaks cyber security at CSIS

General Keith Alexander, current Director, National Security Agency (DIRNSA), Chief, Central Security Service (CCSS) and Commander, United States Cyber Command, spoke about cyber security and U.S. Cyber Command at the Center for Strategic and International Studies (CSIS). The event was held today at the Center for Strategic and International Studies in Washington DC and his General Alexander’s first public speaking engagement after his recent promotion to the Commander of US Cyber Command.

The video, published on the CSIS web site, is embedded below.

He starts with a brief introduction on events that led to the setting up of the US Cyber Command. He then goes on to define the scope of the role played by Cyber Command as “centralise command of military cyberspace operations, strengthen DoD cyberspace capability and integrate DoD cyberspace expertise.” He mentions the scale of DoD systems – 7 million machines, 15,000 networks, 21 satellite gateways and 20,000 commercial circuits. He mentions that DoD systems are probed by unauthorised people 250,000 times an hour, over 6 million times a day.

General Alexander then goes on to explain a shift in the attack patterns from network penetration targeted at exploiting data to targeting systems for remote sabotage. Cyberspace differs from likes of land and sea in that it is a man made domain and a hotly contested domain. He tries to dispel the concerns of co-locating the cyber command along with NSA, thus involving the intelligence community in securing nation’s cyber infrastructure, by has robust and rigorous procedures to minimise the effect of the intelligence activities on US persons. See the video for more.

From Indian perspective it is interesting that he mentions that cyber command will exercise its power to protect the cyber infrastructure of not just US military but also help allies to do the same. I wonder how much of engagement with India would that translate to and for that matter how much would countries of interest like Pakistan squeeze out of this overture.

Comments { 0 }

Book review – “Inside Cyber Warfare: Mapping the Cyber Underworld”

Recent events involving attacks on Google and other companies and the reconnaissance and espionage incidents against Tibetan and Indian officials have sparked widespread interest in the grey area of cyber warfare. Jeffrey Carr’s “Inside Cyber Warfare” comes as a welcome piece of work that thrown light on this serious area of 21st century means of warfare.

What sets Carr’s work apart is that instead of looking at the subject area from a purely technical perspective, Carr, and contributing authors, cover the issues associated with cyber war at a bigger-picture plane, considering issues like international law, involvement of organised crime, state machinery etc.

Chapter one provides an introduction to the problem of warfare in the cyberspace by referencing recent incidents involving non-state hackers from China, Russia, Israel, Iran and others. It also provides an introduction to the protection of a nation’s critical infrastructure and how it is connected to cyber warfare. Most high profile cyber attacks that have been identified so far have been attributed to individuals/groups (“non-state”) rather than specific state agencies or machineries. Chapter two looks at some of these well know hackers and follows up with discussion on whether these non-state actors are protected assets within a nation’s legal system.

Chapter three discusses the legal status of cyber warfare and the existing thoughts on how cyber warfare can be governed by the existing laws of armed conflict. While this chapter only introduces the problem of how to classify cyber war and which existing international treaties can be applied to such acts, the next chapter, written by Lt. Cdr. Matt Sklerov goes into in-depth detail of the various issues associated with this matter. Laying specific emphasis on the use of active defense to thwart cyber attacks, Sklerov analyses cyber warfare from the two principals areas of laws of war – jus ad bellum (justice to war) and jus in bello (justice in war). This is one of the strongest chapters of the book and its strength lies in the strong analysis of cyber war scenarios based on existing laws. It tackles the contentious issue of non-state actors and the need to impute state responsibility for act of non-state actors.

Chapter five discusses the investigation and analysis performed by Project Grey Goose, of which the author is a part, on two cyber attacks – the attacks against US and South Koeran government website in 2009 and that of LiveJournal and Twitter DDos attacks in August 2009. It also aims to propose a new approach to conducting cyber intelligence, taking into account unique issues associated with cyberspace and cyber warfare. Chapter six looks at the use of social web tools like Twitter, Facebook, MySpace etc. by hackers to collect personal information about potential attacks targets and how these are then used to mount targeted attacks. Chapter seven explains how the process of following the money trail created by arranging the logistics of launching an attacks can be used to track the culprits while chapter eight discusses the involvement of organised crime in the cyber warfare scene, with emphasis being on Russian organised crime.

Chapter nine takes a quick look at some basic network forensics tools available for investigators. Chapter ten looks at the malware scene and its close connection to cyber warfare and the use of social engineering and social web for targeted use of these malwares. Chapter eleven takes a brief look at the approach taken by Russia, China and USA in using cyber warfare in their military doctrine. A more thorough analysis of this subject would have added a lot of value to the book, but unfortunately that has not been attempted. Chapter twelve by Ned Moran proposes an early warning model for cyber attacks based on analysis of politically motivated cyber attacks with the aim of allowing defenders to predict than react to occurrences of these attacks. The last chapter of the book, contributed by three individuals with cyber warfare experience along with Jeffrey Carr aims to provide advice to policy makers to guide them in their effort to make proper policies towards protecting national cyberspace.

Carr’s work covers the very important field of cyber warfare which is becoming very relevant based on recent events involving intellectual property thefts, espionage etc. The work covers important ground by concentrating on issues like international law regarding cyber warfare, the legality of active defense and need for properly thought out policy framework for protecting the cyberspace. However, the book is not without issues. While it covers good ground, it falls short of a scholarly work, mainly due to the non-uniform depth of analysis of the various issues.

In short, a well written book that should be read by anyone interested in the deeper issues associated with cyber warfare, but not without some failings.

Comments { 1 }

“Cyberwar” at Fault Lines

A good piece on “Cyberwar” at Fault Lines on Al Jazeera English.

Comments { 0 }