Cyberwarfare

Published on June 2016 | Categories: Types, School Work, Essays & Theses | Downloads: 54 | Comments: 0 | Views: 190
of 6
Download PDF   Embed   Report

An essay for the unit 'PAIS315: Contemporary Challenges to Global Security', discussing the emerging threat of cyberwarfare.

Comments

Content

Assignment 1 – Essay PAIS315 – Contemporary Challenges to Global Security Matthew Ryan 220086769 Question 3: 'Cyberspace is the new battleground of the 21st Century'. Discuss. Word Count: 1890/2000

'Cyberspace is the new battleground of the 21st Century'. Discuss.
Thirty years ago, putting the words “cyberspace” and “battleground” together would have most likely evoked a vague recollection of science fiction novels, such as William Gibson's Neuromancer or George Orwell's 1984. Today, it is no longer the realm of science fiction, as states, groups, and individuals are becoming increasingly aware. Within the context of conflict, a more concise definition of “cyberspace” than Mike Sheehan's cannot be found:
'As states become more dependant on complex information-gathering and weapons-targeting technologies and command systems, they become more vulnerable to cyber warfare. Cyberspace is 'the total interconnectedness of human beings through computers and telecommunications'... Such attacks can be limited to purely military targets or can be directed against the adversary's economic and political system more generally. A large number of states such as India and Cuba are believed to be developing cyber warfare capabilities and several, including the USA, Russia, China and the UK have incorporated cyber warfare into their military doctrines' (Sheehan 2011:217).

In a discussion on cyberspace as the new battleground in the 21st century, it is not validity, but scope that we must explore. Indeed, increasingly the term "battleground" is being replaced with "battle-space", as the progression of conflict moves from the three- dimensionality of combat, involving ground and air, into a non-dimentional plane, including the virtual realm – cyberspace (Sheehan 2011:217). As mentioned above, cyber warfare has already been acknowledged, through various state policies, as a real threat to security. It is important to note, from the outset, that this is not a theoretical acknowledgement of a future threat; cyberspace has already been the location of international conflict, in both state-vs-state and state-vs-non-state contexts. From the Stuxnet worm virus, to Chinese attacks on the US-based corporation, Google; from WikiLeaks and politically motivated "hacktivism", to the ongoing use of social media in the Arab Spring uprising; from the Chinese firewall and the Russian attempted imitation, to the prophecy of the "singularity" of artificialintelligence; there is no doubt that not only has conflict started in this new battlespace, but that it will be the defining realm of conflict for the 21st Century. Certainly, these myriad of facets to the cyberspace battlespace are far too many to properly explore in one paper. Thus, the "open-souce" cyber-weapon of mass destruction – Stuxnet – will form the bulk of the work, with the cyber-activist groups, Anonymous and WikiLeaks, also examined in detail. Little more than five years ago state cyber attacks on other states were still limited to the pages of Gibson-esque science fiction. The first such attack was against Estonia in 2007, assumed to be initiated by Russia. The attack was a "distributed denial of service" (DDOS) cyber attack, in which websites of banks, ministries, newspapers and broadcasters were crashed. Essentially, a massive collection of "bots", or infected computers, are hi-jacked and used to request information from servers

at an serviceable rate – in the order of 5000 clicks per second (The Economist 2007:76, editorial). This attack took place during a row between Estonia and Russia over the relocation of the “Bronze Soldier of Tallinn”, and despite the fact that Russia was the obviously the attacker, NATO (to which Estonia is a member) was hesitant to support Estonia. This is because cyber-attacks are often difficult – or impossible – to trace, making diplomatic issues more complex in relation to cyber-warfare (Goldstein, 2010). The real "game-changer" however, in regards to cyberspace as a security concern, came in the form of a worm virus, called Stuxnet, discovered in June 2010. In a quantum leap of twentyfold complexity over its predecessors, Stuxnet infected several "programmable logic controllers" (PLCs) in Iranian Nuclear Enrichment facilities. The attack knocked out – and probably destroyed – nine hundred and eighty four P-I Uranium enrichment centrifuges, delaying the Iranian nuclear effort by an estimated three years (Freedman 2011:34). It is now widely reported that the virus was jointly designed by the US and Israel, but for many months the identity of the attacking party was unknown. This anonymity is important to note, just as in the Russo-Estonian attacks, as it holds particular weight regarding security. These new attacks can be carried out by individuals, politically motivated extremist groups, such as terrorists, or even aggressive states, and the victim can have little to no idea who was responsible, or blame the wrong country due to “false flag” attacks. Wrongful retaliation is one potential outcome of this, but with even more impact upon the security dilemma, it increases the value of first-strike, helping to precipitate conflict. In his talk at a 2010 TED conference, GuyPhillippe Goldstein comments on how the combination of both anonymity of attackers, and the strategic advantage given to the attacker, all within a multi-polar power situation, creates an extremely unstable environment (Goldstein, 2010). There has also been extensive debate on the potential for preemptive attacks, with the US National Security Agency arguing that:
'[i]n an extreme case, lie evidence that an adversary was about to launch an attack intended to shut down power stations across America, some officially argue that the right response might be a military strike' (Markoff, Sanger, and Shanker, 2010).

Two other points should be noted, regarding the Stuxnet example: firstly, the PLCs infected and hijacked by the virus are almost identical to those used around the world to manage power-plants, oil refineries, gas pipelines, and much more vital infrastructure (Masters 2011:29); secondly, the Stuxnet weapon is "open source", meaning it can be downloaded and adapted by anyone, from a hobbyist-hacker, to a terrorist group, to a rogue state (Hungry Beast 2011). Thus, the significance of the US-Israeli designed Stuxnet virus is not limited simply to the ongoing tension over Iranian Nuclear Weapon ambitions, but rather speaks to the possibilities of tomorrow. Pandora's Box has been opened, with this new breed of weapon now readily available, with the potential for it to cause far

greater damage – even to it's own creators – yet unfulfilled.
'A virus like Stuxnet could conceivably trigger a meltdown in a functioning nuclear power plant, turn off oil and gas pipelines, or change the chemical composition of tap water' (WEF 2011).

In fact, in its Global Risks Report 2012, from which the above quotation is sourced, the World Economic Forum listed a critical systems failure, triggered by cyber attacks, as the largest technological risk we face today. In the physical world, the security implications of tension and conflict between state and nonstate actors have been thoroughly explored, particularly in the wake of September 11. This new paradigm is just as relevant – if not more so – in the the battle-space of cyberspace. There have been prominent incidents of cyber attacks against states by non state actors, and inversely, against non-state actors perpetrated by states. If we take the case of cyberspace being the battleground of choice for certain non-state actors, the “hacktivist” cult, Anonymous, is a prime example. While groups of hackers have perpetrated cyber-crime for some time, on ever increasingly large scales, this group are new in that they are ideologically driven. Through a YouTube channel, the group post videos akin to those Osama bin Laden once used, to rally their followers, with their messages always delivered in a digitally altered voice emanating from behind a “Guy Fawkes” mask. The group uses incredibly strong rhetoric – 'we are the face of chaos' (Anonymous, 2011). The groups activities have been extensive and varied; in response to various governments – the US, Australia, Malaysia – proposing limitations on the openness of the Internet, they have taken dozens of government websites off-line (Connelly, 2012). To date the group has not attempted the kind of physical damage caused by Stuxnet, rather they use digital means to enact political protest. One example of the scope of their operations is an attack the group made against the cyber security firm, HBGary – a firm which provides security for many clients, including the US Government. In 2011 HBGary claimed they had information on the identities of members of the notorious group. Anonymous responded by attacking HBGary's servers, taking down their website, publishing 40 000 of the company's private emails, took down their phone system, and even took over the CEO's Twitter account and posted his social security number online (WEF 2011). They are pioneers of a new way that the public can express discontent – thus we have not only sabotage and attacks in this new battle-space, but also public protest. The next example is one of a state acting against a non-state actor: the US Government and the WikiLeaks website. The relationship between these two parties has been heavily reported, and relates to many different areas, including international law, and public activism, but it has an intrinsic link

with cyber-warfare, and cyber-security. Intelligence on other parties has always been a part of security, and has become exponentially relevant in the information age. The very existence of WikiLeaks, and organisation which publishes thousands of classified documents from around the world, could be seen as a threat to the security of many different states – a threat to which the US has taken particular umbrage. One side to the WikiLeaks issue that is less well known, especially regarding details, is the US policy against the organisation. In 2011, an IT firm called Palantir Technologies worked with cyber-security firm HBGary to compile a proposal for attacks against WikiLeaks, as commissioned by the US Government (Greenberg, 2011). In the words of the proposal:
'Cyber attacks against the infrastructure [of WikiLeaks] to the get data on document submitters. This would kill the project.' (Palantir, 2011).

But this is where things get interesting. The evidence we have for this US-planned attack – a single .pdf file – was found during Anonymous' leak of HBGary emails. That .pdf was then uploaded and sourced from WikiLeaks itself. However, this source cannot be properly referenced, as the server which holds the document – WikiLeaks – has just been brought down by a cyber-attack. WikiLeaks, and another website, Pirate Bay, have been under DDoS attack for three days (from 8/8/2012 and ongoing on 11/8/2012). A Twitter account named 'AntiLeaks', under the leadership of an individual known simply as 'DietPepsi', has claimed responsibility for the attack (Choney, 2012). Perhaps the most overarching similarities between this myriad of issues, in the context of cyberspace as a battlefield, are their complexity, and their ongoing development. Especially with the WikiLeaks issue, there are literally developments every day. Even with the more traditional state conflicts, all governments are currently developing policies, and trying to come to terms with the implications of these new weapons and practices. But as we struggle to understand, and secure, our new interconnected world, it is very apparent the scope of the issue. I go back to the Stuxnet virus, which epitomises this scope: an open-souce weapon of potential mass destruction, available for download to any state, group, or individual with the skills to use it. Apocolypic scenes of nuclear meltdown, freezing of all banking systems, loss of oil-supply, and even poisoned water systems are all possible, thanks to this new weapon. Cyberspace, as we continue to be shown through unfolding events, is the new battlefield of the twenty-first century – not only is this an expansion on traditional physical conflict, but a degradation of already-precarious security.

Reference List

'International: Newly nasty; Cyberwarfare'. 2007. The Economist, 383(8530), pp. 76-76. Retrieved from: http://search.proquest.com/docview/223982270 Choney, S., 'WikiLeaks site down for days, victim of massive denial-of-service attack', NBCNews, August 11, 2012, http://www.technolog.msnbc.msn.com/technology/technolog/wikileaks-site-downdays-victim-massive-denial-service-attack-935117 FREEDMAN, R.O., 2011. 'Stuxnet's Impact'. Baltimore Jewish Times, 318(4), pp. 34-37. Retrieved from http://search.proquest.com/docview/852790944 Glenny, M. 2011 'Hire the Hackers!', TEDGlobal 2011. Retrieved at: http://www.ted.com/talks/misha_glenny_hire_the_hackers.html Goldstein, G. 2010, 'How cyber-attacks threaten real-world peace', TEDxParis 2010. Retrieved at: http://www.ted.com/talks/lang/en/guy_philippe_goldstein_how_cyberattacks_threaten_real_world_pe ace.html Markoff, J., Sanger, D., and Shanker, T., 2010, 'Cyberwar: In Digital Combat, U.S. Finds No Easy Deterrent', New York Times, January 26, http://www.nytimes.com/2010/01/26/world/26cyber.html? ref=cyberwar Palantir Technologies report, The WikiLeaks Threat, 2011, Palantir Technologies. Retrieved from www.wikileaks.org (currently off-line). 'Stuxnet: The Anatomy of a Computer Virus' 2011, television series episode, Hungry Beast, ABC Television. Retrieved from: http://www.abc.net.au/tv/hungrybeast/stories/stuxnet-anatomy-computervirus/index.html Sheehan, M. 2011, 'The Changing Character of War', in Baylis, J., Smith, S. & Owens, P. (eds.), The Globalisation of World Politics: An Introduction to International Relations, Oxford University Press, Oxford. The World Economic Forum's report, Global Risks 2012, 2011, The World Economic Forum, Retrieved from http://www.weforum.org/reports/

Sponsor Documents

Or use your account on DocShare.tips

Hide

Forgot your password?

Or register your new account on DocShare.tips

Hide

Lost your password? Please enter your email address. You will receive a link to create a new password.

Back to log-in

Close