Cyberwarfare

From Wikipedia, the free encyclopedia

  (Redirected from Cyberwar)
Jump to: navigation, search
"Cyberwar" redirects here. For the video game, see Cyberwar (video game).
 This article's tone or style may not be appropriate for Wikipedia. Specific concerns may be found on the talk page. See Wikipedia's guide to writing better articles for suggestions. (November 2009)
Mergefrom.svg
 It has been suggested that List of cyber attack threat trends be merged into this article or section. (Discuss)
Mergefrom.svg
 It has been suggested that iWar be merged into this article or section. (Discuss)
Computer security
Secure operating systems
Security architecture
Security by design
Secure coding
Computer insecurity
Vulnerability Social engineering
Eavesdropping
Exploit Trojan
viruses and worms
Denial of service
Payload Backdoor
Rootkit
Keylogger
This box: view  talk

Cyberwarfare, (also known as cyberwar and Cyber Warfare), is the use of computers and the Internet in conducting warfare in cyberspace.[1]

Contents

[edit] Cyber warrior

A "cyber warrior" is a person who is highly skilled in the art of Cyber Warfare. Governments, their militaries, law enforcement, the private sector and criminals (individuals or groups) around the world are taking the initiative to train their people in the field of cyber warfare. The necessary skills that a cyber warrior possesses will vary in magnitude; however, the key skills include: information security, hacking, espionage, and computer forensics.[citation needed]

[edit] Battlefield

Cyber warfare terrain includes all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. The terrain does not end in a field, mountain range, or a coastline, rather the cyber warfare terrain encompasses the cities, communities, and the world, in which we live. The 21st century battlefield is comprised of many components that include the Internet and all things that connect from a computer to the Internet. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. The terrain also encompasses information systems like the electrical grids, telecommunication systems, and various corporate and military robotics systems.[citation needed]

[edit] Tactics

There are several methods of attack in cyberwarfare; this list is ranked in order of mildest to most severe.[2]

  • Cyber espionage: Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers.
  • Web vandalism: Attacks that deface web pages, or denial-of-service attacks. This is normally swiftly combated and of little harm.
  • Propaganda: Political messages can be spread through or to anyone with access to the internet or any device that receives digital transmissions from the Internet to include cell phones, PDAs, etc.
  • Gathering data: Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world. See Titan Rain and Moonlight Maze.
  • Distributed Denial-of-Service Attacks: Large numbers of computers controlled by one person launch a DoS attack against systems
  • Equipment disruption: Military activities that use computers and satellites for coordination are at risk from this type of attack. Orders and communications can be intercepted or replaced, putting soldiers at risk.
  • Attacking critical infrastructure: Power, water, fuel, communications, commercial and transportation are all vulnerable to a cyber attack.
  • Compromised Counterfeit Hardware: Common hardware used in computers and networks that have malicious software hidden inside the software, firmware or even the microprocessors.

[edit] Reported threats

The Internet security company McAfee stated in their 2007 annual report that approximately 120 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities.[citation needed]

In activities reminiscent of the Cold War, which caused countries to engage in clandestine activities, intelligence agencies are routinely testing networks looking for weaknesses. These techniques for probing weaknesses in the internet and global networks are growing more sophisticated every year.[3]

Jeff Green, senior vice president of McAfee Avert Labs, was quoted as saying "Cybercrime is now a global issue. It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security." They predicted that future attacks will be even more sophisticated. "Attacks have progressed from initial curiosity probes to well-funded and well-organized operations for political, military, economic and technical espionage," [4]

The report from McAfee says that China is at the forefront of the cyberwar. China has been accused of cyber-attacks on India and Germany and the United States. China denies knowledge of these attacks. Arguments have been expressed regarding China’s involvement indicating, in the methods of computer Hackers who use zombie computers, it only indicates that China has the highest number of computers that are vulnerable to be controlled.[5]

In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. Estonian authorities, including Estonian Foreign Minister Urmas Paet accused the Kremlin of direct involvement in the cyber attacks [6]. Estonia's defence minister later admitted he had no evidence linking cyber attacks to Russian authorities [7].

[edit] Electrical power grid

The federal government of the United States admits that the electric power transmission is susceptible to cyberwarfare.[8][9] The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks, the federal government is also working to ensure that security is built in as the next generation of "smart grid" networks are developed.[10] In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials.[11][12] The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately protected from cyber attack.[13] China denies intruding into the U.S. electrical grid.[14][15] One counter measure would be to disconnect the power grid from the Internet and run the net with droop speed control only.[16][17] Massive power outages caused by a cyber attack, could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.

[edit] History of attacks

  • In 1991, it was reported by somebody in the air force that a computer virus named AF/91 was created and was installed on a printer chip and made its way to Iraq via Amman, Jordan.[18] Its job was to make the Iraqi anti-aircraft guns malfunction; however, according to the story, the central command center was bombed the virus was destroyed.[19] The virus; however, was found to be a fake.[20]
  • In 1998, in order for US and NATO to bomb Serbian targets successfully in Kosovo, the USA needed to hack into the Serbian air defense system and trick the Serbian Air Traffic Controllers.[21] The US accomplished its goal so well that there was concern about continuing or escalating the attacks because the US didn't want to hack into any further Serbian targets because of fear of damaging civilian targets.[22]
  • In 2007, the United States government suffered an "an espionage Pearl Harbor" in which an "unknown foreign power...broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information."[24]
  • On 14 December 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian organization". During the election campaigns and riots preceding the election, there were cases of Denial-of-service attacks against the Kyrgyz ISPs.[26]
  • On March 28, 2009, a cyber spy network using servers mainly based in China has tapped into classified documents from government and private organizations in 103 countries, including the computers of Tibetan exiles,[28][29] but China denies the claim.[30][31]

[edit] Cyber counterintelligence

Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions.[33]

  • On April 7, 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.[34]
  • On April 1, 2009, U.S. lawmakers are pushing for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.[35]
  • In the wake of the cyberwar of 2007 waged against Estonia, NATO established the Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, in order to enhance the organization’s cyber defence capability. The center was formally established on the 14th of May, 2008, and it received full accreditation by NATO and attained the status of International Military Organization on the 28th of October, 2008.[37] Since Estonia has led international efforts to fight cybercrime, the United States Federal Bureau of Investigation says it will permanently base a computer crime expert in Estonia in 2009 to help fight international threats against computer systems.[38]

[edit] Project of the International Convention on Prohibition of Cyberwar

A Ukrainian professor of International Law, Alexander Merezhko, has developed a project called the International Convention on Prohibition of Cyberwar in Internet. According to this project, cyberwar is defined as the use of Internet and related technological means by one state against political, economic, technological and information sovereignty and independence of any other state. Professor Merezhko's project suggests that the Internet ought to remain free from warfare tactics and be treated as an international landmark. He states that the Internet (cyberspace) is a "common heritage of mankind."[39]

[edit] See also

[edit] Further reading

  • Brenner, S. (2009). Cyber Threats: The Emerging Fault Lines of the Nation State. Oxford University Press. ISBN 0195385012
  • Ventre, D. (2009). Information Warfare. Wiley - ISTE. ISBN 9781848210943

[edit] References

  1. ^ DOD - Cyberspace
  2. ^ Cyberspace and the changing nature of warfare. Strategists must be aware that part of every political and military conflict will take place on the internet, says Kenneth Geers.
  3. ^ Griffiths, Peter. "World faces "cyber cold war" threat". Reuters. http://ca.news.yahoo.com/s/reuters/071129/tecnology/tech_britain_internet_col. Retrieved 2007-11-30. 
  4. ^ "Cyber Crime: A 24/7 Global Battle". Mcafee. http://www.mcafee.com/us/research/criminology_report/default.html. Retrieved 2007-11-30. 
  5. ^ "China 'has .75M zombie computers' in U.S.". http://www.upi.com/International_Security/Emerging_Threats/Briefing/2007/09/17/china_has_75m_zombie_computers_in_us/7394/. Retrieved 2007-11-30. 
  6. ^ Estonia accuses Russia of 'cyber attack'
  7. ^ Estonia has no evidence of Kremlin involvement in cyber attacks
  8. ^ BBC: Spies 'infiltrate US power grid'
  9. ^ CNN: Video
  10. ^ Reuters: US concerned power grid vulnerable to cyber-attack
  11. ^ Electricity Grid in U.S. Penetrated By Spies
  12. ^ Fox News: Video
  13. ^ NERC Public Notice
  14. ^ Xinhua: China denies intruding into the U.S. electrical grid
  15. ^ China Daily: 'China threat' theory rejected
  16. ^ ABC News: Video
  17. ^ The Raw Story: Disconnect electrical grid from Internet, former terror czar Clarke warns
  18. ^ Smith, George. "Iraqi Cyberwar: an Ageless Joke." SecurityFocus. 10 Mar. 2003. Web. 11 Oct. 2009. <http://www.securityfocus.com/columnists/147>.
  19. ^ <http://www.securityfocus.com/columnists/147>.
  20. ^ <http://www.securityfocus.com/columnists/147>.
  21. ^ Hancock, Bill. "Security Views." Computers & Security 18 (1999): 553-64. ScienceDirect. Web. 11 Oct. 2009. <http://www.sciencedirect.com/science?_ob=MImg&_imagekey=B6V8G-463GSGP-2-1&_cdi=5870&_user=47004&_orig=search&_coverDate=12%2F31%2F1999&_sk=999819992&view=c&wchp=dGLzVlz-zSkWA&md5=a6d6590f9a8954864a1abbd91dd0a981&ie=/sdarticle.pdf>.
  22. ^ "Interviews: John Arquilla." Interview. Frontline: cyber war! PBS, 24 Apr. 2003. Web. 9 Oct. 2009. <http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/interviews/arquilla.html>.
  23. ^ Jim Wolf,"U.S. Air Force prepares to fight in cyberspace", Reuters, November 3, 2006
  24. ^ http://www.cbsnews.com/stories/2009/11/06/60minutes/main5555565.shtml
  25. ^ Ian Traynor, 'Russia accused of unleashing cyberwar to disable Estonia", The Guardian, May 17, 2007
  26. ^ Website of Kyrgyz Central Election Commission hacked by Estonian hackers, Regnum, 14 December 2007
  27. ^ Danchev, Dancho (2008-08-11). "Coordinated Russia vs Georgia cyberattack". ZDnet. http://blogs.zdnet.com/security/?p=1670. Retrieved 2008-11-25. 
  28. ^ AP: Researchers: Cyber spies break into govt computers
  29. ^ CTV News: Video clip
  30. ^ Foreign Ministry Spokesperson Qin Gang's Remarks on the So-called Chinese Cyber-Spy Ring Invading Computers in Countries
  31. ^ embassy scoffs at reports of cyber spying
  32. ^ BBC News: New cyberattacks hit South Korea
  33. ^ DOD - Cyber Counterintelligence
  34. ^ CBS News: Pentagon Bill To Fix Cyber Attacks: $100M
  35. ^ Senate Legislation Would Federalize Cybersecurity
  36. ^ CBS News: White House Eyes Cyber Security Plan
  37. ^ [1]
  38. ^ [2]
  39. ^ http://www.politik.org.ua/vid/publcontent.php3?y=7&p=57

[edit] External links

Search Wikibooks Wikibooks has a book on the topic of


Retrieved from "http://en.wikipedia.org/wiki/Cyberwarfare"