Warfare and the Internet - Term Paper Example

WARFARE AND THE INTERNET Warfare and the Internet Customer Inserts His/Her Name Customer Inserts Grade Course Customer Inserts Tutor’s Name 27, 10, 2011 Table of Content Introduction 1 Literature review 1 Internet warfare 1 Digital divide 5 Asymmetric warfare 7 Stuxnet Virus 9 Impacts of Stuxnet Virus 10 Conclusion 11 Reference List 12 Introduction War is a state of prolonged conflict between parties characterised by extreme aggression, social disruption, and at times loss of life (Brenner 2009, p. 35). The conflicting parties involved in a war are characterised by differing opinions driven by different motives. Unlike conventional wars that are characterised by the use of physical weaponry, cyber warfare is characterised by the use of information technology systems. Clarke describes the later as the damaging or disruption of another country’s information network following invasion of the systems by another country (Clarke, 2010, p.13). In cyber war fare, the use of the internet to the enemy’s advantage is the measure of the amount of victory attained. This possibly explains the value of the use of internet in the current world and why very many countries are heavily investing in information technology systems. This paper critically examines cyber warfare and its impacts with regard to asymmetric war fare, physical digital divide and the digital theatre of battle. It further examines the role of the Stuxnet virus in cyber war with emphasis on its impacts. Literature review Internet warfare Brenner in his book “Cyber Threats: The Emerging Fault Lines of the Nation State” describes internet warfare as sabotage and espionage that occurs following hacking in to information systems (Brenner, 2009). As opposed to conventional wars that target physical space, cyber space is intangible yet the consequences of the crimes committed are equally fatal. Following hacking, not only is the privacy of confidential information compromised but the affected party’s psychology is equally threatened. This is the most common of cyber crimes as most hackers will constantly send threats to the parties entitled to the compromised information. The United Kingdom and the United States of America highly recognises the role of cyberspace in modern day warfare. This explains why these countries have heavily invested in security systems to guard against the occurrence of cyber crimes. The Pentagon in the US was quick to adopt the US Cyber Command as a protective measure against cyber war fare. The United Kingdom has the Cyber-security and operations center located at the Government Communication Headquarters (GCHQ) to handle cyber warfare. The Chinese government is equally protected against cyber warfare and related cyber crimes. Interestingly these three countries are among major battle sites for most of the crimes in cyber warfare. Though it adds value for countries sensitive to cyber warfare to design measures to protect themselves against such crimes, it would possibly add more value if every internet user was protected by a common law. As opposed to the use of protective measures that may only protect the interests of users in a particular country at a particular time, the use of a common protective law will ensure more benefits. Advocating for individual responsibility to ensure safety from cyber warfare only threatens the safety of developing countries. This is because such countries have limited resources and capacity. The priorities of these countries may also not recognise the value of internet safety. This implies that such countries may likely be of a greater advantage to hackers who may use their cyber space security inefficiency to target other countries. Just like in present day terrorism where terrorists are trained in developing countries because of lack of proper security surveillance in these countries, the existence of these countries can equally be used as training grounds for cyber space criminals. The fight against cyber warfare just like the fight against terrorism should thus be addressed at an international level as opposed to the use of individual responsibility at the level of each country. Individual responsibility in the fight against cyber ware fare is equally vulnerable since there are apparently not enough cyber experts in each country to handle the alarming increase in cyber crime rate (Ridd, 2003). The US in particular does not have enough numbers of qualified cyber experts to effectively combat the high rate of cyber warfare. Fighting an individual war on its own may thus not offer all of the expected safety from cyber warfare. In fact it only increases the risk of being subjected to threats by the cyber criminals as a way of testing its implicated security. Arreguin Toft (2001) indicates the alarming emerging trends in cyber warfare within the United States. This possibly explains why most American lawmakers are increasingly on a high alert to notify the government of protective measures to be put in place. Majority of the lawmakers highly recognise that cyber warfare can have serious impacts on the country and its people. According to most of the lawmakers, cyber warfare can have serious impacts if sensitive sectors of the economy such as the banking, medical, and transport network are targeted. This is because most of these sectors heavily rely on the use of computer information systems. It is thus essential to establish the implicated level of threat posed by cyber criminals in the event of an attack. Jaikummar in his book “Internet Warfare: Are we focusing on the Wrong things” gives an indication of the fact that the war against this crime is misguided (Jaikumar, 2009). According to Jaikummar, the implicated threat in cyber warfare is measured by the nature in which an information system is hacked in to. The vulnerability of the information systems to the manipulation and control of the hackers determines the magnitude of the threat. The term espionage is used to describe the manner in which the information systems can be invaded and subsequently modified or altered by the hackers. For institutions characterised by the use of commands and specified instructions such as the military, such an attempt by the hackers poses a very high risk. This is because the hackers can subsequently change the information given in orders and jeopardise the operation of an army in a mission. The US in particular has been subjected to both the Titan rain alongside the moonlight maze (Ancker, 2003, pp 18-28). Cyber warfare can also take the form of sabotage in which equipment used by an institution of particular interest to the enemy is vandalised. For instance the operation of an institution can come to a standstill when invaders destroy its computer systems and networks. This type of vandalism can equally be described as a breach of national security when sensitive institutions such as the military are attacked. Identifying the implicated risk in institutions threatened by cyber warfare and devising appropriate defence mechanism is thus superior to a general approach to cyber war fare. The most likely targets of cyber warfare in an enemy country include; the military, the power grid and the banking sector. Most countries highly threatened by cyber warfare should thus focus on the use of approaches that will possibly make it hard for intruders to hack in to these institutions. The overreliance on the use of the internet in itself is a very great risk. Unfortunately, every other country in the current information technology age is out to increase the use of online operations in almost every single operation on a system. This is done while forgetting the fact that internet use in itself is a risk factor. For instance, the power grid system is highly threatened because it is operated via internet (Ancker, 2003,pp 18-28). An attempt to shift towards the use of an internet free grid characterised by a drop free control may likely ensure more protection. The failure to enjoy a safe cyber space has also been increased by the failure to effectively liaise with system designers in ensuring total protection. In most institutions, the designers of the initial phases of the systems used are not incorporated in most security measures adopted in the future. This poses a greater risk as hackers can utilise the security inefficiency in the design of the systems to their advantage. The war on cyber crimes should thus be addressed from the root causes of vulnerability as opposed to addressing the immediate threats which seems to be the approach adopted by most countries. Digital divide Cordesman & Cordesman (2002) in their book titled; Cyber-threats, Information Warfare, and Critical Infrastructure Protection, describes digital divide as “differences in the rate of access to computers and the Internet among groups of people” (Cordesman & Cordesman 2002, p. 65). The groups of people implicated by differing abilities to afford access to technology can range from; religions, races and to a large extend nations or countries. These differences in the ability to access internet and information technology infrastructure in general can best be examined in the context of the developed and developing countries. Unlike developed countries, developing countries are yet to adopt a wide spread use of internet characterised by high levels of computer literacy (Ridd, 2011). Majority of the population in developing countries has been left behind by computer technology unlike in developing countries where even the young generation is highly exposed to computer use. The differences in computer use in developed and developing countries can also be measured in terms of the levels of protection from cyber warfare. Most developing countries not only have high rates of computer illiteracy as indicated by Rid (2011) but also suffer from lack of knowledge on cyber space safety. The differences in abilities with regard to access to information technology in developed and developing countries is a global problem that requires a global solution. Unfortunately, most countries are addressing their own situation independently. It is obvious that most developing countries have been left behind by information technology. In real sense this may seem like a competitive advantage to the developed world but apparently it is the greatest risk that remains unaddressed (Ridd, 2011). This is because most of the developed world has effective protection mechanisms while the developing countries lacking in such systems are used by criminals as breeding grounds for devising cyber crimes. In the current age, most of the cyber warfare crimes are devised in developing countries and tested on developed countries. This explains why developed countries should possibly consider helping developing countries to reinforce their cyber space protection too. Unfortunately, the need to enjoy a superior competitive advantage by most developed countries tends to derail this goal. As much as there exists a digital divide between the developed and developing countries, the war on cyber crimes may take relatively long to effectively combat. The digital divide and its role in complicating the fight against cyber warfare has further been complicated by cultural differences and attitudes towards the use of computer technology. Zetter (2011) while focusing on the Stuxnet virus indicates that the differences are not only limited to races but also spread to genders. On average, computer literacy is high among the white population as opposed to the black population. It also emerges that more male individuals than their female counterparts have access to information technology systems. There are also cultures in existence that tend to foster a general negative attitude towards computer use with the notion that computers are a western technology which should remain in the west. Such attitudes only serve to intensify digital divide by making it hard for individuals to adopt the use of computer technology. Digital divide can thus be described as a shared failure by both the developed and the developing countries to advocate for uniform access to computer literacy. While the developed countries can be blamed for protecting their competitive advantage over the developing countries, the later can also be blamed for their reluctance to adopt the technology. This reluctance is not only a result of economic challenges but also as a result of cultures that foster negative attitudes towards the use of computers. Asymmetric warfare Davis, Mohay & Edwards (2003) argue that countries in the same economic standards such as superpowers are equally characterised by similar military protection. When such countries enter in to conflicts and a conventional war occurs, there are likely to suffer the same magnitude of consequences. This is because the existence of equal or similar economic and military powers in such countries makes it hard for either of the countries to suffer more of the consequences of a war. An asymmetric warfare on the other hand is a situation where by the enemy utilises the inefficiency of another country to attack it. Most asymmetric enemies will thus utilise their ability to think and act differently from well armed military forces of a country to attack their enemy (Ancker, 2003,pp 18-28). The differences in doctrines advocate for by conflicting parties is an aspect that determines the nature of asymmetric threats. Asymmetric threats will thus entail the use of capabilities that can not be depicted by superpowers to attack. Most acts of current day terrorism are measured by asymmetric threats. Other than the use of chemical weapons, nuclear energy and biological weapons, the use of cyber warfare is increasingly emerging among conflicting countries (Lambakis, 2003,pp106-116). There is an increasing understanding of the fact that many conflicting countries of a weak military defence can heavily attack superpowers via the use of asymmetric threats (Ancker, 2003, pp 18-28). This is because the security systems in most superpowers are yet to familiarise with asymmetric threats and the tactics involved. This was possibly the case implicated in the events that transpired during the bombing of the World trade centre in New York. The existence of a digital divide as opposed to differences in military defence is an aspect that can highly be utilised by modern day terrorists to attack superpowers. In the article; Why Big Nations Lose Small Wars: The Politics of Asymmetric Conflict, Andrew (1975) indicates that ; “Asymmetric warfare" can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other's characteristic weaknesses” (p. 76). He adds to say that, “Such struggles often involve strategies and tactics of unconventional warfare, the "weaker” attempts to use strategies to offset deficiencies in quantity or quality” (p. 76). The United States of America is a lead target of asymmetric warfare by its enemies in the Middle East. The Chinese government for instance has on accounts been accused of attempting to sabotage operations in the US power grid using computer technology. Such an attempt if successful can greatly affect the lives of many Americans. The war on Japan by the US in which the Japanese military used long lance torpedoes to ruin efforts by the US military serves as another illustration of asymmetric warfare (Lambakis, 2003,pp 106-116). The rise in the use of asymmetric warfare and the implicated dire consequences can only serve as a lesson to current day security systems. However, unlike conventional wars whose targets and tactics are clearly known especially by military forces, the use of symmetric warfare is a great challenge. This is because in the later, the tactics are only known to the enemy and most attacks will find the target country not prepared. The extend to which cyber warfare can be used as an asymmetric warfare lies with the digital divide among parties. For as long as the differences in the access to computer information remains unequal, the war on cyber crimes remains unresolved. Most criminals implicated in cyber warfare will utilise developing countries as breeding grounds for terror activities and possibly test them on developed countries. This explains the need to advocate for equal access to computer technology and international safety from cyber warfare. Stuxnet Virus Stuxnet virus refers to the computer worm that affects systems running on Microsoft Windows common to the Siemens industrial products. The worm was first discovered in June 2010 and it is the first malware ever discovered to spy industrial systems. It was also ranked as the first to have a programmable logic controller (PLC) rootkit (Stepanova 2008). This virus tends to spread indiscriminately and greatly subverts Siemens industrial systems. When the systems are affected by the worm, the devices in the system cannot be reprogrammed as the Step-7 is subverted by the virus. In the Siemens industrial systems, its main target is the Siemens supervisory control and data acquisition (SCADA). The main target in 2010 was the Iran nuclear power technologies that rely on Siemens Industrial systems The existence of the virus has highly be blamed on both the US and Israel (Bicheno 2003). Impacts of Stuxnet Virus The complexity of the computer worm makes it hard to clearly state its impacts. However, its impacts in Iran can still be recognised. Since the formation of the virus was blamed on the US and Israel, the diplomatic relations between Iran and these two countries have ever since been negatively affected. This is despite the fact that neither the US or Israel has claimed responsibility for the attacks. Various research scientists and security agencies are equally tormented by the virus and are currently living in fear of what might happen in the future. In particular, the people of Iran are in great fear of the risk posed by the cyber warfare. The situation is further complicated by the inability of the security agencies to effectively identify the source of the virus. The implication of the US and Israel in the threat has also led to the need to develop effective security measures in both the US and Israel. This is done in the fear of the possibility that Iran or any other of its sympathizers may likely revenge for the damages caused (Cordesman & Cordesman (2002). The move by the Pentagon to establish the Cyber Command was possibly because of the increased risk posed by this fear. Similarly, Israel has put up Unit 8200 that takes care of its cyber security. The implicated threats caused by the emergence of this virus has also pushed other countries to heavily invest in cyber space protection at the expense of other aspects of the economy. Israel for instance, is reported to have invested more than half its usual budget in security on Unit 8200 after the discovery of the virus. United States as well was forced to put up Cyber Command which, according to various scholars such as Brenner (2009) and Andrew (1975), is very expensive to maintain. The scenario is the same with the United Kingdom as her Cyber-security and operations center is equally expensive. Since the economy of Iran heavily relies on nuclear technology, the virus had great economic impacts. Recent statistics show that the number of centrifugal machines at Natanz plant has reduced from 4,920 in 2009 to 3,772 as recorded in August 2010. This serves as a clear indication of the direct impact of the virus. Iran has also been forced to heavily invest in cyber security in an effort to maintain a manageable level of risk. This is such a burden for the entire economy of Iran that heavily relies on nuclear power. The security agencies in Iran are equally disturbed by the amounting pressures on them to improve safety measures. Conclusion It is clear that cyber warfare is a new approach in modern day wars whose impacts are equally as bad as the impacts of a conventional war fought in physical space. However, the challenge of this type of war is greater since most of the enemies will attack their presumed opponents when they least expect using very unfamiliar tactics. In an attempt to effectively address this challenge, there is need to increase the need to familiarise with computer technologies around the globe. This should go hand in hand with the use of international laws to protect the entire world against cyber space crimes. Though each individual country needs to have its own protective mechanisms, the use of international protection may likely earn greater benefits against the effects of this type of war. Reference List Ancker,C, 2003, The Doctrines of Asymmetric Warfare, The Military Review. July –Aug;pp. 18-28. Andrew, JR 1975, ‘Why Big Nations Lose Small Wars: The Politics of Asymmetric Conflict’, World Politics, Vol. 27, no. 2, pp. 175–200. Arreguin-Toft, I 2001, ‘How the Weak Win Wars: A Theory of Asymmetric Conflict’, International Security, Vol. 26, no. 1, pp. 93–128.  Bicheno, H 2003, Rebels & Redcoats, HarperCollins, London. Brenner, S 2009, Cyber Threats: The Emerging Fault Lines of the Nation State, Oxford University Press, London. Cordesman, H & Cordesman, G 2002, Cyber-threats, Information Warfare, and Critical Infrastructure Protection, Greenwood Publishers, Washington DC. Davis, L, Mohay, H & Edwards, H 2003, ‘Cyberspace Innkeeping: Building Online Community’, Journal of Networking, vol. 42, no. 6, pp. 578–86. Jaikumar, V 2009, ‘Internet warfare: Are we focusing on the wrong things?’ IT in Government. Available from:. [25 October 2011]. Lambakis, S 2003, ‘Reconsidering Assymetric Warfare’, JFQ, 36; pp 106-126. Rid, T 2011, ‘Cyber War Will Not Take Place’, Journal of Strategic Studies, Vol. 14, no. 2, pp. 75–110. Stepanova, E 2008, Terrorism in asymmetrical conflict, Oxford University Press, Oxford. Zetter, K 2011, ‘How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History’, Threat Level Blog. Available from: . [25 October 2011].  Read More

Just like in present day terrorism where terrorists are trained in developing countries because of lack of proper security surveillance in these countries, the existence of these countries can equally be used as training grounds for cyber space criminals. The fight against cyber warfare just like the fight against terrorism should thus be addressed at an international level as opposed to the use of individual responsibility at the level of each country. Individual responsibility in the fight against cyber ware fare is equally vulnerable since there are apparently not enough cyber experts in each country to handle the alarming increase in cyber crime rate (Ridd, 2003).

The US in particular does not have enough numbers of qualified cyber experts to effectively combat the high rate of cyber warfare. Fighting an individual war on its own may thus not offer all of the expected safety from cyber warfare. In fact it only increases the risk of being subjected to threats by the cyber criminals as a way of testing its implicated security. Arreguin Toft (2001) indicates the alarming emerging trends in cyber warfare within the United States. This possibly explains why most American lawmakers are increasingly on a high alert to notify the government of protective measures to be put in place.

Majority of the lawmakers highly recognise that cyber warfare can have serious impacts on the country and its people. According to most of the lawmakers, cyber warfare can have serious impacts if sensitive sectors of the economy such as the banking, medical, and transport network are targeted. This is because most of these sectors heavily rely on the use of computer information systems. It is thus essential to establish the implicated level of threat posed by cyber criminals in the event of an attack.

Jaikummar in his book “Internet Warfare: Are we focusing on the Wrong things” gives an indication of the fact that the war against this crime is misguided (Jaikumar, 2009). According to Jaikummar, the implicated threat in cyber warfare is measured by the nature in which an information system is hacked in to. The vulnerability of the information systems to the manipulation and control of the hackers determines the magnitude of the threat. The term espionage is used to describe the manner in which the information systems can be invaded and subsequently modified or altered by the hackers.

For institutions characterised by the use of commands and specified instructions such as the military, such an attempt by the hackers poses a very high risk. This is because the hackers can subsequently change the information given in orders and jeopardise the operation of an army in a mission. The US in particular has been subjected to both the Titan rain alongside the moonlight maze (Ancker, 2003, pp 18-28). Cyber warfare can also take the form of sabotage in which equipment used by an institution of particular interest to the enemy is vandalised.

For instance the operation of an institution can come to a standstill when invaders destroy its computer systems and networks. This type of vandalism can equally be described as a breach of national security when sensitive institutions such as the military are attacked. Identifying the implicated risk in institutions threatened by cyber warfare and devising appropriate defence mechanism is thus superior to a general approach to cyber war fare. The most likely targets of cyber warfare in an enemy country include; the military, the power grid and the banking sector.

Most countries highly threatened by cyber warfare should thus focus on the use of approaches that will possibly make it hard for intruders to hack in to these institutions. The overreliance on the use of the internet in itself is a very great risk. Unfortunately, every other country in the current information technology age is out to increase the use of online operations in almost every single operation on a system. This is done while forgetting the fact that internet use in itself is a risk factor.

Read More