Information Warfare: Cyber Terrorism - Coursework Example

Cyber Terrorism [Name of the Student] [Name of the University] Abstract Computers and information technology are to be found in every sphere of endeavour, and such reliance is expected to increase in the future. Modern warfare has not lagged behind and it has made a forceful entry into the information age. Cyber attacks and weapons have emerged as some of the most frequently employed means of projecting power and influence. This work deals with cyber terrorism as well as its alter ego, namely Information warfare, which have a major impact on the military security information system. In addition, this work discusses various forms of cyber terrorism, the reasons behind its prevalence all over the world, and the various ways to contain this problem. Moreover, it discusses the effects of information warfare on military information and communication systems. Both sides of the argument like defensive and offensive systems of information warfare were taken up for discussion. Reasons and methods of the exploration of the problem and solutions were suggested. Various strategies adopted by NATO to circumvent the problem and its implications on various nations were analysed. Finally conclusions were arrived at based on the findings of the work. As such, it was concluded that cyber warfare can be controlled by adopting a reliable cyber system, by each and every nation. A number of standards were suggested for adoption, during the course of establishing a cyber system in a country, so as to deal with this problem successfully. It would be extremely effective for a nation, to implement a competent and fool proof cyber system, in order to effectively contain with the cyber terrorism problem. Cyber Terrorism Introduction Cyber Terrorism affects society in a number of ways. Military information is not an exception to these attacks, and the following discussion proves this contention. Cyber terrorism assumes various forms and employs as its weapons, a number of computer applications and devices. Its objectives are primarily to destroy the adversary’s defensive capability; minimise the capacity of an adversary to initiate a counter attack; and enhance the adversary’s willingness to accede to the demands of the cyber terrorist (Jacobs, Chitkushev, & Zlateva, 2010, p. 120). Cyber warriors, chiefly focus on depriving the information and communication systems of the adversary unusable. This is accomplished by compromising the service delivery capacity of the infrastructure. It is commonplace for denial of service category of attacks to exploit the shortcomings inherent in the extant networking mechanisms and protocols. In addition, cyber warriors tend to destroy their adversary’s or target’s confidence in the integrity of its infrastructure. Industries, such as the finance industry, are severely affected by such attacks. These industries rely to a major extent on their communication infrastructure (Jacobs, Chitkushev, & Zlateva, 2010, p. 120). Such attacks render the target disinclined to use its networking resources, and the outcome is a substantial decline in communication activities. Another strategy of cyber terrorism is the destruction of infrastructure components and the prevention of the target from employing its assets. Such interventions could prove to be disastrous in crucial areas, such as defence applications. An instance of such attacks transpired in the year 2007 against Estonia (Jacobs, Chitkushev, & Zlateva, 2010, p. 121). Moreover, Information warfare has been an integral feature of every military engagement. It has always been crucial in determining the outcome of wars. Denning stated that information warfare includes acts that are aimed at protecting, corrupting, denying, exploiting, and destroying information or its resources (Joyner & Lotrionte, 2001, p. 827). The objective of information warfare is to gain substantial advantage or victory over an opponent. Discussion Information warfare can be classified as offensive and defensive, wherein offensive information warfare attempts to alter or prevent information from being utilised by the defence with the aim of benefiting the offense. On the other hand defensive information warfare attempts to protect information from attacks (Lawson, 2002). Information security and defensive information warfare are closely interlinked. The identity of a human or computing device is required to be unique, and several forms of identity are to be found in electronic commerce and communication. A few of the more common identities are; Data Link Media Access Addresses (MAC), Internetworking addresses(IPv4/IPv6); Application addresses (TCP/UDP/SCTP Port numbers), Web Server addresses, electronic mail identifiers and Voice over IP sources and destinations (SIP URIs) (Jacobs, Chitkushev, & Zlateva, 2010, p. 121). It is very difficult to control MAC and IP addresses in large intricate intranets and backbone networks. In addition, IP addresses cannot be reliably used as identities for taking access control decision. This is due to the fact that such IP addresses are unverifiable and are generated routinely as a component of network based attacks. Thus, several modern applications have discarded the Internet Assigned Numbers Authority controlled transport protocol port numbers. These applications have resorted to dynamically negotiating port numbers, while establishing an application session (Jacobs, Chitkushev, & Zlateva, 2010, p. 121). Moreover, there is frequent purchase and sale of Web URLs and these should lend themselves to being searched in the Internet Domain Name System (DNS) of servers. Whenever, a customer changes his electronic mail service provider, a different Email URI has to be used. This is due to the fact that such URIs are exclusive to a particular service provider. This also holds good for SIP URIs, while taking into account multimedia services that are based on a service provider (Jacobs, Chitkushev, & Zlateva, 2010, p. 121). Cyber attacks and terrorist acts that are based on computers pose the same degree of danger to the country, as missile attacks. This warning was issued by the Cyber Defence Chief of NATO. For example, a Minute Man III ICBM travels 8, 000 miles at a velocity of 15,000 miles per hour. On the other hand, a cyber weapon travels almost at the speed of light or 186,000 miles per second, and its range is unlimited. Furthermore, cyber weapons have the same design as a missile. The latter incorporates a delivery vehicle, a navigations system and the payload or component that causes destruction. These features are invariably present in cyber weapons (Coleman, 2010, p. 494). NATO has taken cognisance of the fact that a military strategy has to be applied to the latest vista of warfare, namely the Internet. In order to circumvent such threats, NATO installed a defence centre at Tallinn (Cyber Defence, 2011). The thirty odd personnel at the Cooperative Cyber Defence Centre of Excellence evaluate emerging computer viruses and other electronic threats. Thereafter, this organisation sends alerts to the governments that sponsor NATO. There are many difficult questions that arise in this environment. Thus, the experts on law, science, technology and the military have spared no efforts to arrive at a solution to these pressing problems. Some of these are; what can be deemed to be a cyber attack on a member of the NATO that would obligate the other members to render assistance to the affected member; and what are the means by which a member can defend itself in cyber space (Grobler, van Vuuren, & Zaaiman, 2011, p. 95). The solutions provided to these questions admit of considerable divergence. Thus, the US has allocated additional funds to ensure cyber defences; whereas, Estonia has initiated measures to render its citizens knowledgeable and vigilant regarding online threats (Grobler, van Vuuren, & Zaaiman, 2011, p. 95). Estonia was selected as the cyber war brain of the NATO. This was the outcome of the fact that this country was subjected to large scale cyber attacks in the year 2007 (Ringsmose & Rynning, 2011). Considerable thought was expended on this development, as Estonia righty enjoyed the reputation of being a redoubtable digital society. The defence minister of Estonia promptly labelled this incident as an attack against the nation (McMillan, 2010). The US has indicated its preference for employing a military strategy approach to this problem. However, Estonia decided to impart the necessary knowledge to its citizens, whereby they could take the necessary precautions to identify risks and promote cyber security. This initiative was to begin at the very level of schoolchildren (Grobler, van Vuuren, & Zaaiman, 2011, p. 96). Obviously this makes sense, as a nation of well – informed citizens, are best equipped to defend the nation against cyber attacks. A major issue related to the establishment of the standards essential for absolving the responsibility of a country for failing to ensure due diligence relates to whether the adoption of explicit rules in national legislation would be adequate or whether a criminal investigation have to be conducted by the authorities of that country. Furthermore, it is essential to declare whether a due diligence norm could be applied after an attack had transpired (Grobler, van Vuuren, & Zaaiman, 2011, p. 97). In order to engender responsibility of a country, while forming a cyber system, the following measures have to be adopted. First, a relevant national strategy has to be formulated and this is to be adhered to by all the major stakeholders and agencies. Second, a national endorsement body has to be established with regard to cyber security. Third, implementation of a national coordination mechanism. Fourth, the national cyber security endeavour should embrace the private sector and professional communities, without any exceptions. Finally, the required resources and institutional changes are to be made available (Grobler, van Vuuren, & Zaaiman, 2011, p. 97). Furthermore, the international implementation of a reliable cyber system by every nation would make it much simpler to ensure cyber defence at the global level. An attempt to dissuade cyber crimes was made by the European Commission, via its plans to impose much more stringent penalties for such crimes. The deplorable large scale cyber attacks in Estonia and Lithuania have brought this point home with considerable force. It is now evident that much stricter laws will have to be enforced, with respect to cyber crime (Grobler, van Vuuren, & Zaaiman, 2011, p. 97). As such, the UK, France, Lithuania and Estonia provide for much more stringent punishments for cyber crime. The US has also viewed such crime with considerable seriousness, and the Obama Administration has designated the containment of cyber crime a very important priority. Not to be outdone, the European Union has decided to implement a mechanism, whereby information regarding a cyber attack on a member state can be quickly notified to the other member states. This endeavour is expected to provide a better idea regarding the scope of cyber crime (Grobler, van Vuuren, & Zaaiman, 2011, p. 97). The weapons of the cyber world are fundamentally computer software code that can be disseminated over a network. Some of the common varieties of such weapons are Worms, Spyware, Key loggers, Trojans and Botnets. Unlike conventional weapons, cyber weapons are extremely easy to replicate, and a large number of copies of malicious code can be produced without any expenditure of money. In addition to being simple to distribute in very large numbers, such weapons are difficult to trace to their origin (Rao, 2009, p. 463). This makes for considerable difficulty in deterring attacks with cyber weapons. Conclusion Cyber attacks have increased in their effectiveness, and in conjunction with the advent of cyber warfare, this development has proved to be troublesome to military leaders and governments, all over the world. Many countries have expressed great concern over cyber warfare. However, International law does not have specific provisions for dealing with cyber warfare. Modern warfare has to perforce incorporate cyber capabilities, and this has to be fully integrated into military doctrine. Thus, cyber warfare has achieved the position of being a crucial constituent of any overall strategy that seeks to promote national security. In fact, it constitutes a critical military competency and is not to be treated in isolation. Despite the near consensus regarding the legal restrictions that should apply to cyber warfare, there has been minimal agreement regarding the manner in which international humanitarian law is to be applied to this menace .There is a pressing need to arrive at an accord at the international level, with respect to the due diligence requirements to be fulfilled by a country. These requirements will ensure that a country is not made responsible for failing to protect other nations from cyber attacks launched from its land. In addition, Cyber weapons are time sensitive, due to the fact, that vulnerability in the system could be rectified in the future. This requires the developer of cyber weapons to discover new vulnerabilities. In addition, the rapidly and continuously developing software of cyber space requires cyber weapons to develop with the same speed and level of sophistication. The vulnerability of the target determines the cyber weapon to be employed. In the absence of vulnerability there can be no cyber attack. This does not obtain in practice, because the intricacy of systems makes it extremely difficult to prevent vulnerabilities. Thus, while rectifying vulnerability in a system, another tends to be created. However, it is indispensable for the homeland security community, intelligence agencies, leaders of government and the military to counter cyber terrorism and cyber warfare, in a systematic manner. In addition, these entities have to generate the required competence in military intelligence to protect the nation from such attacks. It can be surmised that, cyber terrorism, affects society and Military Information system. New strategies should be developed to contain the problem of Information warfare, since its objective is to attack military information and communication systems of the country, which constitute the principal element of security of any nation. List of References Coleman , K. (2010). The Weaponry and Strategies of Digital Conflict . Proceedings of the International Conference on Information Warfare & Security, 491 – 499. Cyber Defence. (2011). Retrieved October 14, 2011, from NATO Cooperative Cyber Defence Centre of Excellence Tallinn, Estonia: http://www.ccdcoe.org/2.html Grobler, M., van Vuuren, J., & Zaaiman, J. (2011). • Changing the Face of Cyber Warfare with International Cyber Defense Collaboration. Proceedings of the International Conference on Information Warfare & Security, 92 – 98. Jacobs , S., Chitkushev , L., & Zlateva, T. (2010). Identities, Anonymity and Information Warfare. Proceedings of the European Conference on Informations Warfare & Security, 120 – 127. Joyner, C. C., & Lotrionte, C. (2001). Information Warfare as International Coercion: Elements of a Legal Framework. European Jouirnal of International Law, 12(5), 825 – 865. Lawson, S. M. (2002). Information Warfare: An Analysis of the Threat of Cyberterrorism Towards the US Critical Infrastructure. Retrieved October 12, 2011, from http://www.sans.org/reading_room/whitepapers/warfare/information-warfare-analysis-threat-cyberterrorism-critical-infrastruc_821 McMillan, R. (2010, March 17). Estonia defense minister: Cyberattacks will grow. Retrieved October 14, 2011, from COMPUTERWORLD: http://www.computerworld.com/s/article/9172478/Estonia_defense_minister_Cyberattacks_will_grow Rao, K. P. (2009). KVSS Prasad Rao Cyber Warfare and Its Implications for National Security. Journal of the United Service Institution of India, 139(578), 459 – 472. Ringsmose, J., & Rynning, S. (2011). NATO's New Strategic Concept: A Comprehensive Assessment. Copenhagen: Danish Institute for International Studies. Read More