Crippling effect: Strong evolution could dominate cyber warfare

The exponential expansion of the computer and information network which has helped turn the world into a ‘global village’ has also brought in its wake the all pervasive and difficult to tackle threat of cyber attack.

Even as cyber space has significantly and radically transformed the way the individuals and societies communicate and interact, its silent and subtle fall out in the form of cyber invasion continues to be a matter of concern for countries around the world.

For in cyber hacking, the perpetrator remains incognito with the victims hardly in a position to identify the source of attack. Clearly, stealth and anonymity are the key advantages that cyber hackers enjoy with certainty.

As cyber communications is in a state of infancy and in the process of dynamic evolution, there is no fool-proof firewall to ensure the safety and security of computer networks from the well conceived machinations of cyber hackers.

Even the mighty Pentagon has found it difficult to ward off cyber attacks. Terrorists, white collar criminals, anti social elements and business rivals, you name any entity, all of them have perfected the art and craft of realizing their devious objectives through cyber hacking.

Perhaps the most disturbing aspect of the multi-billion dollar business of cyber attack is that hackers always manage to stay ahead of the security devices engineered to protect the information networks.

New war theatre

Analysts point out the cyber space could very well become another domain of the modern day warfare. May be the next world war could begin and end in cyberspace without a single shot being fire.

Indeed, along with the outer space, the cyber space is slowly emerging as a new theatre of the ancient art of warfare. By targeting public utilities, transport infrastructure, banking networks, industrial operations and even nuclear power generation systems, it is possible to paralyse the entire country in one quick sweep.

The stunning and crippling effect of cyber invasion could be a nightmare for security agencies for whom the borderless cyberspace is an ‘impersonal entity’. Apparently, cyber spies have no physical boundaries to negotiate while giving a practical shape to their ‘evil designs’.

What is more, even satellites designed for communications, navigation, earth observation and many other myriad applications could be made in-operational by manipulating its software.

In fact,  a couple of years back there were reports to suggest that one of the satellites in India’s INSAT domestic communications constellation being operated by the Indian Space Research Organisation(ISRO) had fallen prey to the Stunext worm.

However this was found to be not true. About Stunext, Gulhsan Rai, Director General, India Computer Emergency Response Team (CERT-In) said, “Stunext, the first computer worm to impact critical infrastructure such as nuclear power plants, water treatment facilities and other factories reaffirms that cyber attacks have evolved into extremely sophisticated activities capable of compromising utilities, government and private infrastructure and corporate intellectual property”.

In what has been described as a biggest ever series of cyber attacks uncovered, it was found that a gang of hackers managed to break into the networks of more than 70 organisations, governments and companies around the world.

China connection

A strong ‘China connection’ has been suspected behind this well organised and systematically implemented cyber espionage aimed at multiple points. According to the cyber security enterprise McAfee which uncovered this intrusion of massive magnitude, the networks breached included UN Secretariat at Geneva, a US Energy Department Laboratory and 12 leading US defence companies working on futuristic weapons systems.

Among the long list of victims were also the governments of US, Taiwan, India, South Korea, Canada and Vietnam. In addition the International Olympic Association (IOC) and the World Anti Doping Agency too came under the sweeping spell of this malicious attack.

“The cyber snooping appears to have been going on for several years” said the McAfee Report which without naming any particular country traced the hacking to at least one “state actor”.

But cyber security experts are clear that Chinese hand is quite evident behind this hacking. As pointed out by Jim Lewis, a cyber expert with the Centre for Strategic and International Studies, it was very likely China was behind this attack since some of the targets had information that would be of particular interest to China. “Everything points to China. It could be the Russians but there is more that points to China than Russia” observed Lewis.

McAfee which on its part has dubbed the hacking as “Operation Shady RAT” opines that the earliest attacks could date back to mid-2006.”What is happening to all this data is still largely an open question. However, if even a fraction of it is used to build better competing products or beat competitors at key negotiations, the loss will represent a massive economic threat,” said McAfee Vice President Dmitri Alperovitch.

In a related development that has not caused any ripples, investigators studying the recent spate of cyber attacks on the systems of the International Monetary Fund (IMF) have also veered round the view that it could be the job of cyber spies connected to China.

Significantly, cyber tech sleuths who spent several months probing the finer mechanism of the attack, after analysing the operational features of the hacking, became suspicious of the hands of China linked cyber criminals. However, IMF has not come out with any official version of the results of investigation into the attack.

The Chinese involvement in cyber espionage is an old hat. Indian defence establishment has been one of the most conspicuous victims of China based ‘cyber warriors’. Not long back, networks of Indian diplomatic missions around the world, many Indian companies, think tanks and media groups had felt the heat of cyber crime originating from China.

That China was behind the discrete stealing of information from information networks from across the world including India came into open after the release of a painstakingly researched and excellently drafted report ‘Shadows in the Cloud’.

This report was a result of the systematic research by a team of experts from Information Warfare Monitor and the Shadow-server Foundation. While Information Warfare Monitor is a joint enterprise of the Citizens Lab, Munk School of Global Affairs, University of Canada and SecDev Group, an operational consultancy group based in Ottawa, the Shadow-server Foundation founded in 2004 is made up of volunteer security professional with a well informed interest in monitoring malware and malicious attacks on computer network.

Interestingly, the Shadows in the Cloud report had also exposed the devious doings of China based hackers in siphoning off classified documents from governments and private organisations in more than one hundred countries including the Tibetan Government in exiled headed by His Holiness The Dalai Lama.

In this instance, the Chinese hackers based in Hainan Island are known to have exploited a system called Ghostnet to steal the files from the information networks of the Tibetan Government in exile.

As it is, for long the Dalai Lama’s office was concerned over the possibility of Chinese cyber spies hacking into its computers. Investigations went to show that Chinese hackers had copied and stolen files from the computer network of the Dalai Lama and his Tibetan government in exile.

For quite sometime now, Indian security setup and defence establishment have been aware of the cyber threat emanating from China. As revealed in a story featured in the New York Times, “the intruders pilfered classified and restricted information from the highest levels of the Indian Defence Ministry.”

The military institutions targeted by Chinese cyber criminals included National Security Council Secretariat, 21 Mountain Artillery Brigade based in the North East and Air Force station in New Delhi.

On another front, the information networks operated by the Indian military training schools were also attacked by China based hackers. It has been revealed that some of the  data stolen by Chinese hackers included the secret assessment of  the security situation in Assam, Manipur, Nagaland and Tripura as well as Naxalite insurgency in various parts of the country.

Indeed, Indian Defence Minister recently pointed out that “of late, extraordinary and unprecedented cyber crimes have taken place across the globe, exposing the gaping holes in cyber security systems. Although Defence Services at all levels have taken steps to counter cyber threat through stringent implementation of cyber security policies, there is still a requirement to ensure all loopholes in this regard are suitably plugged.”

Meanwhile, in order to take on the Chinese cyber espionage threat, both India and US have decided to work out a common strategy for their defences in the virtual world.

In the context of the growing intensity and increasing sophistication of Chinese cyber attacks on the Indian and US defence, government and commercial establishments, the two countries are planning to create the so called  ‘cyber commandos’ to ensure the safety and integrity of their information and communications networks.

The DRDO has pointed out that algorithms are being worked out to ensure cyber security. Further, it has also stressed on the need to put in place trusted hardware and exclusive operating software for Indian defence forces that will help them develop immunity to cyber intrusion.

According to V K Saraswat, the DRDO Chief, if one has a dedicated communications system to operate a network centric architecture, one is safer than using internet for link up. “So we are building research areas on how to provide  solutions to armed forces on cyber security, how to build a robust communications systems, how to build software that will not have any weakness, how to make servers, switches and routers that will have no  parallel parts which can be targeted by an outside agency,” noted Saraswat.

As it is, detection of a threat or a potential threat plays a major role in ensuring cyber security. No formal rules of engagement in cyber warfare exist at present at both the international as well as multi lateral levels.

Role of social media

Most recent research study by software firm Websense goes to show that there is a growing tendency in attacks targeting social networking sites such as Facebook and Twitter. It is surmised that in the coming days, hackers will manage to manipulate search algorithms of social media channels to trick users into visiting fake brands and celebrity pages and increase exposure to malware.

Consequently, social media users will also be vulnerable to spam and malicious data stealing content. In early August this year, it was reported that the Pentagon is looking at exploiting Facebook and Twitter both as a resource base and as a weapon of the futuristic warfare.

Petagon is sure that social media has the potential to change the nature and dynamics of the warfare in the future. Social media had played key role in fomenting and spreading unrest in countries including Egypt, Libya, Iran and Bahrain.

After China, Russia is being looked upon with suspicion as the source of cyber hackings reported from many parts of the world. Not long back, it was reported that after the Russian troops entered into Georgia, cyber attacks were noticed extending to the computer networks in service with the Georgian government.

Other targets were banks, media, communication networks and transport systems. Since at that point of time computerization in Georgia was not extensive, the country did not suffer greatly as a result of hacking. The extent of disruption suffered by the countries could vary greatly depending upon the extent of the computerization.

Even the highly conservative Taliban militia which had campaigned against television and mobile phone is planning to spruce up its cyber security system. Taliban which continues to keep pot boiling in the war ravaged Afghanistan has in a statement said that its communications and internet links including the website were hacked in July this year with a view to spread the rumour against Mullah Omar that he was no more.

Without mincing words, Taliban has stated that its Information and Cultural Commission has started an inquiry into the entire hacking episode. The tech savvy Taliban, which has realized the importance of cyber space as a vital frontier to realize its objectives, has now started changing the addresses of its websites on a regular basis.