The Evolution of Cyber Warfare and Its Role in Shaping International
Total Page:16
File Type:pdf, Size:1020Kb
The New Battlefront: The evolution of cyber warfare and its role in shaping international diplomacy and conflict Author: Hamid Mansoor Mentor: Ming Chow Abstract: This paper will examine the evolving nature of Cyber Warfare and its role in shaping international diplomacy and conflict in the 21st century. Cyber Warfare is defined as cyber attacks perpetrated by one state against another to disrupt and damage infrastructure and to steal important national secrets. From the 2014 hack into the systems of Sony Pictures Entertainment (allegedly by North Korean hackers) to the recent hack into the US Office of Personnel Management (allegedly by the Chinese), mass cyber attacks have increased in their sheer volume, complexity and audacity. One of the main issues discussed during the recent visit by the Chinese premier to the US was the cyber battle between the two countries. This paper will explore the various motives for nationstates to conduct these attacks, the various methods and tools employed, the rapidly developing field of cyber defense and the important implications these issues have on international diplomacy and the defense industry. Introduction: Technology is not only changing the way we live, learn, entertain and receive health care, but also the way we fight. With increasing dependance on technology worldwide, it comes as no surprise that nation states are rapidly adding cyber defense and offence capabilities to their military and intelligence programs. With a lack of global frameworks for dealing with cyber crimes, any major cyber attack can be construed as a justifiable cause for the declaration of war between countries. The recent high profile attacks have put a spotlight on the diplomatic implications of such actions. The scale of this warfare was described aptly by the House Intelligence Chairman Rep. Mike Rogers when he said: “US is involved in a cyber war everyday” [3]. To the Community: I chose this topic because of the increasing relevance of cyberwarfare in the lives of regular citizens. It is important for all of us to be aware of this complex issue as it will feature more and more in policy and law making. In March 2013, top US intelligence officials conceded that cyber warfare poses a greater threat to USA than that posed by conventional terrorist groups such as AlQaeda [2]. There is concern that cyber warfare can be used to disrupt the lives of everyday citizens by targeting infrastructure such as causing a malfunction in a power grid etc. It is very important for us all to be aware of these issues so that we can have a say in any national level policy that gets devised to tackle these issues. Motives of various nation states to conduct cyber attacks: There are several motives for states to wage cyber wars. Cyber weapons allow countries to conduct wars without declaring wars. The promise of anonymity and deniability makes cyber warfare very useful for militaristic purposes. An important example of this is when Russia recently used a cyber weapon called “Ouroboros” or Snake against the government communication systems in Ukraine [11]. The weapon had the ability to conduct surveillance and also physically destroy computer networks. Russia has repeatedly denied direct involvement in the Ukraine crisis and using such tactics allows it to pursue its agenda while maintaining deniability. Another militaristic use is intelligence gathering. The hack of the Office of Personnel Management (OPM) affected more than 21.5 million people in USA. The OPM conducts backgrounds checks on people applying for federal jobs. The breach exposed very sensitive information about federal employees and contractors, including several that were stationed in China. The US authorities had to evacuate some employees from China due to the leakage of compromising information [7]. Cyber warfare is also used in intimidation tactics. The attack on Sony Entertainment, which has been blamed on North Korea, prior to the release of the movie “The Interview” is an example of that. The attack prompted widespread fear of further attacks, which led to some major distributors refusing to show the movie [17]. Another motive to conduct cyber warfare is to steal trade secrets. Countries like Russia and China stand to benefit greatly from stealing trade secrets as some of the largest and most powerful industries in these countries are state owned. For example, Edward Snowden’s leaks show that China allegedly stole the designs for the F35 jet which is the most expensive weapons project in the history of the world. Military analysts have noted some striking similarities in the Chinese J31 fighter and the F35 [9]. Impact on the diplomatic relations between the world’s superpowers: Cyber warfare has very important implications for international diplomacy. The three global powers, USA, Russia and China routinely accuse each other of cyber malpractice [1]. Just last year, USA Department of Justice charged five Chinese military officials with cyber espionage against US corporations [8]. This caused a considerable diplomatic row and shone a light at the deep mistrust between the two countries. The prospect of a framework or a treaty to mitigate such activities remains elusive. Cyber warfare was one of the key issues of concern during the much hyped visit to the US by the Chinese premier Xi Jingping this year [10]. Both the countries failed to construct any meaningful framework to lower the intensity of cyber sabotage against each other. Russia has traditionally favored a comprehensive treaty to deal with cyber issues. USA however, favors more defense and increased cooperation between the international law enforcement agencies [4]. The two countries however do have a cyberwarhotline to avert “a crisis situation arising from an ICT security incident.”. The hotline was established in 2013 and provides a secure line of communication between the US Cybersecurity Coordinator and the Russian Deputy Secretary of the Security Council [6]. Impact of the evolution of cyber warfare on defense spending and research: Countries around the world are devoting increasing resources to study and develop the capabilities for cyber warfare. In 2013, cyber security firm Mandiant wrote a famous report in which they identified the Chinese People’s Liberation Army Unit 61398 as one of the most sophisticated and notorious engines of cyber warfare. The report estimates that there are hundreds or thousands of people in the unit. The unit is thought to be well equipped and its personnel are trained extensively in computer networks and are required to be proficient in English [14]. The Obama administration has proposed a budget of $14 billion for cybersecurity initiatives for the year 2016. This marks an increase of $1 billion over the last year [12]. In addition, the US military is on a hiring spree for more and more cyber warriors. US Cyber Command is supposed to be fully operational with 6000 activeduty cyber warriors by 2017 [13]. Cyber warfare has also changed the perception of an act of war. In 2011, the Pentagon declared that the US reserved the right to retaliate with military force in case of a cyber attack [15]. The lack of a universal treaty or agreement regulating the cyber space makes this situation all the more dangerous. This absence has sparked an arms race between all the major global players to develop the most advanced cyber attack and defense capabilities. The development of a comprehensive framework would have the benefit of allowing states to worry less about potential attacks from one another and to focus more energy and resources on curbing cyber crimes and apprehending cyber criminals [5]. Methods and tactics employed by cyber attackers: States use a variety of sophisticated cyber weapons to perpetrate these attacks. The secrecy of cyber weapons programs makes it very hard to determine the capabilities of various states. Cyber security experts and industry leaders are always on the lookout for more clues into the inner workings of defense agencies. One particularly interesting cyber weapon that is used by the Chinese is called the “Great Cannon”. This name has been coined by The Citizen Lab at the University of Toronto after they observed a DDoS attack on the website GreatFire.org, a notforprofit website that highlights the high level of internet censorship prevalent in China, and its associated Github pages. The Great Cannon (GC) is colocated with China’s “Great Firewall”. The Great Firewall is the main Chinese instrument to conduct internet censorship. The GC is however a separate cyber weapon. From the analysis by the Citizen Lab, GC is essentially a tool to hijack traffic from specific IP addresses and place unencrypted content in that traffic as a ManInTheMiddle (MITM). GC then manipulates this traffic to create a massive DDoS attack. The report contains a very useful image to illustrate the concept of GC and the Great Firewall [16]: “Simplified logical topology of the Great Cannon and Great Firewall” [16] Another famous malware is Wiper. It has several variants such as Shamoon, Destover (used in the Sony hack) and Dark Seoul. As its name implies, the primary feature of this malware is to infiltrate and destroy data. Action Items: The main action item that I would recommend is just to make yourself aware of the complex issues surrounding this topic. Cyber warfare is becoming more and more advanced and the general population is quite unaware of it. Acquainting yourself with these issues would allow you to make better decisions when it comes to voting and having your opinion heard in any policy making. Another action item could be to reach out to your lawmakers and make them aware of your concerns regarding cyber warfare and the absence of any international regime governing the use of cyberspace.