Cyber Warfare Conflict Analysis and Case Studies Mohan B. Gazula Working Paper CISL# 2017-10 May 2017 Cybersecurity Interdisciplinary Systems Laboratory (CISL) Sloan School of Management, Room E62-422 Massachusetts Institute of Technology Cambridge, MA 02142 Cyber Warfare Conflict Analysis and Case Studies By Mohan B. Gazula M.S., Computer Science Boston University Submitted to the Systems Design and Management Program in Partial Fulfillment of the Requirements for the Degree of Master of Science in Engineering and Management at the Massachusetts Institute of Technology June 2017 © 2017 Mohan B. Gazula. All rights reserved. The author hereby grants to MIT permission to reproduce and to distribute publicly paper and electronic copies of this thesis document in whole or in part in any medium now known or hereafter created. Signature of Author ............................................................................... MIT Sloan School of Management Department of Electrical Engineering and Computer Science May 12, 2017 Certified by ...................................................................................... Stuart Madnick John Norris Maguire Professor of Information Technologies, MIT Sloan School of Management & Professor of Engineering Systems, MIT School of Engineering Thesis Supervisor Certified by ...................................................................................... Allen Moulton Research Scientist, Sociotechnical Systems Research Center, MIT Thesis Supervisor Accepted by ...................................................................................... Joan S. Rubin Executive Director and senior lecturer, System Design & Management THIS PAGE INTENTIONALLY LEFT BLANK 2 Cyber Warfare Conflict Analysis and Case Studies By Mohan B. Gazula M.S., Computer Science Boston University Submitted to the Systems Design and Management Program in Partial Fulfillment of the Requirements for the Degree of Master of Science in Engineering and Management Abstract “The supreme art of war is to subdue the enemy without fighting.” - Sun Tsu from “The Art of War” Believed to have lived between 770 and 476 B.C In the age of code wars, have our lives changed for the better? Are we any safer than the bloody wars or the cold wars from the past? Is there any more guarantee now in a cyber age than in a kinetic age involving human forces? These are the types of questions that have little answers due to the secret nature of the operation. State-sponsored activities are commonplace. Whenever there is involvement by a state, the stakes are higher, and loss of life can never be ruled out. The objective of this thesis was to research historical cyber-warfare incidents from the past to current and map the relevant cyber-warfare data in a well-known framework called CASCON, which is a history-based conflict analysis and decision-support system. The CASCON-based analysis for cyber incidents revealed a larger picture of the world we live in and how easily that world could change. The information contained in this thesis is not meant to be conclusive, but a study of state- sponsored cyber cases using MIT’s CASCON to map and categorize information for future learning about conflicts involving states. It is the purpose of this thesis to (a) research historical cyber-warfare incidents and (b) map cyber-warfare incidents into a framework. Thesis Advisor: Stuart Madnick Title: John Norris Maguire Professor of Information Technology, MIT Sloan School of Management & Professor of Engineering Systems, MIT School of Engineering Thesis Advisor: Allen Moulton Title: Research Scientist, Sociotechnical Systems Research Center 3 THIS PAGE INTENTIONALLY LEFT BLANK 4 ACKNOWLEDGMENTS I was fortunate to have Professor. Stuart Madnick and Allen Moulton as my advisors, and I am profoundly grateful for their support and guidance during the process of writing my thesis. Professor Madnick believed in me and was always available whenever I ran into a trouble spot or had a question about my research or writing. He consistently allowed this paper to be my own work, but steered me in the right direction by motivating me to plan on my thesis early and deliver an excellent product. His expertise and feedback on cyber security has been a guiding light throughout my research work. Mr. Moulton brought life to my thesis with his expertise on international conflict management, kinetic and cyber warfare along with his experience on various research topics. He being one of the original authors of CASCON helped me tremendously. He also helped me gain momentum towards completing my thesis with a pragmatic approach. I enjoyed having discussions with Allen and benefited from his detailed views on many topics including kinetic warfare and CASCON. Thank you, Professor Madnick and Mr. Moulton in helping me create a robust and quality product. I truly appreciate your advice, time and confidence in me. Patrick Hale (Former Executive Director of SDM) was always available and provided me with advice and support to work through challenges and believed in me. Thank you, Pat for being available and providing guidance. Thanks to Joan S. Rubin (Executive director and senior lecturer of the Massachusetts Institute of Technology’s System Design & Management program) for her tremendous guidance and approachability. Thanks to Triet Nguyen, Bill Foley and Amal Elalam for all their financial, curriculum and administrative advice throughout the duration of the program. I am grateful to General Dynamics Mission Systems for their support in helping me complete my master’s degree program. Inspiration provided by my parents has enabled me to achieve goals throughout my life. My father, an entrepreneur and visionary, taught me to dream big and think ahead in everything I do. My mother was an exemplary to hard work and patience. My wife, Kavitha, whose inspiration, support and approach to life is second to none. My son, Pratik, and daughter, Kimaya, have been the source of my energy. My two sisters, Kala and Leka, have shown unconditional support for anything I have set out to do in my life. “The true goal of action is knowledge of the Self.” ― The Bhagavad Gita 5 THIS PAGE INTENTIONALLY LEFT BLANK 6 Dedicated To my Dear Wife - a Noble Family Physician, a Professor and an Entrepreneur Dr. Kavitha Gazula M.D., ABIHM to my Dear Son Pratik and Dear Daughter Kimaya 7 THIS PAGE INTENTIONALLY LEFT BLANK 8 TABLE OF CONTENTS 1. MOTIVATION ................................................................................................................................ 13 1.1 USE OF CYBERSPACE ............................................................................................................................................. 13 1.2 THE CYBER-BATTLEFIELD ............................................................................................................................................ 15 1.2.1 Operational Boundaries of Cyber-warfare .................................................................................................... 17 1.3 THE DATA WEAPON ...................................................................................................................................................... 18 1.4 EVOLUTION OF CYBER-WARFARE AND CYBER-CONFLICT .............................................................................. 19 1.5 COST AND SCALE OF CYBER-WARFARE ...................................................................................................................... 21 1.6 A HISTORICAL GLIMPSE OF CYBER-WARFARE .......................................................................................................... 23 2. A FRAMEWORK FOR CYBER-WARFARE .............................................................................. 23 3.1 TYPICAL PHASES IN CYBER-WARFARE .............................................................................................................. 24 3.2 CYBER WARFARE: FACTOR CODING ................................................................................................................... 25 4. CYBER WARFARE: CASE STUDIES .............................................................................................. 28 4.1 OLYMPIC GAMES (A.K.A STUXNET) .................................................................................................................... 28 4.2 UKRANIAN POWER GRID...................................................................................................................................... 32 4.3 KOSOVO WAR ......................................................................................................................................................... 35 4.4 RUSSIA-GEORGIA WAR ....................................................................................................................................... 38 4.5 OPERATION CAST LEAD ...................................................................................................................................... 40 4.6 THE TULIP REVOLUTION ..................................................................................................................................... 43 4.7 THE JASMINE REVOLUTION ................................................................................................................................ 45 4.8 DUQU (1.0 & 2.0) ............................................................................................................................................... 47 4.9 THE EASTERN RAILWAY WEBSITE DEFACEMENT