With the increasing number of cyberattacks, many security professionals are greatly troubled by the real threat to the information technology infrastructure in the United States. While safeguarding information has been a major issue for the private and public sectors since the beginning of the computer era, the increased level of concern over the most recent attacks has resulted in devoting more resources to combat this threat. This paper analyzes numerous cyberattacks by Russian computer enthusiast group Chaos Hackers Crew and other hacktivists during Operation Allied Force in 1999, that included taking down and defacing various NATO and US Government websites, several successful virus propagation attempts on military servers and countless spamming storms. This particular case raises curious questions about the legal definition of term cyberconflict itself, magnitude of the damage from a potential cyberattack on U.S. Government by terrorists and the level of preparedness of key military and intelligence units for the cyberwar.
The cyberterrorism threat is real, however it’s essential to recognize that preserving the state of continuous distress over computer vulnerabilities can be profitable. Based on this research, cultural differences play a huge role in the world of computer hackers who decide what entity to attack and how, also the scale of a cyberattack doesn’t matter as economic damage can be devastating regardless of its size. Global governments need to continue working on creating workable laws that accurately describe the problem of cyberattacks and effectively enforce the solution. The modern world still has a long way to go before all security threats are addressed, appropriate defence is in place and all the critical computer infrastructure is protected from hackers, “hacktivists” and plain criminals.
As a computer professional and a native Russian, I have a personal interest in conducting research on the ongoing cyber-conflict between countries that represent some of the major players in today’s computerized war arena, Russia and the United States of America being only the two of them. I do remember the bombings of Belgrade in 1999 and the nationwide outrage that followed those attacks. As a brother-slavic nation we all wanted to support Yugoslavia on its way to the independence and craved revenge against NATO and its evil allies. Looking back at that situation I realize all of us were exposed to a great deal of misinformation, misinterpretation and manipulation by government and government-owned news media, that was pursuing a hidden political and military agenda. Later on in life when I became involved in Information Technology and have worked in the field for several years, I started to understand the technical background of those hacker attacks. I do not wish to defend any member of the Chaos Hackers Crew, nor do I want to defend or offend anyone else associated with the Operation Allied Force.
So called “first world countries” with well-developed economies, that heavily rely on computers and technology, are not the only ones under the pressure from global cyber-threat trends. According to MessageLabs Intelligence 2008 Annual Security Report (Emerging markets at greater risk of cybercrime, 14 January, 2009) developing countries, such as Brazil, India, China are at even higher risk of exposing themselves to cyber-threats, and could potentially become the next launchpad for the next cyber-attack against the United States. As Internet access penetrates deeper into the emerging market and World Wide Web becomes more readily available in those place where computers are cheap enough, technical education appeals to the highest standards, but laws or other roadblocks are not in place yet to prevent the cybermafia from appearing and thriving, more and more problems arise in countries like Turkey, China and Russia, where botnets are on the rise, Denial of Service attacks become a daily occurrence and governments are unable to do anything to prevent such actions from happening not only on the international scale, but in their own backyard.
This case study will allow me to answer my own questions, as well as the questions of the global society, including people directly involved in the Cyber Conflict Case Study, security professionals, government agencies and field academics, on the hot issue of cyber-conflict. In the light of recent and not-so-recent events, such as 1999 Yugoslavia conflict, topic of defining the problem itself first have arisen. This paper is structured around fundamental issues tempestuously discussed by the cyberconflict community as well as controversial arguments that are relevant in this particular case of Russian Patriot Hacking during NATO’s Operation Allied Force. Each section contains multiple subsections, each of which reveal a separate question or a set of questions to be addressed. As recommended by the Case Study guide I will be focusing on topics involving international relationships and inter-cultural differences, legislative and moral sides of the story as well as computer security and technical education that also need to be covered.
In the first segment on intercultural and international issues will be uncovering the somewhat mystical and obscure myth of Russian culture, with its stereotypes and conspiracies dating back to the USSR and beyond. Undoubtedly in the depth of Russian soul, moral values, the Cold War based technical education and Russian legal system, lay the reasons behind the strong response expressed by numerous cyber-attacks on the United States and NATO back in 1999 with further exploration the possible large-scale effects of future cyberattacks. I’m sure the reader will be interested in knowing exactly how a possible foreign or even domestic digital aggression could be accomplished, what attack mechanics would be used and how will the victim be affected, whether if it the government of the United States, a federal agency, a major enterprise or an individual computer user. It would be exceptionally fascinating to find out what kind of economic effect would sizable cyberattack have on the financial district, critical infrastructure (i.e utilities, transportation) and the economy overall.
The second section of the report will be focusing on legal and ethical issues facing cyberwarfare research community. First and foremost we need to precisely define what actions constitute a cybercrime? How do cybercrimes against individuals, property and government differ? And at which point does a cybercrime become a cyberwar? The paper will demonstrate the ethical side of the story where the Russian mentality and absence of computer regulations and cyber laws play a humongous role in allowing the so-called cyber-mafia and other hacktivists to thrive and to continue to carry on its “cyber-activities” virtually unpunished. Digital law enforcement is crucial, but unfortunately practically non-existent today, therefore investigating and executing cyber-criminals should be considered the first priority, and is well mentioned in this section. This section will touch on different cyberconflict related legislations around the world being developed right now, and how they would affect the United States and the future of computerized violence, if passed. Furthermore, expanding on the problems of establishing trust among computer and government entities in peacetime and during conflict through the utilization of encryption, digital trust certificates and other comprehensive security policies.
The entire third part of the paper is dedicated to identifying and resolving some of the security issues we will have to deal with during a cyberconflict. The biggest one of them all is how can we protect ourselves? Defense strategies discussed in this subsection include personal protection, safeguarding data and infrastructure on government and enterprise level with the focus on military instances. Acknowledging certain desperate areas of mandatory improvement, where the United States is lacking resources tremendously. Technical education and cyberwarfare leadership development is one of them. Communication during cyberwarfare is an important part of this discussion. Just like during any type of war, being aware of which communication channels will fail first and examples of effective ways of transmitting information discovered during the crisis of September 11 and Northeast blackouts in 2003 will give us a good idea about the necessary preparation steps in this state of constant cyberwar awareness. Lastly I would like to comment on the impact of hacktivists, and patriotic hackers such as Chaos Hackers Crew and most recently Anonymous on the way we conduct digital wars and what we have learned from their attacks.
Intercultural and international issues.
“You’ll never grasp her with your mind
Or cover with a common label,
For Russia is one of a kind –
Believe in her, if you are able.”
In order to explain the reasons behind Russian patriotic hacking during the Operation Allied Force back in 1999, we need to first get a better understanding of Russian culture with its beliefs, moral values, language background, legal and educational systems. I will be able to provide some useful insights on this issue, as I consider myself to be a subject-matter expert. The question of moral values rises as soon as comes the realization that we are unable to comprehend or interpret the behavior of outsiders. Most of the time we believe that foreigners act mysteriously or vulgarly or simply abnormally from what one would expect. In more scientific terms this kind of confusion is classified as “cultural misunderstanding”. As a matter of fact, even Russians consider themselves to be somewhat of mysterious creatures; unable to understand each other’s actions, Russian often refer to a “concealed Russian soul”. In the literal translation of a quatrain by a famous 19th century Russian poet at the beginning of this section, the author is talking about his inability to grasp the common sense when it comes to fellow citizens, and the only thing the Russians can do about it, is to believe that everything will work out. The same notion still holds true today.
Most Russians of legal age were raised under the Soviet educational system. Higher education was mandatory during the Cold War Nuclear Arms Race and, so in the 1970s, 1980s and even 1990s Russians were about 99.7% literate (Above Top Secret, 2006). Many Russians traditionally hold either a engineering or other type of highly-specialized technical degree. “The beginning of engineering education in Russia was laid by the foundation of the School of Mathematical and Navigational Sciences in Moscow in accordance with Tsar Peter the Great’s Decree dated 27 January 1701. Russia has benefited from 300 years of history in engineering education and the same period of industrial progress.” (Russia Beyond The Headlines, 2008). Best of all this world-class education is free.Today there are millions of Russian computer programmers and well accomplished self-taught hackers who can potentially initiate a successful cyberattack on the United States or any other country as we have witnessed in the example of Georgian government website during the civil war of 2008. With its humiliating minimum wage level, non-existent social security benefits, sky-high unemployment rates and natural population decline, Russia middle class simply does not exist. According to MSK.ru (MSK, 2011) 26% of Russians live below the powerty level. Combine this with the superior education and relatively high average intellectual level and we have a highly explosive nation with Robin Hood complex, ready to revolt and take on anyone who seems to be acting unfair.
Russia’s spiritual life has historically been influenced by 2 main religions: Russian Orthodoxy (a branch of Christianity) and Islam. Russian Muslims are not connected to any of the radical Muslim movements of the Middle East, such as Wahhabi, and therefore shall not be considered risky from the warfare point of view. Due to the 80 years of religion-prohibitive communist regime, many of Russians are currently atheists, although most of them still consider themselves religious, but at reality almost never go to church. Overall religion doesn’t possess enough leverage to influence any military or political decisions in the country and should be omitted for the purpose of this paper.
Nonetheless, there are explicit and widely acceptable biblical commandments, such as, “Thou shall not kill.”. However, in today’s world commandments such as, “Thou shall not steal” prove to be rather questionable. In her article, Svetlana Babayeva, a political writer, gives the following example: “a corporation manager who knows that his boss is extorting money. How should he react and how should he view his superior? Not in the sense of direct practical actions, like “whistle blowing” to the upper management, or reporting the theft to the Prosecutor’s Office, but simply in the evaluative sense? Should the boss be admired because he is so shrewd and has panache for such behavior? Or should he be despised because he robs from the corporation and country, and consequently, robs his subordinates – both employees and people? Or should it all be ignored because there is no way to stop such activities anyways and hence a waste of time and effort?”(Russia in Global Affairs, 8 August 2007).
The answer is: to ignore. The acceptance that “everyone steals” has wiped out the nation’s sense of right and wrong. Those who are engaged in embezzlement and bribery accept it as the only way to carry on and thrive. They feel protected because “everyone else is doing it.” The police are infamous for being corrupt top to bottom. It is quite normal to break traffic regulations in Russia, and then it’s absolutely expected to bribe the policeman who pulled over the car. As a result Russians have developed a “Creative attitude to law”, which might seem savage to an average law-obedient American. Such widespread disregard for theft, fraud and corruption, along with condemnation of “whistle blowing” works out well for the hackers and other criminals. Their actions are simply ignored and rarely prosecuted. As a result we now have the entire generation of young, well educated, non-religious lower-middle-class citizens, who do not respect the law, but feel very passionate about “doing the right thing”. Those are the people who initiated attacks on White House website and attempted breaking into the US military servers.
Cyberattacks by a foreign government or cyber anti-security specialist secretly hired by a foreign government is a very effective way of political and economical pressure that is most of the time virtually impossible to trace back to the origin. Russian hackers seem to be the leaders of being blamed for such attacks. Patriotic hacking during the civil war in Georgia in 2008 could serve as another example of a powerful computer attack on a foreign government. This time Russian internet community not only didn’t try to cover their traces, but openly and proudly admitted involvement and their primary role in those events. “Information war”, as they call it, was not planned and started rather spontaneous. No one expected this type of response to actions of a foreign, even though a formerly friendly USSR, government. It was a very emotional time for all those “Robin Hoods” in underground hacker clubs.
Slowly but surely main Georgian websites were taken down: personal blog of the President, official Georgian parliament website, the Secret Service information page, various websites and forums for federal government services and ministries. These attacks lasted for weeks, but not a single non-government website was touched, because it “was not their fault”. Georgia’s officials were astonished and crashed under such pressure. They couldn’t stop the civil war, but they sure dedicated a lot of time, resources and money to counter the cyber enemies. Nonetheless those attacks were effective in disrupting government services and successfully accomplished the goal of applying political and most importantly psychological pressure on the subject of their attack.
Cyberattacks can cause major destruction without necessarily being large-scale. “In April and May 2007, NATO and the United States sent computer security experts to Estonia to help that nation recover from cyberattacks directed against government computer systems, and to analyze the methods used and determine the source of the attacks. Some security experts suspect that political protestors may have rented the services of cybercriminals, possibly a large network of infected PCs, called a “botnet,” to help disrupt the computer systems of the Estonian government.” (Clay Wilson, 2008). Estonia has a large percent of native Russian population, and the removal of a statue of a Soviet soldier celebrating the end of World War II caused a civil movement and criticism by the Russian Government.
The Russian government was immediately accused by Estonian officials of the cyberattacks, and charged them with unlawful cyberwarfare. Denial of Service attacks targeted Estonian government and private sector sites. They affected various parts of the infrastructure, including the government websites and email servers, causing the Members of the Estonian Parliament to go for days without email access, banks and news outlets. Financial transactions were severely compromised, ATMs were practically disabled, the largest national bank had to suspend all online activity for almost 24 hours. Independent analysts argued that the cyberattack involved cooperation between the Russian government and plain cybercriminals, who created new or made their existing botnets available for short-term rent. This particular case makes it evident that cyber-aggression can cause serious damage without being large-scale.
Beside being a major inconvenience, like in the example of government worker being without email for several days, cyberattacks can cause considerable financial and economical damage. According to AOL Government (AOL Government, 2011), almost 75 million people fell victim to the invisible computer crime in the United States in the year of 2010. Most definitely the number has gone up since then, but in the same year electronic criminals caused $32 billion in personal financial losses. Numbers vary when it comes to the private sector, but considering that in most international and US stock markets and nearly all critical infrastructure are run by computer that are connected directly to the Internet, it makes them hypersensitive to any type of attacks.
Lets look at the example of September 11 attacks. Even though these were not cyberattacks per se, the opening of the New York Stock Exchange (NYSE) was delayed and later cancelled that day, NYSE remained closed for almost a week along with the New York Mercantile Exchange, US Bond Market also closed, London Stock Exchange was evacuated; all of this caused the global stock and bond market to drop sharply and remain unstable for years. Flights all over the United States, Canada and some other countries were grounded causing billions in damage and even a couple of bankruptcies. Attacks themselves resulted in approximately $40 billion in insurance losses alone, making it one of the largest economic crises in history.
When it comes to the U.S. critical infrastructure, such as power, water and electric utility companies, there has been an alarming trend of more and more increasing break in attempts. “Security at power companies has been a concern for decades, but the issue rose to prominence with the emergence last year of the Stuxnet malware, which exploits holes in Windows systems and targets a specific Siemens SCADA (supervisory control and data acquisition) program with sabotage. After dissecting the malware, experts say they believe it was written to target nuclear facilities in Iran.” (CNET, April 18 2011). If the Stuxnet-like malware creators do succeed and a significant part of the country is affected by, let’s say, a power outage, it will cause serious economic consequences. Just like back in 2003, when the entire Northeast was hit by a widespread power outage, which lasted for over 12 hours, upset water supply, transportation, communication and many more sides of our lives, and caused over $5 billions in damage (Electricity Consumers Resource Council, 2004).
Military infrastructure is also quite susceptible to any computer-related intrusion since most of it is controlled by computers and there are plenty of viruses and malware, as described above, out to infect it. The two most recent cases take us back to 2010 and 2011. In the summer of 2010 Israel released malware into the uranium-enrichment centrifuge control center in Iran, which led to multiple explosions, service disruption and multi-billion monetary loss. Then again just last year Israel unleashed a very sophisticated virus, which infected the central microprocessor of the newest Iranian ballistic missile, causing it to explode. Dozens of high-ranked military commanders were killed, billions of dollars in damage, not to mention the destruction of the priceless fruit of their labor.
Economic impact of the past (cyber)attacks and simple utility malfunctions show that potential economic and financial repercussions could be catastrophic. More than that since the Internet access is becoming universal, America’s largest enterprises, military facilities and government agencies find themselves under fire from hackers all around the globe. Gartner’s Top Predictions for IT Organizations and Users for 2012 and Beyond predicting that by 2016, the financial and economic impact of cyber-crime will increase at 10% per year, because to the on-going detection of new vulnerabilities.(CNET, April 19 2012).
Legal and ethical issues.
“In the prospect of an international criminal court
lies the promise of universal justice.”
Since the year 2000 the number of reported cyber-crimes has increased greatly, from only 16,000 to over 300,000 (Hurriyet Daily News, 2012). This particular progression doesn’t seem to shows any signs of direction changing tendencies as the number of computers increase every day. However, the main question remains: what actions constitute a cybercrime and cyberwarfare? Official sources offer the most common definition of a cybercrime as “Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones”. In a more broader characterization, cyberwarfare is hacking, cracking, computer-related sabotage and undercover activities that are sanctioned by a government and may be politically induced. So the three main targets for cybercrime and cyberwarfare are people, private property and government and military agencies.
Cyber-crimes committed against persons may take different forms such as circulation of child-pornography, cyber-bullying through the means of computers, Internet websites, chat rooms or email. Production, dealing and administration of obscene material, including, but not limited to adult materials, institutes one of the most prevalent cybercrimes today. The inherent future damage of such actions to society cannot be accurately assessed, much less – predicted. Cyber-crimes against property include computer vandalism, account password exposure, credit card fraud, distribution of harmful viruses, malware, spam, and intellectual property theft. US Corporations lose millions of dollars and, more importantly, their reputation through this type of illegal act.
Cyberterrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorise the citizens of a country. This crime manifests itself into terrorism when an individual “cracks” into a government or military maintained website. Cyberterrorism is the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses. This is exactly what happened to government web servers in Georgia in 2008, the Bank of Estonia in 2007 and finally to the United States and NATO digital infrastructure back in 1999.
Internet access has really been a blessing to US business, Universities and other educational organizations. There are, however, two sides of the coin. Due to its unique characteristics that allows it to penetrate international borders and the anonymity provided by the World Wide Web, it is perfect habitat for those trying to evade the law. Internet related crime is an inevitable reality that all Information Technology security specialists have to be prepared for. Therefore it is important to be aware of any federal and local laws that regulate such activity. There are a couple of important US federal legislations and European Union Conventions that have been enacted to deal particularly with the problem of crime in the computer age.
Cybercrime is not just the problem of threat to personal wallets or home workstations, it is the matter of national security. That is exactly why the US Congress constantly works on bills meant to deal with this issue. The Cyber Crime Protection Security Act (S. 2111), for instance, is designed to “enhance the criminal penalties for the cyber crimes outlawed in the Computer Fraud and Abuse Act (CFAA). Those offenses include espionage, hacking, fraud, destruction, password trafficking, and extortion committed against computers and computer networks” (A Legal Analysis, 2012). This bill is neither perfect nor comprehensive, but many say it is a very important first step in the fight on cybercrime on American soil. “We are incredibly vulnerable, if we don’t make our policy makers think about this seriously, we’ll be dealing with something like 9/11” (CNNMoney, 2012) said Mike McConnell, former President Bush’s national intelligence director. It might take a catastrophic event for the United States lawmakers to take the threat seriously.
The European Union on the other hand has long realized the importance of cybercrime related laws. The Convention on Cybercrime, also known as the Budapest Convention on Cybercrime or simply the Budapest Convention, is the first major international treaty signed in November of 2001, looking into addressing digital crimes and the Internet based illegal activities by correlating national laws, advancing analytical techniques and improving cooperation among European countries. “The Council of Europe helps protect societies worldwide from the threat of cybercrime through the Convention on Cybercrime and its Protocol on Xenophobia and Racism, the Cybercrime Convention Committee and the technical cooperation Programme on Cybercrime” (Council of Europe, 2001).
First computer viruses targeting IBM compatible machines first appeared in Russia over 20 years ago. There has been a significant shift in the entire purpose of such programs: they have gone from being relatively harmless pranks to specialized software for money extraction and extortion. Most companies and regular computer users cannot imagine their lives without the Internet today, they often transmit private and straight confidential information over the Internet, which can be stolen and later sold by criminals. According to director of the Federal Security Agency in Moscow, Russia has one of the most loyal cybercrime legislation in the world, and many criminals exploit it without any fear of being punished. As an example he mentioned a huge database of people, tens of thousands names, who are known for illegal cyber activity such as computer fraud and hacking, but the Agency is puzzled as to what to do with the database as those are not considered crimes according to the Russian law (SecurityLab, 2008).
Unfortunately, the cybercrime as a result of information systems globalization issue, is not yet covered whatsoever in the Russian legal system. More than that, Russia is not one of the countries that signed the Budapest Convention on Cybercrime back in 2001. This convention represents years of in-depth analysis of the global cybercrime situation and regrettably Russia is not quite ready to sign it or cooperate in the international effort of containing the problem. However, it would only be fair to mention that even after signing the Convention over ten years ago, the European community is not only still in the process of seeking effective methods of fighting this war, but also haven’t worked out a single unified policy regarding the matter. At the same time Russian scientist dedicate their time researching potential criminal liability and cybercrime climate inside the country, ignoring the overall global trends in this industry. Russia is yet to realize the pandemic tendency of this issue.
Cyberspace is the fifth common dimension: after land, sea, air and outer space. It is in desperate need for organization, cooperation and legal actions among all countries worldwide. A cyberspace law or treaty at the international level would become the global core structure for order, security and justice in cyberspace. Cyber-peace and computer security ought to be an important part of the dynamic evolution of international law. The most outrageous computer crimes and attacks of global importance shall be investigated and pursued based on newly invented international law, and punished by an international Court or Tribunal for cyberspace.
“In the prospect of an international criminal court lies the promise of universal justice” said Kofi Annan, former UN Secretary-General (An International Criminal Tribunal for Cyberspace, 2012) Without an international court or tribunal for dealing with the most serious cybercrimes of global concern, many serious cyberattacks will go unpunished. The most serious global cyberattacks in the recent year, have revealed that almost nobody is investigated and prosecuted, and nobody has been sentenced for those acts. Such acts need to be included in a global treaty or a set of treaties, and investigated and prosecuted before an international criminal court or tribunal.
Establishing trust among computers, server entities and users for government, military or private sector purposes, is the most important task for cybersecurity professionals right now. There are several means for achieving such goals. A digital signature is a mathematical pattern for proving the authenticity of a computer relation, message or document. A credible digital signature gives both sides of a digital transaction a reason to trust that the message was created by a known sender, and that it was not changed in transit. Digital signatures are widely used in software development and, online bank transactions, and in other web based activities when there is a potential threat of fraud or interfering.
Another mean of protecting important Internet communication channels is encryption. It is a mechanism of conversion of otherwise openly transmitted information into and impenetrable scrambled messages to broadcast it through insecure mediums. The most popular encryption algorithm assumes the possession of a secret decryption key by both communicating parties. Encryption is currently used for most online transactions, including financial, government and private email communications. It is theoretically impossible to decrypt scrambled messages, however hardware and software solutions otherwise known as “sniffers” have long been used by hackers and other online criminals to intercept and collect such information for brute-force decryption attempts. With the ever-increasing processing speed of modern computers brute-force attacks are becoming more and more successful. US government is infamously known for building huge data-centers, one of them in Bluffdale Utah, meant for collecting encrypted information from all over the world with the plans for decrypting previously uncrackable data in the nearest future when Moore’s law will allow supercomputers powerful enough to do so.
To investigate and prosecute cybercrime, law enforcement agencies need experienced investigators, updated computer forensic personnel familiar with the concepts of encryption and digital certificates as well as prosecutors accustomed to cybercrime issues. According to federal and state law enforcement officials, “the pool of qualified candidates is limited because those investigating or examining cyber-crime must be highly trained specialists, requiring detective and technical skills, including knowledge of various IT hardware and software, and forensic tools” (Digital Communities, 2009).
“If you don’t lock your car, it’s vulnerable;
if you don’t secure your computer, it’s vulnerable”
(FBI Cyber Division, 2011)
Large organized crime groups have been launching massive attacks against individuals and major enterprises for decades. They have successfully managed steal billions of dollars every year, and a large, ongoing presence in many of our most sensitive computer systems. Organized cybercrime is a truly international affair, but the most advanced attacks tend to stem from Russia. The Russian mob is incredibly talented for a reason: “After the Iron Curtain lifted in the 1990s, a number of ex-KGB cyberspies realized they could use their expert skills and training to make money off of the hacked information they had previously been retrieving for government espionage purposes” (CNNMoney, July 27, 2011).
It’s obvious that the only 100% protected computer network is the one that is in no way connected to the Internet, however it is not realistic to expect everyone to disconnect at once and go into an offline mode. Just like it is a common sense to lock the car and house every night, computer information systems should be securely protected from possible intrusions. Here are some of the most common ways. Operating Systems should be patched against all vulnerabilities in a timely manner. Known vulnerability exploitation is the most popular way for hackers to get in. Antivirus and antispyware software should be installed to catch harmful programming code while browsing the Internet or checking email.
IT staff should implement strict firewall rules to avoid unnecessary risk of cyberattacks through the most common ports. Password rules should be in place for private companies and most importantly government agencies and military instances to enforce complex password use. Staff should be trained to deal with social engineering attempts. In the public sector organizations, security policies should restrict unauthorized access to sensitive data. When a government employee leaves the agency, immediately disconnect their access to the company’s network and physical access to the building, shut down remote connections, collect their cell phones and smartphones. Heavily encrypted wireless connections should be used within the organizations to prevent unauthorized access. Virtual Private Networks (VPN) use should be enforced for access from outside.
US economy has shifted from a manufacturing based economy to an information based economy a long time ago. “Between 1995 and 2005, the U.S. lost 3 million manufacturing sector jobs and created 17 million service/information sector jobs. The service/information based sector will dominate the U.S. economy in coming decades” (HigherEdUtah, 2010). Jobs available in the past required hard labor skills; present and future jobs will require highly educated technical specialists. In order for the United States to create leaders and personnel in computer security field to protect the government digital assets, students need to be taught how to solve technical problems, which require the application of knowledge from many different disciplines and the laboratory provides a medium to develop and test solutions.
American businesses increasingly complain about the lack not only in up-to-date technical skills training of job applicants, but also in the “employability skills” creativity, problem-solving skills, teamwork, leadership, self-esteem and integrity that are indispensable to productivity in today’s workplace. The shortage of qualified skilled workers has reached acute proportions in nearly every sector of American industry. Asian, South American and European countries, including Russia with its Chaos Hackers Crew, place a much higher cultural and governmental value on the achievement of technical skills. This is where the American education system has been lacking.
The breakdown of essential communications is one of the most widely shared characteristics of all disasters. Looking back at cyberattacks on Estonia in 2007 and communication failure on September 11, whether partial or complete, the breakdown of telecommunications infrastructure leads to preventable loss of life and damage to property, by causing delays and errors in emergency response and disaster relief efforts military or civilian crews. Yet despite the increasing reliability and resiliency of modern telecommunications networks to physical damage, the risk associated with communications failures remains serious because of growing dependence upon these tools in emergency operations. In case of a military crisis or a cyberattack it is believed that North American Aerospace Defense Command (NORAD) will be the first target as a communication center. NORAD is a joint organization of Canada and the United States that provides aerospace warning, air sovereignty, and defense for the two countries. Headquarters NORAD is located at Peterson AFB, Colorado Springs, Colorado. NORAD command and control is exercised through the Cheyenne Mountain Operations Center, located a short distance away.
In case of massive failure of communication systems such as the Internet, landlines and cell phones, radio will be be the most reliable mean of information exchange for civil and military purposes. Just like during the September 11 attacks Radio Communications served a vital role in coordinating rescue efforts by the New York Police Department, New York Fire Department, Port Authority Police Department, and Emergency Medical Services. Victims of Hurricane Katrina reserved to using ham radios to communicate with each other and the rest of the world right after the disaster, as most telephone service in New Orleans and coastal Mississippi remained devastated.
On the battlefield communication is critical. During a cyberwar the best defence is offence and enemy’s communication channels should be taken out right away. Communication warfare can take many forms: television and radio transmissions can be jammed or hijacked for disinformation purposes, logistics networks should be disabled or spoofed. Stock exchange transactions can be easily sabotaged, either with electronic intervention, leaking sensitive information or placing disinformation. Defense Advanced Research Projects Agency (DARPA) has developed two modes of operation for a new technology back in 2009, known as PREW (for Precise Electronic Warfare). “One method, called point-to-an-area, will utilize an ad hoc array of transmission nodes that are precisely synchronized to project energy on a limited location in space — an area, say, 100 meters across — from as far as 20 kilometers away. Which frequencies DARPA will jam is their little secret, of course, but the idea is to knock out GPS satellite navigation, CB-type radio bands, and cell phone signals. So if friendly troops are conducting operations in an area and command wants to disable an enemy communications bunker or a missile installation, for instance, it can simply jam signals in that precise area without knocking out friendly communication links nearby” (Popular Science, 2009).
Organized cybercrime groups have made a huge impact on thy way cyber warfare is conducted in today’s world. Anonymous for example, is an Internet hacker organization that originated in 2003 and represents the concept of many online and offline community users simultaneously existing as an uncontrolled, digitized global mind. It is also generally considered to be a blanket term for members of certain Internet subcultures, a way to refer to the actions of people in an environment where their actual personalities are unknown. Even though they are considered to be hackers, members of the Anonymous organization think of themselves as “hacktivists”, meaning that they are out there to spread goodness and fairness. They, for instance, attack pedofile websites and servers of hosting companies that allow suchactivities on their watch. They are famous for the “Operation Revenge” on some of the major payment systems out there like Visa and Mastercard when those decided to freeze assets of the famous WikiLeaks creator. In its recent report Verizon, that has been tracking Anonymous since the very beginning, wrote: “2011 saw a merger between those classic misdeeds and a new ‘oh by the way, we’re gonna steal all your data too’ twist.This re-imagined and re-invigorated specter of ‘hacktivism’ rose to haunt organizations around the world.”(CNNMoney, March 22, 2012)
At 14:00 EST on March 24, 1999 NATO initiated the first air strike against strategic military targets in the Federal Republic of Yugoslavia. While the causes of ceasing the violence and repression by President Milosevic could be considered noble, significant civilian casualties as well as legitimacy of the entire operation were widely criticized the international community. The most notable response to the bombings were numerous cyberattacks by Russian computer enthusiasts group Chaos Hackers Crew and other hacktivists, that included taking down and defacing various NATO and US Government websites, several successful virus propagation attempts and countless spamming storms. “This was the most primitive kind of attack, and it was less of an attack and more of a demonstration. The fact that our response was uneven and disorganized should worry us. The fact that some of the [U.S. government sites] did crash makes you wonder how well prepared we are to respond to a more sophisticated attack, if one were to occur” (Internet Telephony Magazine, 2010).
While the term cyberattack is well defined and computer professionals know exactly what it is and where it comes from, there are not enough laws in the United States or globally that would help prevent, control or enforce punishment for such actions. The cyberterrorism threat is real now more than ever, and it is important to be prepared through technical means: known vulnerabilities patching, antivirus protection, password and physical access policies. In case of an actual cyber threat government instances and military will have to reserve to radio communications based on the experience of past catastrophic events, and proactively attack the enemy’s communication channels, whoever it might be. Lessons of Anonymous and Chaos Hackers Crew need to be learned and highly trained security professionals should be standing by ready for a Denial of Service attack on critical infrastructure, while using encryption and digital trust certificates to protect valuable assets and for access control.
War is an organized and armed conflict between countries, carried out with extreme aggression and usually high mortality. Cyberwar is a conflict between two enemies using political pressure through the means of computer software, hardware and networks, that could be potentially lethal. There has not been a single cyberattack that could be classified as cyberwar so far, but it doesn’t mean that there never will be. There’s no such thing as total preparedness to an attack or a cyberattack. Government and private sector need to heavily invest into defensive security measures. A more complex approach to our security measures needs to be taken, as the cybersecurity threats we are facing have evolved beyond the ability of current technologies to neutralize them, and all indications are that they will continue to do so.
“Are the Russians More Prepared for Nuclear War?” Above Top Secret, December 25, 2006. http://www.abovetopsecret.com/forum/thread237244/pg7. Babaeva, Svetlana. “Free from Morality, Or What Russia Believes In Today.” Russia in Global Affairs, August 8, 2007. http://eng.globalaffairs.ru/number/n_9124. Baranov, Anatoliy. “Russian Living Standards Are Catastrophicaly Low (Уровень Жизни в России Катастрофически Снижается).” MSK.ru, February 18, 2011. http://forum-msk.org/material/news/5554163.html. Benjamin Bidder. “Russian Hackers Target Political Opposition.” Spiegel Online, July 30, 2007, sec. World. http://www.spiegel.de/international/world/0,1518,497841,00.html. “Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for
Congress”, n.d. https://docs.google.com/viewer?a=v&q=cache:Zuwrdtx3cswJ:www.fas.org/sgp/crs/terror/RL32114.pdf+They+argue+that+as+the+rented+time+expired,+the+intensity+of+the+persistent+cyberattacks+against+Estonia+also+began+to+fall+off&hl=en&gl=us&pid=bl&srcid=ADGEESjRKeJkDDfq74QY63iqwWUWETsykI4bBOH110zTkUVbsGjCcalrLtmiQ2c-ro_R-5dZKe93eiD5S2B5_QNBIIWlUgVgarrE_T08uvASwcM38RJC9AEPynyY03c9H-U0ExMI7WIR&sig=AHIEtbRjWTBlUTjL8AklloLpIWyjt7y6xw. “Career and Technical Education–An Answer to a Problem.” HigherEdUtah.org, April 5, 2010. http://www.higheredutah.org/career-and-technical-education-an-answer-to-a-problem/. Cavelty, Myriam Dunn. Cyber-Security and Threat Politics: US Efforts to Secure the Information Age. 1st ed. Routledge, 2007. Chris, Marsden. “US-NATO Bombing of Yugoslavia: Critical Reports Circulate on the Internet.” World Socialist Web Site, April 20, 1999. http://www.wsws.org/articles/1999/apr1999/nato-a20.shtml. Chris Nuttall. “Kosovo Info Warfare Spreads.” BBC, April 1, 1999, sec. Sci/Tech. http://news.bbc.co.uk/2/hi/science/nature/308788.stm. Clay Wilson. “Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress”, January 29, 2008. https://docs.google.com/viewer?a=v&q=cache:Zuwrdtx3cswJ:www.fas.org/sgp/crs/terror/RL32114.pdf+They+argue+that+as+the+rented+time+expired,+the+intensity+of+the+persistent+cyberattacks+against+Estonia+also+began+to+fall+off&hl=en&gl=us&pid=bl&srcid=ADGEESjRKeJkDDfq74QY63iqwWUWETsykI4bBOH110zTkUVbsGjCcalrLtmiQ2c-ro_R-5dZKe93eiD5S2B5_QNBIIWlUgVgarrE_T08uvASwcM38RJC9AEPynyY03c9H-U0ExMI7WIR&sig=AHIEtbRjWTBlUTjL8AklloLpIWyjt7y6xw. Coleman, Kevin. “Cyber Intelligence: The Huge Economic Impact of Cyber Crime.” AOL Government, September 19, 2011. http://gov.aol.com/2011/09/19/cyber-intelligence-the-huge-economic-impact-of-cyber-crime/. “Convention on Cybercrime”. Council of Europe, 2001. http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm. Cooper, Charles. “House Hearing: U.S. Now Under Cyber Attack”, April 24, 2012. http://news.cnet.com/8301-1009_3-57420229-83/house-hearing-u.s-now-under-cyber-attack/?part=rss&subj=news&tag=title. “Cyber Assaults: The New Organized Crime”, n.d. http://www.tmcnet.com/voip/0110/cyber-assaults-the-new-organized-crime.htm. “Did Russians Get Whitehouse.gov?”, n.d.