Anything connected to internet is vulnerable to cyberattacks even if any system that is not connected with the internet, it still can be disrupted by cyberattack through USB device or internal drive contact. Availability of internet on an incredibly cheap price and its connectivity to devices has opened up a discussion on internet of things(IoT).
Internet of things includes everything connected to internet ranging from smart watches to all devices having connectivity with the internet i.e. sensors, smartphones, wearables and domestic appliances. This is the embodiment of the fourth industrial revolution that within 2020 almost half of the business activities are running on the IoT and pandemic has been a testing time when online business ,banking, education, health, and transactions among many other things moved to IoT.
This trend is modern and has potential to make life easier for the people of contemporary time but it also poses major risks in other terms. A cyber attack against any financial institution may empty their coffers in no time but a cyberattack against nuclear power plants of nuclear actors may lead to release of radioactive materials and can cost lives, psycho-trauma and heavy economic losses.
Cyber attack on Iran’s 15 nuclear facilities had caused massive damage to Iran’s nuclear program but later on Iran discovered that this was due to malicious Stuxnet worm files that penetrated into the system through a random USB device and caused such a massive damage.
Cyberspace has gained more power as a domain of warfare due to its significance of impacting enemy states through cyberattacks. Almost all of the major powers employ cyber armies to protect their critical infrastructure from enemy cyberattacks and locate the origin of the cyberattack and hit-back with more rigorous response.
United States is said to be the most dominating power in space and cyber space. To protect its nuclear power plants it also uses decades old analog(non-digital )safety systems, the primary objective of this is to protect against modern malware.
According to Ed Lyman Director of Nuclear Power Safety, Climate and Energy the U.S. government agencies came under a massive cyberattack and impacted the U.S. nuclear energy infrastructure. As the Nuclear Regulatory Commission(NRC) of the U.S. had a contract with Solar Winds and its software(Orion) was identified as a major vector for cyber attack. This reflect no matter how secure one makes of cyber attacks, if infrastructure is modern and connected and controlled remotely through computer-network systems, then it is vulnerable to cyber attacks.
India is considered as a tech-nation in South Asia and it has global outreach for its digitization. Indian Prime Minister Narendra Modi three days state visit to Israel in 2017 was aimed at boosting cyber security cooperation and strengthen institutional linkages. India wants to replicate Israel success in incubating world’s most sought startups. Israel’s unit 8200 has gained excellence in cybersecurity that inspires even America and China. This enlists Israel least vulnerable nation among cyber-targets. Indian IT industry has also shifted its focus from more traditional to trendy technologies(cloud computing, big data and artificial intelligence. India and Israel have inked the agreement to deepen the mutual cooperation to counter global cyber threats. Unfriendly states are engaged into cyber competition while rival states are waging cyber war against each other. According to Christian Science Monitor, Iran claimed to hack the U.S. RQ-170 drone by exploiting a flaw in its positioning system. Iran claimed that it was able to spoof and trick the drone to land a location that drone received was friendly. In March 2019 the Washington Times reported that the U.S. launched a counter-cyber operations against China’s cyber actor group (APT-10) and accused China of intellectual property theft. The U.S. also claims that private entities who have defence collaboration with the government also come under such attacks on frequent basis but these private entities have deep understanding of the threat environment and the threat actor tactics, techniques and procedures but these entities are constrained by legal limits to engage in active measures. The U.S. army was hacked by a group of hackers 52 times in the span of just five weeks. According to an article published in Forbes, the spokesperson of the Department of Defence, Defence digital service “hacking strengthens its security posture” because the hackers were part of the event “Hack the Army” that have taken place since 2016.
According to the U.S. News , due to pandemic of Covid-19, a surge in the cyberattacks on Pentagon was witnessed. The Department of Defence employees had to communicate entirely by their computers and spear-phishing related to Covid-10 caused problem even to the secured network. As people were much more curious to know about alerts on Covid-19 and any email or text message link-clicking ostensibly allows hackers to access their private system.
States are not actualizing the threat posed by cyber attacks as they are busy building up their cyber security but this situation can be exploited by non-state actors and they can lock two rival states into an intense conflict due to cyber attacks. As the digital connectivity is increasing globally, cyber threats have also become more rampant and damaging. Cyber warfare has the potential to lead the rival states to limited war,but once war breaks out there are bleak chances that it will stay limited, whereas it can turn into a full fledged war. States need to engage in cyber diplomacy and increase confidence building measures(CBMs).
*Dr. Musarat Amin is a strategic security analyst and the views expressed in this article are her own and do not purport or reflect the opinion of her organization. She can be reached at [email protected] She tweets @MusaratAMIN