Amid the Senkaku/ Diaoyu islet chain disputes and violent demonstrations in China against Japan, a series of cyber attacks hit the websites of the Japan’s Defense Ministry, Internal Affairs and Communications Ministry, and the Supreme Court including Japan’s Statistics Bureau and Banking networks. Referring to various Japanese and U.S. sources, a recent news story by Bill Gertz in Washington Free Beacon on September 25, has claimed that these attacks were originated in China and worked as a preview of China’s military behavior during the opening phase of a military campaign.
According to Gertz an official has revealed that this was the beginning stages of a future conflict “expected to begin with crippling cyber attacks against information systems that control large segments of the U.S. system, including power generation, transportation, financial, and other key infrastructure”.
One week earlier Gertz, in the same publication had stated that the Iranian government recently conducted a major cyber attack on a major U.S. financial institution. The attack, although was unsuccessful – exhibited how Tehran has emerged as a strategic threat to U.S. cyber systems that control critical infrastructure such as military systems, financial networks, communications, the electrical power grid, transportation networks, and other vital functions.
What U.S. intelligence and cyber warfare experts have commonly admitted is that Iranians are technically well equipped and well funded and have dramatically increased their cyber capabilities in “depth and complexity” against the United States and the West.
In March last year, Gen. Keith Alexander, the head of the U.S. Defense Department’s Cyber Command told a Congressional Committee that United States lacks people and resources to defend the country adequately from concerted cyber attacks and is thin against any such attacks on its vital security. Gen Alexander, further admitted that he would mark “C” to the military’s ability to protect Pentagon networks.
He pledged Congress that all major conflicts in future will have both offensive and defensive cyber element and hence Congress needs to work with the White House to define the parameters needed to guide the military to respond cyber threats.
Making a statement before respective Senate Committees on “Worldwide Threat Assessment of the U.S. Intelligence Community . . .”, Director of National Intelligence, James R. Clapper on January 31 and Director of Defense Intelligence Agency, Ronald L. Burgess, Jr. on February 16,this year, admitted that potential adversaries are increasingly more capable of conducting cyberspace operations against major U.S. economic and defense establishments. Both Clapper and Burges told the Senate committee that China and Russia are posing bigger cyber threat to the United States.
And on March 7, a congressional report prepared by Northrop Grumman Corp for ‘U.S. China Economic and Security Review Commission’ entitled “Occupying the Information High ground” ,has claimed that China has developed “an integrated information warfare capability (IW) capable of defending military and civilian networks while seizing control of an adversary’s information system” -preemptively during a conflict.
According to the report, Chinese People’s Liberation Army (PLA) has developed a highly sophisticated cyber warfare capability that would cripple computer networks of the U.S. Pacific Command and Transportation Command and debilitate their movement in case of “Chinese initiated . . . aggression against Taiwan or other nations in the Western Pacific region”.
PLA is moving toward information confrontation – seeking to unite the various component of information warfare under a single commander so that both the offensive and defensive missions are closely integrated and mutually supported.
China’s cyber warfare program called in China as “information confrontation” is integrated as offensive operations with other forms of military strikes from missiles, warships, and aircraft, including the use of deception operations, electronic warfare, and psychological warfare, the report says.
Countries like U.S. India, China and Koreas Racingfor “Cyberwar” Capability
Addressing military personnel in Offutt Air Force Base near Omaha in Nebraska on August last year, Defense Secretary Leon Panetta had warned that “We could face a cyber attack that could be the equivalent of Pearl Harbor”. Such an aggression, according to Panetta could paralyze the whole state system at any time.
In his powerful book “Cyber War”, Richard A. Clarke the former White House terrorism adviser has anticipated a “cyber-9/11” that can freeze Pentagon computers, blind telecom satellites, disrupt power plants, make subways grinding to a halt, explode petrochemical installations and paralyze critical infrastructure. Mr. Clark, according to Washington Post had famously failed to excite George W. Bush’s aides about al- Qaeda’s possible attacks more than two months before al- Qaeda made such an attack at Twin Tower.
India’s Institute for Defence Studies and Analyses (IDSA), a premier government funded but independent think tank, has just published an IDSA Task force report on “India’s Cyber Security Challenge”.
The IDSA report has acknowledged cyberspace “as fifth potential theatre of war along with land, sea, air and space”. The report drawing differences between traditional theatre of conflict and cyberspace says that in cyberspace it is very easy for an attacker to cover his tracks and mislead the target. But it makes hard for those being attacked – to identify the perpetrator and retaliate it by collecting early warning, intelligence and ensure preemptive defense. Therefore, as reflected by the report, developing counter measures and standing ahead than others is as central to the defense of cyberspace as the more conventional security measures.
Technology has always played a key role on the nature and impact of war. Information revolution has opened a new regime of war as “No Contact War” (NCW) where there could be no “physical” or “kinetic” action, but operations are conducted in a covert manner. In such a war “the enemy is unseen and the victim is unsure of how and where to react”.
For the first time, last year in May as reported by Global Times and other Chinese state owned media, Geng Yansheng the spokesman for the Ministry of National Defense, in a press conference revealed that to improve its defense capability to detect and fight back against cyber attacks a “Cyber Blue Team” is launched in the Guangzhou Military Region. Colonel Yansheng admitting that cyber attacks have become an international problem affecting both civilian and military areas confessed China’s relatively weak position in cyber security and has often been targeted.
China was believed to have created a Cyber warfare unit in 2003, but according to Global Times ( May 27,2011) the program was first noted in April after the PLA Daily reported that the Guangzhou Military Region had invested tens of millions of Yuan in the program, that serves as a platform for cyber-warfare activities.
The program also included a talent pool plan of the army that would train and recruit highly skilled personnel to handle advanced weaponry, cyber warfare and to carry out unconventional security tasks.
South Korea since 2009 has cyber warfare command to work on Internet hacking prevention, cyber security, and restoration of damaged networks and carries out military operations in cyberspace in cases of emergency.
North Korea is reported to have a strong cyber warfare unit staffing more than 3000 people under the command chief of country’s intelligence agency. It has nation’s most gifted young people to work as professional hackers and get involved in other cyber warfare activities.
History of Cyber Attacks: From Banks to Nuclear Installation
In 1993, when many of us around the world had not seen a computer and heard about internet, email or cyber activities, that time two RAND researchers John Arquilla and David Ronfeldt predicted that “cyberwar may be to the 21st century what blitzkrieg* was to the 20th century”. Both RAND scholars anticipated that in the 21st century there will be a significant “transformation in the nature of war” that they believe “will prove to be better approach to defining cyberwar” a position that America was at odd with.
In their celebrated essay “Cyberwar is coming” (Comparative Strategy, Spring 1993) they referred cyber war as conducting military operations according to information related principles: disrupting and destroying the information and communication system by electronically blinding, jamming, deceiving, overloading and intruding into the information and communication circuits of the adversary.
In the late 90s, according to David Rothkopf, banks were losing millions and millions every year to cyber theft, but that was not reported because they didn’t want their customer to get spooked by it (Foreign Policy Magazine March 17, 2011).
North Korea was accused of launching a cyber attack on the computer system of one of South Korean bank on April last year.
In April 2001 an incident that involved the collision between a U.S. EP-3 surveillance aircraft and a Chinese F-8 jet more than 1,000 U.S. Internet sites were attacked.
A senior Chinese military official Lin Shishan, a member of China’s Fourth Department of the General Staff- in charge of cyber warfare, stated in a 2008 article that the first task of the military is to get prepared to destroy enemy’s information systems in warfare.
A computer virus named “STUXNET” that began to spread in mid-2009 is the most sophisticated cyber weapon ever deployed. The weapon, according to an in depth article by William J. Broad, John Markoff and David E. Sanger in the New York Times (January 15, 2011) and the transcript of a popular interactive program aired by CBS news on March 4, 2012 – was launched against Iranian nuclear facility in Natanz.
The Stuxnet virus, as mentioned by above sources was covertly developed by U.S. and Israeli experts to sabotage a top secret Iranian nuclear installation.
Stuxnet contained tens of thousands of lines of code, written in a highly professional way and was very difficult to analyze. It was most specific with its target, didn’t attack every computer it infected, but was looking only some particular kind of equipment that was used in Iranian nuclear program.
It was especially designed to infect the computer system of the Iranian nuclear plant, disguise its presence, move through the network, change the official computer code and increase the speed of the centrifuges and damage the uranium enrichment facility, but without being noticed by the computer operators involved with the project.
As a result of this some 1000 to 2000 centrifuges were removed from Natanz. Later Iranian president admitted that the enemies of the state had harmed the nuclear facility but tried to down play the exact damage. At the same time Israeli and American authority maintained that the computer worm set back Iranian programs by several years.
According to Sean McGurk, an expert on cyber security, if computer worms like Stuxnet is launched against any adversary, and the opponent if is able to download the actual source code, it can be repackaged, repurposed and redirected towards its source. It can attack anything from uranium enrichment plant to electric company and make damages beyond imagination.
After this attack was reported quoting an Iranian official IRNA news agency claimed that if United States does not end its cyber attacks, it in return will receive decisive response. In its bid to provide effective protective shield against enemy’s cyber threats and attacks Iran is working on a most advanced cyber laboratory that would be completed by the coming year.
Examining the attempts made by all major powers and middle powers involvement in acquiring critical cyber warfare capability, the U.S. Cyber Command chief Gen. Keith Alexander, earlier this year, is reported to have said that the future cyber warfare would be a great transition from “disruptive to destructive attacks.”
The question arises should not there be an international instrument to govern cyber warfare activities among countries of the world?
*Blitzkrieg is the word first used by Germans in 1939 meaning: blitz – lightning, krieg- war. A war conducted with the huge concentration of great speed and force with modern firing weapons: tanks, planes and artillery from land air and sea in close coordination.