Cyber Warfare: Regional Is Becoming Global

Today’s small wars and border conflicts are being fought online and under the radar, but the conflicts could escalate into real world wars.

While the Cold War never turned hot between the major world powers, throughout Asia there were a number of border disputes and other regional small wars. For instance, India and Pakistan engaged in several border disputes, and China engaged both India and the Soviet Union in similar small wars. Cooler heads prevailed and major conflicts were avoided. But these small conflicts continue, in the 21st century. Only instead of shells flying across a border, the battlefront has moved online.

Last year, a full-blown hacking war erupted between India and Pakistan, with groups on each side defacing websites belonging to organizations in their rival nation. It was a brief cyber war, with the websites of the Press Club of India (PCI) and the Pakistan People’s Party (PPP) getting hacked. “We’re seeing this as a common form of attack,” says Martin Libicki, senior management scientist with the RAND Corp. “This is a relatively easy attack to carry off, and the cost in terms of damage isn’t very large.” But as it continues to develop, cyber warfare has the potential to cause a lot more harm than mischief and nuisance.

Cyber warfare has become an extension of traditional small war politics. In most cases it isn’t meant to cause physical or even economic damage but is one that is more of mass annoyance or mass distraction. Outside the economic harm it caused, the alleged North Korean cyber attack on Sony is an example of how it fits into the mass annoyance category.
But there are cases where these attacks have had more damaging results. In March 2013, a bank and three South Korean TV stations were victims of an attack also believed to have been carried out by North Korea. The attacks actually froze computer terminals and shut down ATMs and mobile payment services. In total more than 50,000 servers across South Korea were taken offline in the attack – costing as much as $800 million. Similar attacks also occurred there in 2009 and 2011.

In Dec. 2014, North Korea was also accused of a cyber attack on South Korea’s Korea Hydro and Nuclear Power Co Ltd. That attack didn’t cause physical damage but it may have been conducted to gain plant blueprints and test data.
“These are two cases—the attack in 2013 and the one in 2014—where it was more than embarrassment,” Libicki says. “But the latter is also an extension of cyber warfare as espionage, which is largely used by everyone today.”

As noted by the documents leaked by Edward Snowden, countries spy on one another all the time—and this includes allies spying on each other. But most security breaches are likely kept quiet to avoid the embarrassment that comes along with it. Still, these “friendly” security breaches can put people in harm’s way. For instance, government operatives, as in spies or sources, can be compromised through these kinds of breaches.
“There is very likely the possibility that someone could be put in danger if they are compromised,” says Bryce Boland, CTO of cyber security firm FireEye. “Intelligence gathering through a cyber attack could unmask operatives and that could lead to people being physically at risk.”

But it’s not just state-sponsored spies being put at risk by cyber warfare. According to a FireEye report released early this year, the volume of attacks involving the theft of corporate data has increased dramatically, and China has been suspected of cyber attacks that have targeted not only government agencies but also corporate entities and even journalists. The attacks reportedly began as early as 2005 and may have targeted businesses all over Southeast Asia, including India, Indonesia, Malaysia, Nepal, the Philippines, Singapore, Thailand and Vietnam. Chinese companies, which are closely tied to the government in Beijing, may have sought out intellectual property and other sensitive data from their regional competitors.
“It has become part of the doctrine by certain countries as how they project power,” says Boland.

There has been backlash from these attacks, but it hasn’t been much different than how trade negotiations have been handled for many years. Basically some Chinese companies including Huawei, Lenovo LNVGY -4.05% and ZTE Corp ZTCOY -1.29% have been blacklisted by western governments. The “Five Eyes,” which encompasses the intelligence agencies of Australia, Canada, Great Britain, New Zealand and the United States, instituted policies in recent years that ban computers or other devices from these companies being used on secure networks.

Likewise, regionally, India and other nations have instituted similar bans on the use of Chinese devices. “We are seeing that notable Chinese companies aren’t trusted by western or even regional governments,” explains Boland.

From website hacking to trade embargoes, this demonstrates the very real concern that actions in cyberspace can escalate quickly and have real world consequences, possibly spilling into the safety and welfare of civilians. Libicki suggests that thus far “we haven’t really seen where something can get that out of control, but it could happen.”
With the possibility that a cyber attack could lead to real world damage, there is the question of what will be the “proportional response” that the President has promised?

Boland thinks it is just a matter of time before we see the waters being tested, but he cautions that such an attack is more likely to come from a group acting not for a nation state but potentially an insurgent group. In other words, if cyber warfare is being used behind the scenes in border wars, what would happen if a force without borders started in?
“Cyber terrorism is the greater fear for loss of life at this point,” he notes. “Where a group affiliated with ISIS could conduct a cyber attack that results in the loss of life.”

Ein News

 

« The Arrival of Algorithmic Business
Is The TalkTalk Hack a Jihadist Attack? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Renaissance

Renaissance

Renaissance is Ireland's premier value added distributor of IT security solutions and a leading independent provider of business continuity consultancy.

Atlantic Council Digital Forensic Research Lab (DFRLab)

Atlantic Council Digital Forensic Research Lab (DFRLab)

The Atlantic Council’s DFRLab has operationalized the study of disinformation by exposing falsehoods and fake news, documenting human rights abuses, and building digital resilience worldwide.

Cycura

Cycura

Cycura provide advanced, customized, and confidential cyber security services, cyber investigation services, and digital forensic services to governments, companies, and organizations.

Repulsa

Repulsa

Repulsa provides state-of-the-art, patented, fast filtering with over 700 million malicious IP addresses and over 30 million categorized site listings updated daily.

National Cyber Security Center (NCSC) - Hungary

National Cyber Security Center (NCSC) - Hungary

The National Cyber Security Center was established in 2015 by uniting the GovCERT-Hungary, National Electronic Information Security Authority (NEISA) and the Cyber Defence Management Authority (CDMA).

C3.ai

C3.ai

The C3 AI Suite supports configurable, pre-built, high value AI applications for predictive maintenance, fraud detection, anti-money laundering, sensor network health and more.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

British Security Industry Association - CySPAG

British Security Industry Association - CySPAG

CySPAG is a special interest group within the British Security Industry Association (BSIA) focused on reducing the risk of product related cybercrime.

Keysight Technologies

Keysight Technologies

Keysight is dedicated to providing tomorrow’s test technologies today, enabling our customers to connect and secure the world with their innovations.

Smoothstack

Smoothstack

Smoothstack is a technology talent incubator whose immersive training program kick starts IT careers and delivers a fresh source of IT talent.

VinCSS

VinCSS

VinCSS Internet Security Services JSC is a leading organization working in the field of researching, developing, producing products as well as providing cyber security services.

ZILLIONe

ZILLIONe

ZILLIONe is one of Sri Lanka´s top enterprise technology solutions providers.

EkoCyber

EkoCyber

EkoCyber partner with businesses as a value-added MSSP to provide top-tier, trusted and transparent cyber security services at an affordable price point.

AmiViz

AmiViz

AmiViz is the first B2B enterprise marketplace focussed on Cybersecurity business in the Middle East and Africa, designed specially to serve the interests of enterprise resellers and vendors.

Verosint

Verosint

Verosint (formerly 443ID) provides real-time account fraud prevention that reveals fraudsters hiding in user accounts and proactively blocks them before their attacks can cause harm.