Cyber Warfare: Regional Is Becoming Global
Today’s small wars and border conflicts are being fought online and under the radar, but the conflicts could escalate into real world wars.
While the Cold War never turned hot between the major world powers, throughout Asia there were a number of border disputes and other regional small wars. For instance, India and Pakistan engaged in several border disputes, and China engaged both India and the Soviet Union in similar small wars. Cooler heads prevailed and major conflicts were avoided. But these small conflicts continue, in the 21st century. Only instead of shells flying across a border, the battlefront has moved online.
Last year, a full-blown hacking war erupted between India and Pakistan, with groups on each side defacing websites belonging to organizations in their rival nation. It was a brief cyber war, with the websites of the Press Club of India (PCI) and the Pakistan People’s Party (PPP) getting hacked. “We’re seeing this as a common form of attack,” says Martin Libicki, senior management scientist with the RAND Corp. “This is a relatively easy attack to carry off, and the cost in terms of damage isn’t very large.” But as it continues to develop, cyber warfare has the potential to cause a lot more harm than mischief and nuisance.
Cyber warfare has become an extension of traditional small war politics. In most cases it isn’t meant to cause physical or even economic damage but is one that is more of mass annoyance or mass distraction. Outside the economic harm it caused, the alleged North Korean cyber attack on Sony is an example of how it fits into the mass annoyance category.
But there are cases where these attacks have had more damaging results. In March 2013, a bank and three South Korean TV stations were victims of an attack also believed to have been carried out by North Korea. The attacks actually froze computer terminals and shut down ATMs and mobile payment services. In total more than 50,000 servers across South Korea were taken offline in the attack – costing as much as $800 million. Similar attacks also occurred there in 2009 and 2011.
In Dec. 2014, North Korea was also accused of a cyber attack on South Korea’s Korea Hydro and Nuclear Power Co Ltd. That attack didn’t cause physical damage but it may have been conducted to gain plant blueprints and test data.
“These are two cases—the attack in 2013 and the one in 2014—where it was more than embarrassment,” Libicki says. “But the latter is also an extension of cyber warfare as espionage, which is largely used by everyone today.”
As noted by the documents leaked by Edward Snowden, countries spy on one another all the time—and this includes allies spying on each other. But most security breaches are likely kept quiet to avoid the embarrassment that comes along with it. Still, these “friendly” security breaches can put people in harm’s way. For instance, government operatives, as in spies or sources, can be compromised through these kinds of breaches.
“There is very likely the possibility that someone could be put in danger if they are compromised,” says Bryce Boland, CTO of cyber security firm FireEye. “Intelligence gathering through a cyber attack could unmask operatives and that could lead to people being physically at risk.”
But it’s not just state-sponsored spies being put at risk by cyber warfare. According to a FireEye report released early this year, the volume of attacks involving the theft of corporate data has increased dramatically, and China has been suspected of cyber attacks that have targeted not only government agencies but also corporate entities and even journalists. The attacks reportedly began as early as 2005 and may have targeted businesses all over Southeast Asia, including India, Indonesia, Malaysia, Nepal, the Philippines, Singapore, Thailand and Vietnam. Chinese companies, which are closely tied to the government in Beijing, may have sought out intellectual property and other sensitive data from their regional competitors.
“It has become part of the doctrine by certain countries as how they project power,” says Boland.
There has been backlash from these attacks, but it hasn’t been much different than how trade negotiations have been handled for many years. Basically some Chinese companies including Huawei, Lenovo LNVGY -4.05% and ZTE Corp ZTCOY -1.29% have been blacklisted by western governments. The “Five Eyes,” which encompasses the intelligence agencies of Australia, Canada, Great Britain, New Zealand and the United States, instituted policies in recent years that ban computers or other devices from these companies being used on secure networks.
Likewise, regionally, India and other nations have instituted similar bans on the use of Chinese devices. “We are seeing that notable Chinese companies aren’t trusted by western or even regional governments,” explains Boland.
From website hacking to trade embargoes, this demonstrates the very real concern that actions in cyberspace can escalate quickly and have real world consequences, possibly spilling into the safety and welfare of civilians. Libicki suggests that thus far “we haven’t really seen where something can get that out of control, but it could happen.”
With the possibility that a cyber attack could lead to real world damage, there is the question of what will be the “proportional response” that the President has promised?
Boland thinks it is just a matter of time before we see the waters being tested, but he cautions that such an attack is more likely to come from a group acting not for a nation state but potentially an insurgent group. In other words, if cyber warfare is being used behind the scenes in border wars, what would happen if a force without borders started in?
“Cyber terrorism is the greater fear for loss of life at this point,” he notes. “Where a group affiliated with ISIS could conduct a cyber attack that results in the loss of life.”