Cyber Warfare: Regional Is Becoming Global

Today’s small wars and border conflicts are being fought online and under the radar, but the conflicts could escalate into real world wars.

While the Cold War never turned hot between the major world powers, throughout Asia there were a number of border disputes and other regional small wars. For instance, India and Pakistan engaged in several border disputes, and China engaged both India and the Soviet Union in similar small wars. Cooler heads prevailed and major conflicts were avoided. But these small conflicts continue, in the 21st century. Only instead of shells flying across a border, the battlefront has moved online.

Last year, a full-blown hacking war erupted between India and Pakistan, with groups on each side defacing websites belonging to organizations in their rival nation. It was a brief cyber war, with the websites of the Press Club of India (PCI) and the Pakistan People’s Party (PPP) getting hacked. “We’re seeing this as a common form of attack,” says Martin Libicki, senior management scientist with the RAND Corp. “This is a relatively easy attack to carry off, and the cost in terms of damage isn’t very large.” But as it continues to develop, cyber warfare has the potential to cause a lot more harm than mischief and nuisance.

Cyber warfare has become an extension of traditional small war politics. In most cases it isn’t meant to cause physical or even economic damage but is one that is more of mass annoyance or mass distraction. Outside the economic harm it caused, the alleged North Korean cyber attack on Sony is an example of how it fits into the mass annoyance category.
But there are cases where these attacks have had more damaging results. In March 2013, a bank and three South Korean TV stations were victims of an attack also believed to have been carried out by North Korea. The attacks actually froze computer terminals and shut down ATMs and mobile payment services. In total more than 50,000 servers across South Korea were taken offline in the attack – costing as much as $800 million. Similar attacks also occurred there in 2009 and 2011.

In Dec. 2014, North Korea was also accused of a cyber attack on South Korea’s Korea Hydro and Nuclear Power Co Ltd. That attack didn’t cause physical damage but it may have been conducted to gain plant blueprints and test data.
“These are two cases—the attack in 2013 and the one in 2014—where it was more than embarrassment,” Libicki says. “But the latter is also an extension of cyber warfare as espionage, which is largely used by everyone today.”

As noted by the documents leaked by Edward Snowden, countries spy on one another all the time—and this includes allies spying on each other. But most security breaches are likely kept quiet to avoid the embarrassment that comes along with it. Still, these “friendly” security breaches can put people in harm’s way. For instance, government operatives, as in spies or sources, can be compromised through these kinds of breaches.
“There is very likely the possibility that someone could be put in danger if they are compromised,” says Bryce Boland, CTO of cyber security firm FireEye. “Intelligence gathering through a cyber attack could unmask operatives and that could lead to people being physically at risk.”

But it’s not just state-sponsored spies being put at risk by cyber warfare. According to a FireEye report released early this year, the volume of attacks involving the theft of corporate data has increased dramatically, and China has been suspected of cyber attacks that have targeted not only government agencies but also corporate entities and even journalists. The attacks reportedly began as early as 2005 and may have targeted businesses all over Southeast Asia, including India, Indonesia, Malaysia, Nepal, the Philippines, Singapore, Thailand and Vietnam. Chinese companies, which are closely tied to the government in Beijing, may have sought out intellectual property and other sensitive data from their regional competitors.
“It has become part of the doctrine by certain countries as how they project power,” says Boland.

There has been backlash from these attacks, but it hasn’t been much different than how trade negotiations have been handled for many years. Basically some Chinese companies including Huawei, Lenovo LNVGY -4.05% and ZTE Corp ZTCOY -1.29% have been blacklisted by western governments. The “Five Eyes,” which encompasses the intelligence agencies of Australia, Canada, Great Britain, New Zealand and the United States, instituted policies in recent years that ban computers or other devices from these companies being used on secure networks.

Likewise, regionally, India and other nations have instituted similar bans on the use of Chinese devices. “We are seeing that notable Chinese companies aren’t trusted by western or even regional governments,” explains Boland.

From website hacking to trade embargoes, this demonstrates the very real concern that actions in cyberspace can escalate quickly and have real world consequences, possibly spilling into the safety and welfare of civilians. Libicki suggests that thus far “we haven’t really seen where something can get that out of control, but it could happen.”
With the possibility that a cyber attack could lead to real world damage, there is the question of what will be the “proportional response” that the President has promised?

Boland thinks it is just a matter of time before we see the waters being tested, but he cautions that such an attack is more likely to come from a group acting not for a nation state but potentially an insurgent group. In other words, if cyber warfare is being used behind the scenes in border wars, what would happen if a force without borders started in?
“Cyber terrorism is the greater fear for loss of life at this point,” he notes. “Where a group affiliated with ISIS could conduct a cyber attack that results in the loss of life.”

Ein News

 

« The Arrival of Algorithmic Business
Is The TalkTalk Hack a Jihadist Attack? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Splunk

Splunk

Splunk provide real-time Security Information & Event Management solutions for Enterprise Networks, Cloud and small-scale IT environments

Sonatype

Sonatype

Sonatype protects the world's enterprise software from security, compliance, licensing risks, while reducing application development and deployment time.

VTT Technical Research Centre of Finland

VTT Technical Research Centre of Finland

VTT is the leading research and technology company in the Nordic countries. Areas of activity include cyber security.

Sungard Availability Services (Sungard AS)

Sungard Availability Services (Sungard AS)

Sungard AS partners with customers around the globe to understand their unique business needs and provide production and recovery services tailored to their requirements.

Arab Information & Communication Technologies Organization (AICTO)

Arab Information & Communication Technologies Organization (AICTO)

The Arab ICT Organization (AICTO) is an Arab governmental organization working under the aegis of the league of Arab States.

Greenetics Solutions

Greenetics Solutions

Greenetics Solutions is a company focused on providing solutions for information security.

Conduent

Conduent

Conduent delivers mission-critical technology services and solutions on behalf of businesses and governments. Solution areas include digital risk and compliance.

Polymer Solutions

Polymer Solutions

Polymer is a Data Governance & Privacy Platform for third party SaaS apps. A modern Data Loss Protection (DLP) approach to remove sensitive data exposure on collaboration tools in real-time.

Cyber Dacians

Cyber Dacians

Cyber Dacians offers Information and Cyber Security Consulting Services. We help you to test the effectiveness of your security defenses and build a secure infrastructure.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

Rausch Advisory Services

Rausch Advisory Services

Rausch delivers solutions that address compliance, enterprise risk, information technology and human resource capital.

Akto

Akto

Akto, the plug & play API security platform. Discover your APIs, run tests and find business logic vulnerabilities at ludicrous speed.

Siometrix

Siometrix

Siometrix addresses digital identity fraud. It steals your attacker's time and prevents many prevalent attack vectors.

DigitalXForce

DigitalXForce

DigitalXForce is the Digital Trust Platform for the New Era – SaaS based solution that provides Automated, Continuous, Real Time Security & Privacy Risk Management.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.