Technology issues in information assurance

Technology Issue in Information Assurance

Cyberwars: The Virtual Battlefield of the 21st Century

In the very near future, many conflicts will not take place on the open field of battle, but rather in spaces on the Internet, fought with the aid of information soldiers.... This means that a small force of hackers is stronger than the multi-thousand force of the current armed forces. --Former Duma member Nikolai Kuryanovich

The recent denial of service attacks on Amazon, PayPal, MasterCard, and Visa by supporters of Wikileaks founder Julian Assange made it abundantly clear that even major corporations with the most sophisticated information security measures in place remain highly vulnerable to cyber attacks that can disrupt operations in major ways. While these so-called cyber attacks merely represented a temporary -- but expensive -- inconvenience for these companies, the attacks highlighted the need for increased measures that can prevent their recurrence in the future. Unfortunately, the virtual battlefield of the 21st century resembles warfare throughout the ages wherein new defense measures are quickly matched by new counter-offensive methods. Kings built their castle walls higher and thicker in the Middle Ages, for example, but siege weapons such as catapults and trebuchets made short work of these improved defenses. Similarly, privately motivated and government-sponsored terrorists are constantly searching for weaknesses in national defense computer security systems and these trends are expected to continue well into the foreseeable future. To determine how cyberwars are being waged in the 21st century, what form they take and what can be done about them, this paper provides a review of the relevant juried and scholarly literature, followed by a summary of the research in the conclusion.

Review and Analysis

Background and Overview

As the term implies, cyberwar involves malicious attacks on information systems that typically occur over the Internet. According to Jurich (2008), "Cyberwarfare, as these attacks are described, represents the emerging use of the Internet to disrupt national security as cyberspace has become better developed and increasingly accessible to all parts of the world" (p. 276). Likewise, Trendle reports that, "Modern information and communications technology has created the phenomenon of cyberwar - information warfare waged over the Internet. It is increasingly recognized in government, military and business circles as a potential grave threat" (2002, p. 7). As the term specifically applies to governments and national defense, the definition provided by Cimbala (2002) indicates that cyberwar is "The conducting of a military campaign or plan of operations on cybernetic principles. This essentially means exploiting information technology in order to deny to the enemy a coherent picture of the battle while, at the same time, providing for one's own side the most comprehensive picture of the same engagement" (2002, p. 20). Prosecuting cyberwar can assume a wide range of tactics, including both physical infrastructure as well as information systems. In this regard, Cimbala adds that, "Cyberwar can include tactics as diverse as the physical destruction of command-control centers or air defense radars, on one hand, or the invasion of enemy computer networks with viruses, worms, and other hostile cyberbugs in order to disrupt or confuse those networks and the information they carry" (2002, p. 20).

While there is a growing body of knowledge concerning what forms cyberwarfare can assume and its potential for destruction, there remains a serious gap between what is known and what is taking place in other countries and among non-state actors who may be mounting a Manhattan Project level effort to disrupt the nation's defenses (Korns & Kastenberg, 2008). Indeed, Williams (2009) emphasizes that, "In many ways, cyber warfare is in its 'Billy Mitchell' days, analogous to the advent of airpower prior to World War II. We are aware of potential and actual risks in this new domain but do not fully understand them" (p. 21). What is understood is the enormous impact that cyberattacks can have on a nation's defenses and what form these attacks assume. For instance, according to Trendle, "Cyberwar at its most benign involves distributing information through websites or e-mail to raise awareness, mobilize support and create global networks. Beyond this propaganda aspect, it can also include infiltrating and disrupting an enemy's computer networks and databases" (2002, p. 7). In the Age of Information, these types of attacks can mean real problems, of course, and a number of methods have been developed to exploit the vulnerabilities of the information highway. For instance, Trendle notes that, "In this area, cyberwar has introduced a host of new weapons such as viruses, worms and trojan horses, which can wreak havoc on computer systems" (2002, p. 7).

These cyber weapons have leveled the playing field for belligerents seeking to harm the United States in some fashion, allowing an individual or small group of computer engineers with minimal resources to attack a superpower, frequently with impunity. As the United States continues to invest enormous amounts of money in high-tech tactical weaponry that can be deployed to every corner of the world, computer engineers or even a single person can wreak havoc on these conventional -- and expensive -- weapons. In this regard, Trendle notes that this type of cyberwarfare is known as asymmetric warfare: "This digital warfare comes under what military theorists increasingly refer to as asymmetric warfare, where unconventional tactics are used by smaller players to counter the overwhelming conventional military superiority of an adversary" (2002, p. 7). In this environment, some military strategists today might be lamenting the absence of the "good ol' days" of the Cold War when America's enemies were other nations which were well-known and which had definite geographic locations. As Tendle concludes, cyberwarfare has changed all of that: "Like a classic guerrilla struggle, which is a conflict of the weak against the strong, cyberwar can enable an individual to damage the computer system of a government or 'down' the website of a multinational corporation. The weapon of choice can be nothing more than a laptop computer wired to the Internet" (2002, p. 7). Perhaps the most alarming aspect of cyberwarfare is its insidious qualities wherein attackers can be other countries, terrorist groups or even an adolescent at home mimicking these efforts by others (O'Rourke, 2010). Moreover, in sharp contrast to conventional warfare where it requires significant amounts of time to mount an assault, cyber attacks can take place quickly. For instance, Clemmons and Brown (1999) note that, "Warfare by computer has no 'front line,' and with the low cost of technology, anyone can play. The problem we face is that, far from taking months to assemble the war machine necessary to carry out a huge conventional attack, a cyberattack could cause the same damage instantly. Further, the attack could emanate from a great distance, giving little warning or opportunity for defense" (p. 36). Taken together, it is clear that cyberwarfare is a growing threat to the United States and its interests at home and abroad, an assertion that is supported by current trends in cyberwarfare which are discussed further below.

Current Trends in Cyberwarfare

One of the most alarming aspects as cyberwarfare is the wide range of opportunities that cyberspace provides individual hackers and organized elements, including countries, to prosecute attacks on the United States' security infrastructure in ways that have never been possible in the past. In this regard, Jurich cautions that, "Cyberspace's many uses -- and an increasing global reliance on the application of these uses-leaves myriad potential methods available to attackers" (2008, p. 275). Moreover, as the Internet continues to create integrated networks of information systems from all sectors of countries, the potential for disrupting or even destroying these systems becomes even more pronounced. According to Jurich, "The intertwined nature of cyberspace's infrastructure places military, government, financial, and civilian uses into a single channel. Within this channel, technological breakthroughs create vulnerabilities for all users, who are open to opponents' exploitation. These opponents may range from economic, political, and military competitors to terrorists and criminals" (2008, p. 275). This integrated quality of information systems also means that even as new protections are developed against cyber threats, belligerents can develop new ways of defeating them, comparable to the build bigger walls and deepen the moat trends that were countered by siege weaponry that characterized feudal warfare. As Jurich points out, "Each technological breakthrough, moreover, opens all users of the infrastructure to attacks from any individual opponent. Meanwhile, opponents can develop offensive strategies against a variety of targets simultaneously because of a shared protocol within the infrastructure" (2008, p. 276).

Notwithstanding the clear and present threat represents by cyber attacks, the inexorable march toward ubiquitous computing continues, and the threats to these vital information systems continue to increase as well (Liptak, 2009). These trends can be easily discerned by the initiatives undertaken by the Chinese and American governments to develop cyber weapons of their own, both to counter attacks from others as well as prosecute them as part of their overall strategic operations. According to Jurich:

The Chinese government has committed itself to developing an 'informationalized' army, comprised of individuals manning computer terminals instead of tanks, to replace current 'mechanized' technology, and the U.S. Department of Defense (DOD) uses over two million computers and more than ten thousand local area networks, most of which are linked to, and vulnerable to attack from, users of the larger Internet. (2008, p. 276)

These increasing threats correspond to the growing reliance on information systems to manage the entire spectrum of modern commerce and energy resources, making the disruption of a single element in the integrated system a potential threat to the remaining components that can result in a massive disruption to a nation's economy (Jurich, 2008). Certainly, these types of trends were witnessed in a similar fashion when terrorists flew jet airliners into the World Trade Center and Pentagon in 2001, and the national economy of the United States suffered to the extent that it is still recovering. As Jurich points out, "The push towards greater reliance on information technologies in fields including energy, communications, industry, finance, transportation, and human services has produced a situation in which economic collapse could occur even if only the financial components of the information systems were crippled; a more widespread attack could lead to an even greater disaster" (2008, p. 276). With cyber attacks, though, there is no need for an expensive and massive conspiracy that involves taking flying lessons and sleeper cells.

Likewise, in sharp contrast to the conventional warfare of the past, conflicts today can exploit the vulnerabilities of cyberspace to overcome the geographic distances that have provided the United States with a modicum of protection from its enemies overseas. During World War II, with the exception of a few German submariners who were placed ashore in New York (and quickly captured) and some Japanese balloons that carried incendiary devices to America's western shores, the United States has not had to fight a war on its on shores to date. Cyberwarfare, though, changes the situation dramatically by eliminating this traditional buffer from conventional military forces. In this regard, Allen and Demchak (2003) point out that as the world's only remaining superpower, it has become the focus of cyber attacks from all corners of the globe. According to these authorities, "Because the United States is the largest player in the international political environment, it has become a lightning rod for hacking and terrorist attacks, regardless of whether the nation was involved in the initial conflict" (p. 54). The geographic boundaries that buffered the U.S. In the past simply evaporated on September 11, 2001: "Until 11 September 2001, the United States was fairly complacent about its enemies overseas. However, the distance between the United States and its enemies is dramatically reduced. The lessons from early cyber conflicts need to be learned now to properly prepare for future conflicts" (Allen & Demchak, p. 54).

Current trends indicate that the threat to the nation's security is genuine, particularly with respect to the proliferation of computer viruses which have steadily increased in recent years (Denning, 2001). According to Trendle (20020, the number of viruses increased by more 150% just between 1998 to 2002, and in more than 50,000 viruses have launched with as many of 400 viruses being active at any given time; further, as many as a dozen new viruses are placed on the Internet every day (Trendle, 2002). Indeed, by 2013, industry analysts estimate that at least 50% of all emails will be infected by viruses (Trendle, 2002). There are also growing concerns that these viruses may affect other mobile devices that are becoming increasingly popular (Trendle, 2002). As Trendle emphasizes, "Experts believe that many of the viruses and worms deployed by hackers in a new cyberwar could spread to the Internet as a whole and infect systems worldwide. There are also fears that malevolent bugs could cross over to mobile phones and personal digital assistants" (2002, p. 8). The nightmare scenario envisioned by the so-called Y2K bug would become a reality if such an eventuality occurred today, and cyberwarfare could bring down the electrical grid, air traffic control as well as the nation's banking sector among others (Trendle, 2002).

Other military analysts paint an equally grim picture of the outcome of cyberwarfare on the United States and its interests at home and abroad. In this regard, Clemmons and Brown (1999) report that an increasing amount of malicious software is being developing in the Middle East and Asia that will ultimately target U.S. interests. These authors note that, "If nations, groups or individuals in those areas have interests divergent from ours -- and they do -- they could quite easily insert destructive code in programs, or leave back doors whereby they could enter U.S. computer systems at will" (Clemmons & Brown, 1999, p. 36). The potential outcomes of such massive cyber attacks on a modern society that is highly dependent on its information systems will be devastating because of the effects such attacks will have on humans as well as the computer they rely upon (Gable, 2010). As Clemmons and Brown point out, "We can only imagine the fatalities that would result from these attacks. They would include deaths from transportation accidents, starvation from lack of cargo movement, deaths from exposure to extreme heat or cold caused by power failures, drownings from burst dams, riots, and the list goes on" (1999, p. 36).