- Wednesday, 18 February 2015 07:46
by Waleed bin Shahid
Waleed is a lecturer in Information Security department at NUST-MCS
The art of warfare and defense has always been changing with respect to human development. Man started off with stones, moved to lances, arrows, bows and shields, developed guns and grenades, shifted from horses to battle tanks and reached the zenith of belligerence by bombing Hiroshima and Nagasaki with atomic weapons. But since man has crossed the threshold of 21st century the art of human warfare has been redefined. We now live in this dot com world of web, computers and inter-connected networks thus giving birth to a new genre of warfare known as the Cyber Warfare.
Earlier, technology was considered to be an additional feature cementing superiority of one nation over the other as for instance in the Second World War where Germans relied on Enigma, a cipher machine used to encrypt confidential war communications. Enigma was broken by British cryptologists during the war causing a major setback to German war ambitions which eventually led to allied victory.
Now, technology has taken over as the most important asset of a nation in order not just to develop but also to defend against all sorts of aggression. Individuals, companies, government departments, state agencies and people in the halls of government are custodians of petabytes of information which might be of huge strategic interest to adversaries. The global economic system; space, air and land transport structures, industries, irrigation and water management systems are all connected and controlled by computer networks. Similarly, defense and strategic organizations across the globe are also fully or partially networked. Responsible nations across the globe are putting efforts at all levels to ensure safety, confidentiality and integrity of these networks in order to avoid information pilferage. At the same time technologically advanced countries are augmenting their offensive capabilities to launch cyber-attacks in order to intrude computer networks of other countries and organizations. The realization of cyber threats have started to redefine policies both at regional and at the international stage, something that often tops the agenda of discussion between Chinese and US presidents, the two leading cyber giants. This cyber warfare dogma has become so severe that countries like China, Russia, Saudi Arabia, Iran and Germany are actually working to create their own internets.
On the other hand, the reason why most countries including Pakistan have failed to come up with an effective cyber defense and security policy and strategy at the government level is the sheer lack of technology awareness among the political and bureaucratic elite. They might be of the opinion that cyberwar has never happened in the past, it is not occurring in the present, and it is highly unlikely that it will disturb the future. It is quite true that rather than heralding a new era of violent conflict, so far the cyber-era has been defined by the opposite trend: a computer-enabled assault on political violence. Cyber-attacks diminish rather than accentuate political violence by making it easier for states, groups, and individuals to engage in two kinds of aggression that do not rise to the level of war: silent sabotage and clandestine espionage. Malicious computer code and computer-based sabotage operations make it possible to carry out highly targeted attacks on an adversary’s technical systems without directly and physically harming human operators and managers. Computer-assisted attacks make it possible to steal data without placing operatives in dangerous environments, thus reducing the level of personal and political risk. This mindset challenges the immediate steps governments need to take in his regard.
Cyber espionage, attacks and defense have been in full swing affecting political and socio-economic policies. Be it the Ukraine crisis, Hong Kong protests, Syrian issue, Gaza conflict or Catalonian independence, cyber activists use best of their technical skills to adversely affect their respective opposition. According to a defense, military, and national security leaders in a Defense news poll, the threat cyber warfare poses to the United States is larger than the threat of terrorism, China, Iran and North Korea.
China on the other hand launches cyber-attacks on anti-government entities, other countries, organizations and individuals in a blatant and aggressive fashion. Be it operation Aurora, Ghost Net or repeated penetration into secret pentagon systems, Chinese Cyber ambitions have become a point of contention between the two super powers.
Stuxnet gave a new dimension to cyber warfare. It was a highly sophisticated piece of malware that was designed to disrupt the Iranian nuclear program, which it in fact did to some extent by affecting the centrifuges at the Natanz and Bushehr nuclear installations. Analysis of Stuxnet code by the security company Symantec revealed that the malware might have been written in Israel as this high level of computer programming and attack paradigm is not possible without a full-fledged government support. Israeli and US authorities denied the allegations that the code was written by Israelis with any US support. Pakistan was the seventh most affected country by Stuxnet but there is no information available as to which systems got affected. On the other hand, Stuxnet opened a new era in the Iranian cyber history. Knowing that the geo-strategic location and the controversial nuclear program is something the Arab foes and world powers are quite skeptical about, Iran deployed maximum efforts to develop a fully functional cyber army in order to counter such nefarious attacks in future. The consolidated efforts put by the Iranian cyber army successfully defended DuQu and Flame, the latter being one of the most sophisticated malware attacks so far. Apart from defense, Iran apprised the world about precautionary measures that must be taken to nullify the effects of Flame.
The PRISM surveillance program made cyber warfare hit headlines across the globe. Launched by the National Security Agency of the US, Prism was a clandestine mass electronic surveillance program that collected data from secret government departments from across the globe. It also spied on world leaders as powerful and influential as Angela Merkel and Dilma Rousseff, giving rise to tensions between US and its key ally Germany and South American giant Brazil. Pakistan was also an important target of the NSA surveillance but once again, there is no mechanism developed at the government level to know as to what systems were affected and what sort of information was lost. Pakistan has a lot of potential when it comes to computer security, malware analysis, networks and information management both in academia, private hacking groups, and in defense departments but a consolidated and regimented government effort is totally missing.
The overwhelming increase in the use of smartphones has opened newer avenues for malware authors and cyber criminals to launch attacks on common users as well as key people, who have a say in policy making and are custodians of important information. Users install a variety of applications on their smartphones without caring about their origin, function, behaviour and threat level. For instance, Viber is a very famous instant messaging and voice over IP application that has appeared as free of cost alternate to normal voice calls provided by the telecom operator. Millions of people across the globe use Viber in order to talk to their loved ones without spending a penny. This application was founded by Talman Marco, an Israeli entrepreneur and businessman, who also served as the Chief Information Officer for the Israeli Defense Forces central command. Viber, for some odd reason was incorporated in Cyprus, a well-known external base for Israeli spy operations. What’s more strange and alarming is that the application would upload your contact list onto their server and would keep a record of your messages and calls. These risks associated with the use of Viber have led to its ban in some countries like Saudi Arabia but it is something of immense concern for Pakistan where people working in key government, strategic and defense departments might have been using this application on their smartphones without any knowledge of what sort of information they might be unintentionally leaking to a company that even has no official address.
It is difficult to stop cyber-attacks because they can start from small incidents like plugging in a malicious USB, downloading a malicious email attachment and visiting a malicious webpage. Gone are the days of human agents who risked their lives to acquire enemy secrets, it is all about information warfare and the protection of national cyber space must be held paramount. Keeping in mind the geo-strategic location and importance of Pakistan, this is the high time that government should come forward and efficiently work on protecting the cyber space of the country on war footing before we fall prey to foes in this very war without losing an inch of land and a drop of blood.