Having served in the Air Force and through my time learning and working in IT, one area that has always captivated me is the evolving digital battlefield. Every day, our use of technology expands in sophistication and popularity. Our power grids are automated, our banking information is stored on servers, and our militaries and governments rely on the strength of their communication in the information superhighway. Not long ago, the best way to attack a country was by deploying troops or performing airstrikes; however, with the fact that pretty much everything that can be on the internet, is, we are now living in a world where you can strike at the heart of an enemy from opposite sides of the Earth, often causing significantly more damage than a physical assault.
In my military days, I built, delivered, and loaded a countless number of munitions onto aircraft, each with the power to end lives and destroy their targets. Now, in the civilian world, I see how devastating a coordinated and intelligent cyber attack can be. With recent news regarding voting fraud, videos of hackers gaining access to voting booth terminals within just a few minutes, and the scale of Russian interference in our past presidential election, one of the most crucial aspects of our government, voting, seems to be under attack from all fronts. It doesn’t matter what you believe in or what your political ideals are; the ability to influence and sway a country’s election is surprisingly simple.
Propaganda has been used throughout history, by countries all over the world. North Korea’s attempts to influence the minds of their citizens is one of the most significant examples of the impact of social engineering attacks; during the year I spent at Osan Air Base in South Korea, I experienced their past and current campaigns first-hand. Since the general population of North Korea has little to no access to the internet or any communications from the outside world, their government can dictate and spread miss-information on a massive scale, and with overwhelming effectiveness.
With the introduction to the internet, propaganda now has the perfect medium to spread hate, fake news, and other forms of systems to influence others. With proper research of a country’s political viewpoints, what is popular with their youth, and a general understanding of psychology, a country can create fake events and spread miss-information in the goal of influencing elections, swaying votes, and causing corporate chaos.
In my opinion, America has been in a cyber war for quite some time, and frankly, we are losing. Cyberwarfare, defined as the use of digital attacks, such as hacks and viruses, to disrupt the vital computer systems of a country, is the new avenue of current and future conflict. In recent news, a global campaign targeting defense, financial, energy, and nuclear companies had been discovered. Dubbed ‘Operation Sharpshooter,’ a group of hackers targeted critical infrastructure using an advanced malware/social engineering attack. Last year, President Trump signed an executive order to improve cybersecurity in the United States; while this order was created shortly after the news of Russian interference of the election, its potential benefits are far more than securing voting methods.
Why Cyber Warfare?
Due to modern societies’ reliance on computer systems to run everything from transport networks to missile defense systems, disrupting a country’s cyber abilities can impact everything they do. Unlike traditional military attacks, a cyber attack can be launched from any distance, requiring little funding and having the ability to do so incognito. Furthermore, most wars are started due to another country’s resources. Oil, the holy grail conquest of the United States, has been the most substantial influence in past years. If one country seeks the resources of another, a physical attack with ground troops, air raids, or even a nuclear strike dangers those desired capitals. By using a cyber attack or even, for example, detonating an atomic bomb in the atmosphere over a country to trigger an EMP, you can disrupt or shut down the infrastructure while preserving their precious possessions.
Examples of Cyber Weapons
You often hear about cyber attacks and hacks in the news causing significant damage, and the scary thing is that with most of these attacks, those responsible probably had very little funding and personnel. Now, imagine if these hackers had millions of dollars, a large team size, and the support of a government; this is what cyberwarfare looks like.
Used primarily as a method to disrupt businesses and consumers, ransomware can be utilized and weaponized in targeted attacks to destroy data. In the NotPetya ransomware outbreak in mid-2018, the US, UK, and other governments blamed Russia for, according to the White House, one of the most destructive and costly cyber attacks in history. Although it seemed that the NotPetya attack was originally intended for Ukraine, it continued to spread throughout the world.
Zero-day vulnerabilities, defined as bugs or flaws in code which have not been discovered and fixed yet, can be quite dangerous in the wrong hands; these zero-day attacks are often thought to be stockpiled, for use at a later date or to be combined with other forms of attacks. The WannaCry ransomware attack in 2017 was so powerful due to having a zero-day vulnerability supercharging it (which was stockpiled by the NSA); after this vulnerability was released to the public, other hackers used and changed it, strengthening its effectiveness.
Stuxnet is a computer worm that targets industrial control systems and was thought by many to be the first cyber weapon. Developed by the US and Israel (speculation) to target the Iranian nuclear program, the worm damaged the systems that controlled the centrifuges in their uranium enrichment project; this action delayed the project, thus slowing down Iran’s nuclear capabilities.
Throughout modern history, from the DDoS attacks on Estonia, the Sony Pictures hack in 2014, to Ukraine’s power supply disruption using the well-known Trojan, Black Energy, one thing is consistent with these events, the growing concern of cybersecurity. As new attacks, cases of cyber espionage, and fresh vulnerabilities are exposed, nations are frantically attempting to increase their cybersecurity and deterrence. The days of risking a human life by sending them to war are over, now the soldiers will undoubtedly be the nerds in their parent’s basements, with the help of a little government, company, or political funding.
Categories: Random Thoughts