The internet, electronic communications channels and computer technology that controls critical infrastructure together represent a new combat front on the international political stage. Several nations have been accused recently of cyber attacks, not least Russia and China, on the data centres of other governments. Whole power supply systems have been compromised on occasion and even multinational corporations, such as Google, have seen their normal operations undermined by activity at the national level. Many observers suggest that the activity is at a national level and is most certainly driven by what homeland security often refers to as rogue states.
However, new evidence is now emerging that the kind of cyber attacks we have so far seen that virtually border on a war cry, may actually be sophisticated criminal operations rather than military intelligence operating at a national level. A better understanding of the nature of such attacks is needed to avoid international conflict that could escalate into the real world.
Cyber attacks on Estonia in April 2007 and Georgia in August 2008, coincided with conventional military operations executed by the Russian Federation’s army in the South Ossetia, explain Sérgio Tenreiro de Magalhães of the Portuguese Catholic University in Braga, Portugal, Henrique Dinis Santos and Leonel Duarte dos Santos of the University of Minho, in Guimarães, Portugal, and Hamid Jahankhani of the University of East London, UK. Although The Russian Federation was accused repeatedly of these operations data collected raises doubts that the Russian state was involved. Indeed, the network underlying the attacks in the second case was poorly organised and would suggest that loosely connected criminal organisations within Russia were waging a kind of Maoist “People’s war” in which specialised groups attack critical targets. Nevertheless, despite the apparently unsophisticated resources used, more akin to the kind of malicious software attacks observed against individuals, such as phishing attacks and Trojan bot-nets, the damage inflicted on selected targets was considerable.
Distributed denial of service (dDoS) attacks, malicious script injections (SQL injections) into susceptible websites were commonplace, with significant service interruptions to those affected during a vulnerable time of real-world conflict. However, the sources of many of these attacks were linked not to government officials but to criminal organisations selling fake European passports and credit cards, the research team has discovered.
Although this new combat front is far removed from the conventional battlefield of soldiers involved in their bloody and lethal duties, the aims of military operations in this zone are the same as they ever were – to weaken a state’s communications, to wreck power supply, transport, and other infrastructure, to disable enemy defences and ultimately to allow the victor to enforce territorial restrictions, political sanctions and other penalties on the defeated nation.
The Obama administration is heading towards a “kill switch” for the internet, in the USA at least, such a concept comes with a whole tranche of serious civil rights and commercial issues. Moreover, although it suggests that the US government is taking seriously the threat of cyber attack, it makes you wonder whether any enemy could simply do nothing more than poke the nation to trip the kill switch and achieve its aims of disabling infrastructure without further intervention.
Sérgio Tenreiro de Magalhães, Henrique M. Dinis Santos, Leonel Duarte dos Santos, & Hamid Jahankhani (2010). Cyberwar and the Russian Federation: the usual suspect Int. J. Electronic Security and Digital Forensics, 3 (2), 151-163