Covert, cancerous, catastrophic. Cyber-warfare may not be as violent and destructive as war, but the havoc it can potentially wreck is vast. As technology advances, the capacity for governments to inflict damage and administrative chaos increases, which in turn could have longer-term, farther reaching implications than initial loss of life.
Cyber warfare holds several advantages over physical military action. It is less costly, and the nature of a cyber-assault allows attackers to keep their targets at arm’s length by remaining in a location of their choice; away from danger and enemy lines. This greatly decreases the risk of loss of life, and, crucially for governments, cyber-attacks can be very difficult to trace. What’s more, gaining faster, more direct access to an opposition’s infrastructure is a stealthier, less aggressive means of attack. Big or small, more and more nations are turning their attention to the battlefield of the future.
“Turning to the cyber realm is a viable option for smaller countries that cannot exercise a formidable military strength,” says Lucas Zaichkowsky, Enterprise Defense Architect, AccessData. “Even a small team of cyber experts can cause a significant amount of damage as previous attacks have proven. So in a way, this is seen as levelling the playing field.”
The lack of transparency in terms of attributing blame is also enticing for many, “Cyber warfare has been existent for quite some time now, however identifying direct culprits is rarely straightforward,” Megha Kumar, Research Manager, Software, IDC MEA, says. “Many attacks between countries are run by hacktivists – who are very prominent within the Middle East – who generally claim to be far more patriotic compared to their governments.”
The region’s status as an emerging market, the abundance of natural resources and the number of wealthy individuals residing in it mean it is one that is ripe for cyber warfare. The lack of universal standards in fields including banking, oil and gas and communications, along with evolving infrastructures and political instability underline and exacerbate this prospect.
Two of the most high profile Middle Eastern cyber-attacks in recent years confirm this. In 2013 the Syrian Electronic Army hacked the Twitter account of news agency Associated Press, tweeting, “Breaking: Two Explosions in the White House and Barack Obama is injured.” This led to a 150 point drop in the Dow index, which temporarily erased $136 billion in stock market value. Although the money was recovered, this show of what cybercriminals – even those based in the Middle East – had the power to accomplish when striking a high profile target.
Distributed in June 2010, the Stuxnet worm reportedly wiped out one fifth of Iran’s nuclear centrifuges. Allegedly sent by the US, once introduced to a uranium enrichment plant in Natanz, Stuxnet progressed to the programmable logic controllers managing the plant’s turbines, and destroyed the centrifuges by disrupting their rotation frequencies. The malware then spread beyond Natanz, something the US did not intend. Furthermore, in 2012 the Shamoon virus which was unleashed on Saudi Arabia’s oil firm Aramco erased data on 30,000 of the company’s PCs. It took Aramco – one of the most valuable companies in the world – a month to reverse the damage.
In the same vein, perhaps the greatest threat that cyber-warfare poses is destabilising the breadth of high-powered assets that nation states possess. Where money is involved, there is the possibility of tension. Energy supply and financial systems stand out as key targets in this respect, while transportation and critical infrastructure facilities are also vitally important. The processes used to assault these assets are premeditated and precise, with attackers looking to craft the opportunity to begin the onslaught.
“Usually, in an advanced persistent threat scenario, the first thing the attackers do is to replicate the defense systems of the target in their own lab,” Guillaume Lovet, Senior Manager, FortiGuard Labs, Fortinet EMEA, says. “Once this is done, all they have to do is engineer, by trial and error, a malware piece that will not be detected by such defense systems – this is always possible to achieve, because of Cohen’s Theorem. Companies traditionally respond to that by setting up defense systems that are very costly and complex to replicate, thus making the job of attackers very difficult.” Lovet also recognises the capacity for this process to mirror that of traditional military action, “This is essentially an arms’ race, to make defense systems hard and too costly to replicate, either because of their complexity, or because of their hidden nature.”
In the face of this widespread threat, organisations need to be vigilant to ensure they are as well prepared as possible to avoid being caught in the crossfire of attacks. “As in all wars the biggest problem is that of collateral damage,” says Firosh Ummer, Managing Director, EMEA, Paladion. “Today, the world is heavily interconnected and Cyberwarfare attacks may be targeted at military infrastructure, critical infrastructure, businesses or even the bystanding citizen. In a worst case scenario, the critical infrastructure can be brought down which can result in the breakdown of lawfulness in society leading to looting, rioting and violence.”
Attacks will always result, and if hackers are smart and ruthless enough organisations will remain powerless to defend themselves. Nevertheless, rigorous analysis beforehand can at least mitigate the resultant damage from cyber warfare. “Businesses need to start by playing a game of ‘what if’,” David Emm, Senior Regional Researcher, Global Research & Analysis Team, Kaspersky UK, says. “That is, they should conduct a thorough risk assessment that looks at (a) how they operate, (b) the risks the business faces as a result of this, (c) how security might be compromised (d) the cost to the business of a breach and (e) how effective the mitigation strategy is.”
Nader Henein, Regional Director, Product Security, Advisory Division, BlackBerry, is clear about the standards that are needed for businesses and nation states to stay on top of their game. “The most dangerous mentality we see today is this ‘good enough’ approach to security,” he says. “’Good enough’ will protect you from a simple automated attack, or if an employee loses their laptop, but it will not amount to much else. Good is not good enough.”
To what extent will future warfare be conducted via computers? Emm believes history is repeating itself, only this time in cyberspace. “There’s no question that we are entering an era of ‘cold cyber-war’, where nations have the ability to fight each other unconstrained by the limitations of real-world war,” he says. “Looking forward we can expect more countries to develop cyber weapons – designed to steal information or sabotage systems.”
Paranoia has its drawbacks, says Alaa Abdulnabi, Regional Pre-Sales Manager, Turkey Emerging Africa and Middle East, RSA, who believes security must be balanced with retaining the integrity of personal and intellectual activity, “There should be no tolerance for cyber war in the same way we have abhorrence to nuclear and chemical war,” he says. “Businesses and individuals need to cooperate in the investigation, apprehension and prosecution of cyber criminals. We also to ensure that economic activities over the Internet can proceed unfettered and intellectual properties are protected. Today personal information is the true currency of the digital era hence it is very important that our fundamental freedoms are protected.”