CYBER WARFARE

INTRODUCTION DEFINITION

ACCORDING TO U.S GOVERNMENT SECURITY EXPERT RICHARD A. CLARKE ,

“CYBERWARFARE” IS “ACTIONS BY A NATION-STATE TO PENETRATE ANOTHER NATION’S COMPUTERS OR NETWORKS FOR THE PURPOSES OF CAUSING DAMAGE OR DISRUPTION”.

MEANING:

Cyberwarfare refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare.

ESPIONAGE : the act of obtaining secrets classified from individuals, competitors, rivals, groups, governments and enemies.

SABOTAGE: also called “direct action”. It means ‘to do something’.

CYBER OPERATIONS CAN BE

-KINETIC

-NON KINETIC

US,CHINA, ISRAEL AND RUSSIA ARE THE COUNTRIES THAT MOSTLY INVEST IN BUILDING CYBER WARFARE CAPABILITIES.

PSYCHOLOGY OF MODERN WARFARE AND HACKING

FOR FUN (31.4%)

WANT TO BE BEST DEFACER(17.2%)

NO REASON SPECIFIED(14.7%)

POLITICAL REASONS(11.8%)

PATRIOTISM(10.9%)

AS A CHALLENGE(10.8%)

REVENGE(3.3%)

Methods of attack1)Espionage and national security breaches

act or practice of obtaining secrets (sensitive, proprietary or classified information)

from individuals, competitors, rivals, groups, governments and enemies for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or

computers.

2)Sabotage

It is a deliberate action aimed at weakening / loosening an entity through subversion, obstruction, disruption, or destruction.

a) Denial-of-service attack

is an attempt to make a machine or network resource unavailable to its intended users. typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers

b) Electrical power grid

Massive power outages caused by a cyber attack could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.

The four stages of cyber attack1) Risky encounters

Attackers frequently make contact when an employee visits a bad website or clicks on a link in an email and unknowingly downloads malware. Wireless connections and thumb drives are other entry points.

2) Breaking in

Malware looks for gaps in software that hasn’t been kept up to date and silently slips past users. This occurs most often on computers with incomplete security solutions.

3) Setting up shop

Once on your system, the bad software hides from outdated antivirus software and may even block your machines’ ability to update security software.

 

4) Devious activity

The bad software exports passwords, logs keystrokes, steals Social Security and credit card numbers, or snoops into your business plans or product ideas.

Cyberwar Strategies Pearl Harbor attack

Cyber attack + physical assault

To use computer viruses to do the dirty work

Infiltrate computer systems and just watch and wait.

This strategy involves spying and r econnaissance.

Sabotage that system

Examples The U.S. has used cyber warfare strategies against Iraq and Afghanistan.

During the Kosovo war, the U.S. used computer-based attacks to compromise the Serbian air defense systems. The attacks distorted the images the systems generated, giving Serbian forces incorrect information during the air campaign. Security agents are also working to infiltrate terrorist cells and monitor them remotely.

Recently, cyber warfare played a role in the conflict between Russia and Georgia. Hackers attacked Georgian Web servers with a series of distributed denial of service attacks (DDoS).

Some suspect that North Korea has used cyber attacks on South Korea.

There are rumors that China uses cyber attacks against Taiwan

Timeline of cyber warfare 1998- The Morris worm

2003 – Titan Rain

Dec,2006- Nasa (US Space launch leaked)

April,2007- Estonian Government networks

June,2007- US Secretary of Defense account

October,2007-China’s Ministry of State Security

Summer,2008- Databases of presedential Campaigns

August,2008-Computer Networks in Georgia

January,2009-Israel’s internet infrastructure

January,2010-Iranian cyber army

October,2010-STUXNET,Malware

January,2011-Canadian Govt.

July,2011-US Deputy Secretary

October,2012-RED October

March,2013-South Korean Financial Institutions

POSITION OF INDIA IN CYBER WARFARE INDIA THE 2ND BIGGEST VICTIM

NO ATTENTION TOWARDS CYBER SECURITY

NEEDS TECHNOLOGICAL COMMAND CENTRE

OFFENSIVE AND DEFENSIVE CYBER SECURITY CAPABILITIES

LACKOF HARMONISATION CYBER WARFARE POLICY ROLE OF INDIAN

GOVERNMENT DIFFICULTY IN TRACING

ATTACKS THREATS FROM

NEIGHNOPURING COUNTRIES

Tips to prevent Cyber Wars :1. Use Strong Passwords :

Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis.

2. Secure your computer :

Activate your firewall:Firewalls are the first line of cyber defense; they block connections to unknown or bogus sites and will keep out some types of viruses and hackers.

Use anti-virus/malware software:Prevent viruses from infecting your computer by installing and regularly updating anti-virus software.

Block spyware attacks:Prevent spyware from infiltrating your computer by installing and updating anti-spyware software

Be Social-Media SavvyMake sure your social networking profiles (e.g. Facebook, Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online.  Once it is on the Internet, it is there forever!

Secure your Mobile DevicesBe aware that your mobile device is vulnerable to viruses and hackers.  Download applications from trusted sources.

Secure your wireless networkWi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured. Review and modify default settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid conducting financial or corporate transactions on these networks.

Protect your e-identityBe cautious when giving out personal information such as your name, address, phone number or financial information on the Internet. Make sure that websites are secure (e.g. when making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using social networking sites).

Avoid being scammedAlways think before you click on a link or file of unknown origin. Don’t feel pressured by any emails. Check the source of the message. When in doubt, verify the source. Never reply to emails that ask you to verify your information or confirm your user ID or password.  

Call the right person for helpDon’t panic! If you are a victim, if you encounter illegal Internet content (e.g.child exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police. If you need help with maintenance or software installation on your computer, consult with your service provider or a certified computer technician.

Install the latest operating system updatesKeep your applications and operating system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software.

Protect your Data Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data, and store it in another location