The internet has transformed our lives. We rely more on the internet than any other invention. It has transformed the whole world with a network of three Ws (World Wide Web). Any modern society has computer systems linked to the internet, which controls and regulates transportation, communication, banking, power stations, air-traffic control systems, military systems and economic systems. There is no doubt that vast benefits have been reaped from the development of the internet. But the downside is quite apparent. Consequently, the spread of internet technology has exposed the user to digital or cyber attacks.
Cyber attacks are not only carried out by individuals or group of hackers independently, but reportedly many states have cyber armies or groups of cyber security experts to counter or perform cyber attacks on another state. Such an action by any state falls into the category of cyber warfare. In his book Cyber War U.S government security expert Richard A. Clarke defined “cyber warfare” as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.” Also, it can be regarded as an umbrella term which includes cyber attacks, cyber espionage and sabotage. Moreover, William J. Lynn, U.S. Deputy Secretary of Defense stated that “as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space.” High dependency of military, economic and civilian infrastructure on the internet has left the world vulnerable to fully-fledged Cyber Warfare. That is why many “cyber security and command centers” have been set up namely, U.S. Cyber Command (USCYBERCOM), European Union’s European Network and Information Security Agency (ENISA), NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) and United Kingdom’s cyber-security & “operations centre” based in Government Communications Headquarters (GCHQ).
Apart from that, global computer security software company McAfee stated in their report that, around 120 countries are in the phase of developing ways to use internet as a weapon. The method of attack include espionage & national security breaches, sabotage and denial-of-service attack. But the worst part is that the identity of “attacker” mostly remains “anonymous”.
There have been numerous cases in which a nation-state has allegedly performed cyber attacks on another state. On 27 April 2007, a series of cyber attacks were carried out on Estonia which resulted in disruption of government, news, financial and broadcaster servers all over the country amidst ongoing tussle with the Kremlin over the repositioning of Soviet-era grave markers. Estonian Foreign Minister Urmas Paet publicly accused Russia of conducting these attacks. Similar attacks took place a year later on Georgia and Azerbaijan during the 2008 South Ossetia war disabling the websites of Georgian and Azerbaijani organization. However, the Kremlin has not officially claimed the responsibility of such attacks. Reportedly, another major-scale attack was conducted by the US and Israel on Iran. The cyber-worm named “Stuxnet” had razed over 1000 nuclear centrifuges at the Iranian nuclear facility in Natanz. The damage potential of Stuxnet was massive as it has set Tehran’s atomic program back by at least 2 years while German security expert Ralph Langer regarded Stuxnet as a military-grade cyber-missile.
Recently, South Korea came under a cyber attack which paralyzed the country’s computer networks running three major banks and two largest broadcasters. Many experts and analysts blame the North, but the South Korean Communications Commission declared that disruption originated from an internet provider address in China. However, South Korean officials still lack substantial proof to hold anyone responsible for these attacks because any skilled hacker can easily mask his identity and location. Investigation of cyber attacks on Estonia in 2007 showed that the computers used in those attacks belonged to innocent Americans, which were hijacked.
Other examples highlight the nature and importance of cyber warfare. Moreover, the challenges faced by the world community to contain the rising threat of cyber attacks are enormous because we can count and track the nuclear missiles but it is impossible to track or count the cyber weapons. Apart from that, public internet is not safe either. Imagine a cyber attack on a society whose infrastructure is completely linked to the internet. Recently, NATO’s CCDCOE released the Tallinn Manual on the International Law applicable to Cyber Warfare which allows a country to defend itself and retaliate against cyber warfare but it is just a mere expression of opinions of experts. Global powers must devise a method of cyber deterrence before it is too late – the clock is ticking.
And of course there is the Edward Snowden saga: it seems that we are all under attack …
The author is a researcher at The Pakistan Institute of International Affairs and a student of the Department of International Relations, University of Karachi.