Cyberwar – The cyberspace is already a dangerous battlefield

The number of high-profile hacks demonstrates that a silent cyberwar is already ongoing among countries in the cyberspace.

The recent hacks of the Democratic National Committee and presidential candidate Hillary Clinton’s campaign and the alleged infections spotted by the Russian FSB inside government networks demonstrate the intense activity in the cyberspace.

It is a virtual space crowded of nation-state actors and other threat actors that are threatening the security of Governments worldwide, and the situation is likely to get much worse.

At the recent NATO Warsaw Summit in July, the Alliance recognised the cyberspace as “a domain of operations in which Nato must defend itself as effectively as it does in the air, on land, and at sea”.

Kenneth Geers, a senior research scientist with security firm Comodo, speaking at the BlackHat USA security conference declared that the cyberwar is a real and present danger.

“There is no question cyberwar exists,” he says. “Whether it rises to the level of weapons of mass disruption is another question. We don’t have a decisive answer yet.”

I don’t like the term ‘cyberwar’, I always use the term Information Warfare, but it is clear that the usage in the media of the word cyberwar intends to emphasize and strengthen the concept of inter-state conflict.

Geers is a great cyber security expert, he has been working with the NATO, monitoring cyber dispute in the Ukraine.

Spreading a malware like Stuxnet that could hit critical infrastructure is considered an act of war.

When dealing with examples of acts of cyberwar, experts cite the attack against the Estonia in 2007, when the country systems were hit by a huge distributed denial of service attack.

The Estonia case raises another problem when approaching information warfare, the “attribution” of the attack. Despite the attack has been linked to the Russian government, the source was not officially confirmed.

Something of similar happened across the last years in Crimea where cyber armies linked to the Kremlin targeted the critical infrastructure of the area such as communications.

The tension in the real world between Russia and Crimea has a corresponding conflict in cyberspace. Numerous attacks were registering on both sides during the revolution in Kiev, and the cyber offensives have had an escalation after the approval of the Russian parliament for military use in the Crimea. The decision of the Russian government has triggered a series of events in cyber space as state-sponsored cyber units, groups of hacktivists, and cyber criminals started their campaigns against the enemies.

Ukraine’s mobile phone infrastructure was under attack, the offensive against the Ukraine’s mobile phone infrastructure originated in Crimea and is interfering with the phones of members of the parliament.

“I confirm that an IP-telephonic attack is under way on the mobile phones of members of Ukrainian parliament for the second day in a row,” declared Valentyn Valentyn Nalivaichenk, the head of Ukraine’s SBU security service during a press conference, according the Reuters agency.

Ukraine’s telecommunications system has come under attack. The attackers used equipment installed within Ukrtelecom networks in the Crimea region under the control of Russian forces. This circumstance has raised tension between the two countries, and although the majority of the Crimean population is pro-Russian, the sabotage was interpreted by the government of Kiev as an intolerable act of war.

The last clamorous act of the dispute occurred in December 2015, when hackers shut down three power plants in Ukraine, plunging more than 200,000 citizens into darkness.

The Information warfare is evolving over the time, the surface of attack of every country is enlarging due to the massive penetration of technology. The effects of a cyber attack today could be dramatic compared to the ones observed in Estonia in 2007.

“Today’s tanks, planes and ships are really just rolling, flying and floating computers,” Geers says. “If you’re a tank commander and the enemy launches a zero-day attack against an application you’re depending on, you may not win on the battlefield that day.”

Let me add also that a cyber attack could have also serious economic and diplomatic consequences.

Back to the US elections hack, Geers expressed his opinion on the alleged involvement of Russian state-sponsored hackers.

“Could the US elections be hacked by the Russians, just as Ukraine’s was?”  “Absolutely, says Geers.” reported The Guardian that reported the Geers declaration.

“But they could probably change the election more easily by doing influence operations in the runup to the election,” he adds. “Maybe doxxing is the best way to do that. You’re embarrassing the hell out of somebody. Lives are ruined.”

We have no time, cyber security is a top priority for any government to avoid severe incidents in the next future.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Cyberwar, Information warfare)