Logic is Variable

an argument starts here

Cyber World is Not in Safe Hands

Saleem Shahab

While hoisting national flag, Shahrukh Khan was leading a great procession. In the middle of the road, Indian Security personnel had erected barriers to stop him. The strange thing: Sharukh was hoisting the Pakistani Flag. After reading the above lines you must say, impossible. Yes, it is impossible in the real world but not in cyber world where once India and Pakistan were unofficially engaged in cyber war and some Pakistani hackers did all. In much the same manner, Indian hackers hacked an important Pakistani website and filled it with absurdities.

In 2007 annual report, the Internet security company McAfee is said to have stated that approximately 120 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities. More importantly, private groups and people can also start Cyberwarfare to serve their vested interests.

The report “In the Crossfire: Critical Infrastructure in the Age of Cyberwar”, has been commissioned by McAfee and authored by the Center for Strategic and International Studies (CSIS).

It goes without saying Cyber Warfare is the use of computers and the Internet in conducting warfare in cyberspace. Much to the dismay of cyber people, Governments, their militaries, law enforcement, the private sector and criminals are creating cyber warriors across the globe. Alarmingly, a highly skilled cyber terrorist alone can play havoc on wide scale and a cyber attack can not be checked with guards, gates and guns.

According to a survey of 600 IT security executives from critical infrastructure enterprises worldwide, more than half (54%) have already suffered large scale attacks or stealthy infiltrations from organized crime gangs, terrorists or nation-states. No doubt, to check this malpractice, legislation is made time and again but the vulnerability of their IT sector has increased over the years. It would not be wrong to say world IT industry is growing among fear and mistrust.

Only 20% of 600 IT security executives think their sector may be safe from serious cyberattack in the coming years. The very basis and foundation of the world’s critical infrastructures is reliability and availability instead of security. Further, owing to globalization, computer networks are at once interconnected with corporate IT networks and are accessible from anywhere in the world.

Unlike a typical warfare which remains restricted to some battlefields, mountain ranges, or coastlines of the rival countries, Cyber warfare may cover all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. In fact, the cyber warfare terrain encompasses the cities, communities, and the world in which we live.

"Cybercrime is now a global issue," said Jeff Green, senior vice president of McAfee Avert Labs. "It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security." According to a report, China is at the forefront of the cyber war. It said China has been blamed for attacks in the United States, India and Germany. China has repeatedly denied such claims. It is self-evident that the future attacks would be even more sophisticated."Attacks have progressed from initial curiosity probes to well-funded and well-organised operations for political, military, economic and technical espionage," the report said. James Mulvenon, director of the Center for Intelligence and Research in Washington said "The Chinese were first to use cyber-attacks for political and military goals". Governments must urgently strengthen their defenses against industrial espionage and attacks on infrastructure.

The report further revealed the huge staggering cost and impact of cyberattacks on critical infrastructure such as electrical grids, oil and gas production, telecommunications and transportation networks. The average estimated cost of downtime associated with a major incident is $6.3 million per day. It is imperative for interconnected organizations to gird up their loins for any mishap conducted by cyber terrorists. One can imagine cyber attack upon the critical infrastructure like public transportation to energy to telecommunications where cyber attack can bring about extensive economic disruptions, environmental disasters, loss of property and even loss of life.

There are several methods of attack in cyberwarfare; Cyber espionage, Web vandalism, date pilferage, propaganda, denial-of-Service Attacks, equipment disruption, compromised counterfeit hardware etc. The term “Cyber espionage” we use for the act or practice of obtaining sensitive, proprietary or classified information from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers. Similarly, the term ‘Web vandalism’ we use for attacks that deface web pages or denial-of-service attacks. This is normally swiftly combated and of little harm. The term ‘propaganda’ for political messages are spread through or to anyone with access to the internet or any device that receives digital transmissions from the Internet to include cell phones, PDAs, etc. In the same way, data pilferage is classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world.

Since 1991, there is a series of cyber attacks to critical infrastructure. In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system. The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks. The Indian government recently claimed that hackers based in China had tried to infiltrate computers in the office of its prime minister in New Delhi. During a period of tension with Moscow in 2007, Estonia was subjected to a cyber attack when government computers were jammed, causing financial losses worth millions of pounds. In December 2009, South Korean media reported that North Korean hackers may have stolen secret information from Oplan 5027, which is United States and South Korea's operational plan for defense of South Korea in the event of a North Korean invasion. The federal government of the United States admits that the electric power transmission is susceptible to cyberwarfare.

Pearl Harbor was a preemptive strike against the US Pacific Fleet, which considerably degraded the US Naval capability for several years. So the question arises, what can make a computer attack strategic? In 2007, the United States government suffered an "an espionage Pearl Harbor" in which an "unknown foreign power...broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information." The Wall Street Journal highlighted how Russian and Chinese intelligence agencies have already planted malware in the power grid. Then there was the Idaho National Lab Aurora video, where they demonstrated that a generator SCADA system can remotely be hacked to blow up the generator.

Contrary to blitzkrieg being the war idea of twentieth century, we can anticipate that cyberwar may be the idea of the twenty first century. Cyberwar is not merely a new set of operational techniques. It is emerging, in our view, as a new mode of warfare that will call for new approaches to plans and strategies, and new forms of doctrine and organization. Cyberwar may be fought offensively and defensively, at the strategic or tactical levels. It will span the gamut of intensity, from conflicts waged by heavy mechanized forces across wide theaters, to counterinsurgencies where "the mobility of the boot" may be the prime means of maneuver. Cyberwar may require speedy flows of information and communications. If the opponent is blinded, it can do little against even a slow-moving adversary. Cyberwar may imply a new view, not only of what constitutes "attack," but also of "defeat." In the best circumstances, wars may be won by striking at the strategic heart of an opponent's cyber structures, his systems of knowledge, information, and communications.

Owing to global war on terror, the world’s military infrastructure is at growing risk from sophisticated hackers. It is believed that the threat posed by terrorists and hackers involved in cyberwarfare is a priority for defence chiefs. Many governments are facing a potent and ill-understood new threat from terrorists and hostile powers in the shape of cyber warfare, military and security, experts have warned. John Chipman, the director-general of the International Institute of Strategic Studies, said: "Despite evidence of cyber attacks in recent political conflicts, there is little appreciation internationally of how to assess cyber conflict. We are now, in relation to cyber warfare, at the same stage of intellectual development as we were in the 1950s in relation to possible nuclear war."

A British government report says Network attacks are "growing in seriousness and frequency". To overcome that risk, the Green Paper just published by the British Government has stated that part of the forthcoming Strategic Defence Review will focus on the risks posed by technology in enemy hands. At the moment, it is believed that insurgents with the right electronic capability could jam weapons systems and intercept classified communications during military missions. According to an expert, cyber warfare may be used to disable a country's infrastructure, meddle with the integrity of another country's internal military data, try to confuse its financial transactions or to accomplish any number of other crippling aims.

Cyberterrorism became center of public eye in the late 1980s. The millinum bug was by no means a cyber attack but the public fear showed the terrorists a way to terrorize the people. Cyberterrorism can have a serious large-scale influence on significant numbers of people. It can weaken countries' economy greatly, thereby stripping it of its resources and making it more vulnerable to military attack. Cyberterrorism was featured in Dan Brown's Digital Fortress. The Japanese cyberpunk manga, Ghost in the Shell (as well as its popular movie and TV adaptations) centers around an anti-cyberterrorism and cybercrime unit. In its mid-21st century Japan setting such attacks are made all the more threatening by an even more widespread use of technology including cybernetic enhancements to the human body allowing people themselves to be direct targets of cyberterrorist attacks. Cyberterrorism is defined as “the premeditated use of disruptive activities, or the threat thereof, against computers and/or networks, with the intention to cause harm or further social, ideological, religious, political or similar objectives.

One example of cyberterrorists at work was when terrorists in Romania illegally gained access to the computers controlling the life support systems at an Antarctic research station, endangering the precious lives of 58 scientists. However, the culprits were stopped before damage actually occurred. In October 2007, the website of Ukrainian president Viktor Yushchenko was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility. In 1999 hackers attacked NATO computers and they flooded the computers with email and hit them with a denial of service (DoS). The hackers were protesting against the NATO bombings in Kosovo. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing virulent viruses.

By going through all, we can understand the importance of computer security issues. There are many similarities between computer and physical security. In recent past, serious financial damage has been caused by computer security breaches. To understand the techniques for securing a computer system, it is important to understand the various types of "attacks" that can be made against a system. Figures in the billions of dollars have been quoted in relation to the damage caused by malware such as computer worms like the Code Red worm, but such estimates may be exaggerated. Individuals who have been infected with spyware or malware likely go through a costly and time-consuming process of having their computer cleaned. Spyware is considered to be a problem specific to the various Microsoft Windows operating systems. These threats can typically be classified into one of these seven categories; Exploits, Eavesdropping, Social engineering and human error, Denial of service attacks, Indirect attacks, Backdoors and Direct access attacks.

1. Exploits
An exploit is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized).

2. Eavesdropping
Eavesdropping is the act of surreptitiously listening to a private conversation. Even machines that operate as a closed system can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware such as TEMPEST.

3. Social engineering and human error
Malicious individuals have regularly penetrated well-designed, secure computer systems by taking advantage of the carelessness of trusted individuals, or by deliberately deceiving them, for example sending messages that they are the system administrator and asking for passwords. This deception is known as Social engineering.

4. Denial of service attacks
Unlike other exploits, denial of service attacks are not used to gain unauthorized access or control of a system. They are instead designed to render it unusable. Attackers can deny service to individual victims, such as by deliberately guessing a wrong password three consecutive times and thus causing the victim account to be locked, or they may overload the capabilities of a machine or network and block all users at once. These types of attack are, in practice, very hard to prevent, because the behavior of whole networks needs to be analyzed, not only the behaviour of small pieces of code.

5. Indirect attacks
An indirect attack is an attack launched by a third party computer. By using someone else's computer to launch an attack, it becomes far more difficult to track down the actual attacker. There have also been cases where attackers took advantage of public anonymizing systems, such as the tor onion router system.

6. Backdoors
A backdoor in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device.

7. Direct access attacks
Someone who has gained access to a computer can install any type of devices to compromise security, including operating system modifications, software worms, key loggers, and covert listening devices. The attacker can also easily download large quantities of data onto backup media, for instance CD-R/DVD-R, tape; or portable devices such as keydrives, digital cameras or digital audio players. Another common technique is to boot an operating system contained on a CD-ROM or other bootable media and read the data from the harddrive(s) this way. The only way to defeat this is to encrypt the storage media and store the key separate from the system.

To check these illegal ways, we need computer and network surveillance which is an act of performing surveillance of computer and network activity. Today, computer surveillance programs such as ECHELON and Carnivore are widespread and almost all internet traffic is closely monitored for clues of illegal activity. The vast majority of computer surveillance involves the monitoring of data and traffic on the Internet. In corporate surveillance, the data collected is most often used for marketing purposes or sold to other corporations, but is also regularly shared with government agencies. It can be used as a form of business intelligence, which enables the corporation to better tailor their products. Furthermore, the data can be sold to other corporations, so that they can use it for the aforementioned purpose. Or it can be used for direct marketing purposes, such as the targeted advertisements on Google and Yahoo.

Saleem Shahab  is the Editor monthly Techno Biz and a prolific write. He can be reached here.

Labels: , , ,

posted by S A J Shirazi @ 7:00 PM,


At 11:55:00 PM, Blogger Deb S. said...

Excellent post. I like the fact that the threats were broken down into categories.

I've learned something new today. Thank you.

At 4:29:00 AM, Anonymous Dinah Bee Menil said...

Nice site, very informative. I like to read this.,it is very helpful in my part for my criminal law studies.

At 9:13:00 AM, Anonymous Admin said...

Interesting and informative.

At 6:42:00 PM, Anonymous Anonymous said...

i like to read such types of articles owing to information about future threats to humanity in any form. I appreciate the efforts of the writer.

Asim Awan

At 11:11:00 AM, Anonymous Anonymous said...

Excellent goods from you, man. I have understand your stuff previous to and

you are just extremely fantastic. I actually
like what

you have acquired here, certainly like what you are saying and the way in which you

say it. You make it entertaining and you still take care of to keep it wise.

cant wait to read far more from you. This is really a great site.
Also visit my page : shekinahhouse.org


Post a Comment

Links to this post:

Create a Link

<< Home

Web This Blog

In Print