As the term implies, Cyberwarfare is directly related with the general terms and concepts of a conventional war, nowadays using computational resources to analyze, detect, intrude, harm, disable or destroy an enemy´s physical or logical infrastructure.
The Cyberwarfare follows that elementary military concepts, where an intelligence unit determines a group of feasible objectives, that once reached, will deliver the highest damage with the least possible effort or casualties to a concealed enemy.
As the technology gets gradually inside into our daily life because of its benefits of ease and speed, our modern society is becoming more attached to computational services and connectivity than ever, and that dependency is getting more deeper in developed countries than in developing ones, despite the fact that such gap is getting narrow, as the information systems technology is being adopted as a business as usual useful tool for several needs, such as electronic banking, online payments and so on .
The present need for IT services is well known by several actors in the worldwide arena, that understand the critical relationship between automated services and their user's base, and the implied impact to a local, group, or a country's economy when such services fail or get badly compromised.
That is the Cyberwarfare pure meaning, when in attack it aims to deliver the greatest harm to a purported enemy platform, and when in defense it looks to deliver protection as much as possible to an established critical national or local infrastructure from cyber attackers.
The first usual suspects may come from state sponsored teams that normally get nurtured from the ranks of nationals militias, or organized cybercriminals groups, considering too in such a selected groups, those who have terrorist or political motivations to inflict damage to a focused adversary.
It is understood that for being proficient in this field, the cyberwarriors either on the attack or defense side, need a a good knowledge in networking, operating systems, web services and web technology, vulnerability concepts and platforms, and above all, a solid risk management concepts comprehension.
Fig 1 .- Soldiers in a Command Center (Source www.expressimpress.org "World War C – Cyber warfare")
By doing some research for this article, i found some books that deal with the topic of cyberwarfare with great detail, such as Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners (Syngress Publishing ISBN:9781597496377) and Cyber Warfare and Cyber Terrorism by Lech J. Janczewski and Andrew M. Colarik (IGI Publishing ISBN:9781591409915) that are worth to review.
One good example of a well known cyberwarfare operation, is the one that supposedly was developed jointly by the US Military and Israel intelligence against Iranian nuclear plants by setting the Stuxnet malware, limiting or disabling centrifuges operations to filter and obtain enriched uranium for nuclear grade weapons. It required intelligence efforts to know in certain detail the infrastructure distribution, technology used and centrifuges models that Iran acquired, deployed for enriching uranium. The malware was programmed to create a malfunctioning of the machines to halt the operations and stop them as long as possible before repairing.
Stuxnet Sample Code
Credits From http://goo.gl/XtXzwB
In the United States there is an incipient but increased awareness in the topic for the average citizen, but also in the worldwide perception. For the military in all the relevant economies, there is a sense of urgency to address the topic, whereas developing defense technology or offensive aiming to the concept of preventive actions before facing direct coordinated attacks from a cyber enemy.
New York Times Web Site suffers a Cyber Attack
Credits From Foxbusiness
There are plenty of cases published in the public media that reflects the incremental concern in a domain that is still exotic and populated with myths and some real facts about the real danger posed by some cyber groups, and the risk of technological shutdown within a region.
We can take for granted that as long as the technological framework keeps getting more relevance in our society for the benefits obtained in the automatization process, more actors (p.e. countries, military, activists, criminals, terrorists) in the cyberfield will join the existing ones in these operations to attack or either to protect cyber assets because of the increasing relevance of the digital information era and its implications in our daily life.
There are clear efforts specially conceptualized from governments and their related armed forces to develop solid cyberweapons to address the concern to defend critical digital assets and to keep elementary services running.
From certain perspective, such efforts are mainly based in the current available internet technologies just like Ethernet, IPV4, IPV6, HTTPS/HTTP that were designed with not too much security considerations in mind, but instead thinking in robust performance and reliability, which were the foundations of the usability of the internet services and connectivity worldwide as we know it today.
Nowadays as long as these internet connectivity and services became quite useful for online shopping, banking, social networking, web surfing, etc, some set of cyberweapons must be capable to defend a national infrastructure, and some other may be able to perform prevention capabilities, in other words they are meant to deter or disable other parties with the potential to elaborate on a digital attack with their own specially crafted cyberweapons, that is the philosophy behind a preemptive attack .
Media reports that several hundreds of millions of USD are targeted for such purposes from governments like the USA and some other developed countries. If successful we may expect powerful tools that extend the current state of digital infrastructure protection, but thinking that need to be based in the current networking and application layers technology used in internet.
What is uncertain is how far the developers will go considering the development of new technology that reinforce or even replace the existing one, let's say for example the TCP/IP packets module design, new protocols with embedded encryption and data compression and so on.
What we may expect in the near future is a plethora of a new breed of tools and digital weapons designed to contain and block cyber attacks from outside and even coming from a domestic source, to initiate a disruption of sensitive networks and make them unusable.
Such new orientation in the warfare will take the war operations theatre from a physical perspective to a digital arena, where the enemies will only see connections, maybe avatars, responding servers or disabled ones and every signal that may establish that there are users, connections, services online and there is a need to maintain them operational (or disabled!).
It will be quite interesting to find out the way or form such weapons will acquire and perform, and the results that may come out from them. In an ideal world, we must not know their operations, and with a proper functioning, hopefully that future designs may protect our digital life instead of intruding into it.
David Ruiz