Cyber Warfare: the Future of War

Cyber war the Future of WarCHAPTER IINTRODUCTIONKarl von Cla recitationwitz delineate war as an act of violence int shutd witnessed to compel our opponent to fulfill our bequeath In hostel to realize this object fully, the oppositeness mustiness be disarmed, and disarmament becomes therefore the immediate object of hostilities. At the end of the second millennium, this classification no longer describes the full spectrum of modern warf argon. In the prox, we will have the potential to make war without the exercise of violence and fulfill the second half of von Clausewitzs definition-with softw be alone. Todays software intensive strategys make this probable. Cyber describes systems that use mechanical or electronic systems to swap human function. Cyber war cornerstone be executed without violence and therefore the reliance on software intensive systems-cyber systems- sight make nations exposed to war without violence.What is Cyber? Terms with cyber utilise as affi x are currently in vogue not just among some visionaries and technologists contriveking mod concepts, except even by the man in the street, and each has its profess connotation. The term cyber is from Greek root kybernan, importee to steer or g completely overn and a associate vocalize Kybernetes, meaning pilot, governor, and/ or helmsman. Norbert Weiner first introduced the prefix in the 1940s in his classic works creating the arena of cybernetics (which is link to cybrenetique, an older French word meaning the art of government). Cyber, in fact has been the approximately unobjectionable term due to the reason that it bridges the gap between instruction and governance, the two inseparable facets of control. The prefix therefore, is freely used in the pursualCyberspace. Origin on the wholey coined by William Gibson in his science fiction sweet Neuromancer, published in 1984, and defines it as that position indoors the ready reckoner where electronic activity / con fabulation takes place. He further describes it as a place of unthinkable complexity. The term has given rise to a vocabulary of cyberterms such as cybercafes (cafes that sell coffee and calculating machine time), cybermalls (online shopping ser faults) and cyberjunkies (people addicted to being online).Cybernetics. It is the science of communicating and control, which interfaces a monitor (human brain or an electronic machine) to former(a) parts of a system. The function being, to examine what is happening in the system, to what should have happened and then draw the difference, which is passed on to the control system for rectification (feedback). It applies evenly to organisations, machines and organisms. Cybernetics is as well(p)spring used to describe a general analytical approach to control, communication and other system technologies and attempts to link engineering disciplines with the related work of social scientists through the unifying threads of feedback in its close general aspects and through its interest in transfer of breeding.cyberwar. A RAND Corporation synonym for teaching state of war, it is also sometime called netwar. Another school considers it as hunch forwardledge related conflict at the soldiery train. However, Denis Quigley comes exclude by designating it as control warfare or leitenkreig in German. cyber-terrorism will be discussed more than in detail later in the Study.Cybernation. Loosely used, it implies digitisation of discordant systems of an arrangement/organisation or super systems, where electronics links humans to machines, thereby immensly amplifying the human capabilities. It, in its most basic form, would indicate electronic automated management of instruction and fellowship.Cyber warfare (CW). It is a relatively sassy addition to the glossary of warfare. With the escalating use of computers in armed services and government, there has been a growing awareness of both a new cleverness in national infrastructure and a new method of attacking ones enemies. There is the potential of exploitation development systems to protect, control or attack training networks. CW could mean winning wars without firing shots, the shutting rout of entire national infrastructures at the push of a justton, and the complete exploitation or oddment of an enemys communication networks. It could mean threats from across the world by states with no ability to launch a conventional attack, or attacks by non-state actors using cheap laptops. There has also been talk of super-viruses shutting down nations, and how a dissatisfy individual or small group could wage a war on a nation. CW is the new wonder weapon, and the new un cognisen threat. However, the concept of CW, and the technology on which it relies, is be redact by vague depictions of the dangers it presents, or the benefits it offers.CW is conceptualised by protection expert Amit Yoran, cyber-security chief at the US Department of Homel and Security and vice president of computer corporation Symantec, as the future primary dramatics of operations. There is a consensus that CW is something noteworthy, but it is not clear if this consensus extends to a common understanding of what CW actually is. It is so new that there is no standard definition to describe it. This channelizes to one of the most popular confusions regarding cyber warfare its relation to breeding war (IW). IW is not unproblematic in definition, but trick be understood as the repellant and defensive use of tuition and information systems to deny, exploit, corrupt, or destroy, an adversarys information, information- found processes, information systems, and computer-based networks fleck protecting ones own. While IW covers the territory of cyber warfare, it also covers a much broader mandate. Electronic (cyber) communication is only one aspect of IW, which includes all information operations in a conflict. Chinese strategist sunbathe Tzu and Napoleonic strategist Carl von Clausewitz referred to information operations, and the importance of such operations in war. IW predates electronic communication, and is not interchangeable with cyber warfare for this reason.CW embarrasss units nonionized along nation-state boundaries, in offensive and defensive operations, using computers to attack other computers or networks through electronic factor. Hackers and other individuals trained in software programming and exploiting the intricacies of computer networks are the primary executors of these attacks. These individuals a good deal hightail it under the auspices and possibly the attendant of nation-state actors. In the future, if not already common practice, individual cyber warfare units will execute attacks against tar originates in a cooperative and simultaneous manner.Analyzing the Threat. In 2007, a denial-of-service attack was launched all 53 minutes. The 2007 FBI/Computer Security Institute study indicated that lo ss of revenue attributed to DDoS (dedicated denial of service) was approximately US$90,000 an hour for a retail catalog sales comp any(prenominal). Malware is a common cyber-weapon. Malware (short for malicious software) is a computer program designed with malicious intent. This intent may be to cause annoying pop-up ads with the hope you will click on one and generate revenue, or forms of spyware, Trojans and viruses that back end be used to take over your computer, steal your identity, swipe sensitive financial information or track your activities. At least louvre new pieces of malware emerge every two minutes, according to Kasperskys Internet Security Lab. One critical st demarcation I monitor regularly is the number of significant events reported to Hackerwatch.Org. At the time Im writing this, in the past 24 hours, there have been more than 8 million significant incidents reported. The warning signs are there, but the question remains Are we smart enough to prepare?A anchor premiss of this paper is that information processing-whether by equipment (computers) or by humans-is becoming a center of gravity in future warfare. Although there is much debate on the reality of the CW threat, the growing number of computer intrusions on government and non-government systems substantiate the fact that the threat is very real. The growing dependency on information and information based technologies have made us very unprotected to hostile attacks Hence, our immediate goal must be to both imagine and define how foreign cyber attack capabilities expertness threaten information networks in India and what potential effects they might have.METHODOLOGYStatement of ProblemThis paper seeks to study and analyse the use of cyber warfare in future conflicts its implications on national security. To suggest Indias response to these cyber threats by outlining a clear, well defined cyber security strategy and suggest measures to safeguard own national security.HypothesisAs information systems permeate in phalanx and civil lives, a new forepartier is being crossed The Information Age- which will define the future wars. Cyber warfare has become central to the way nations fight wars and is the emerging theatre in which future conflicts are most likely to occur. Cyber warfare will take the form of a devastating weapon of the future battlefield which will be integrated in the War bit Doctrines of nations across the world.Justification of StudyThe premise of cyber warfare is that nations and critical infrastructure are becoming progressively dependent on computer networks for their operation. Also as armies around the world are transforming from a computer programme centric to a network centric force there is increasing reliance on networking technology. With all the advantages of such connectivity come unprecedented challenges to network security. Threats to information infrastructure could be in the form of destruction, disclosure, change of data a nd/or denial of service. A hostile nation or group could exploit the vulnerabilities in poorly secured network to disrupt or shut down critical functions.The protection of our information resources information assurance, will thus be one of the defining challenges of national and military security in the long time to come. To take advantage of Information Technology renewal and its application as a force multiplier, the soil and army in particular needs to focus on Cyber Security to ensure protection / refutal of its information and information system as dumbfounds.Many will argue that defence and discussion computer systems of most countries including Idia are air gapped and thus, isolated from the Internet. It may appear convincing that by air gapping the networks and using top-notch technology, the risk may be reduced. However, this will not succeed fool proof security. With the proliferation of technology at an astronomical rate, the threat of cyber terrorism will only in crease. The air gapped networks are vulnerable from insiders, disgruntled employees and moles pose or recruited by cyber terrorists or their sympathisers to cause the intended damage. A cyber terrorist may impersonate a computer technician and call individuals within the targeted organisation to obtain information to penetrate a system. Once in stubbornness of legitimate log on information, cyber terrorists will have Iegal access to a system and can store viruses, trojan horses, or worms to expand their control of the system or shut it down. In Russia, hackers used a gas company employee to plant a trojan horse which gave them control of the nations gas pipelines. It is against this backdrop that it becomes compulsory as a soldier to understand cyberspace, the threat that it poses and to suggest some steps in order to minimise, if not eliminate the menace that it would cause.ScopeThis study concentrates on the evolution of cyber warfare and the giant leaps that it has interprete d in the past decade. The entire spectrum of cyber conflict, including threat reality of cyber warfare being used as a potent and devastating weapon of the future battlefield has been covered. Further the study outlines the cyber warfare capabilities of select nations and how vulnerable India is to these threats. Finally the report outlines a cyber security strategy and recommendations for combating the cyber warfare threat in the 21st century.Methods of information CollectionThe data has been collected through various journals, seminar papers and certain books on the subject. Some poppycock has also been downloaded from the Internet. A bibliography of sources is appended at the end of the text.Organisation of the DissertationIt is proposed to study the subject under following chaptersChapter I Introduction and Methodology.Chapter II The Future of Warfare. Information Revolution and Warfare. Defining Cyberwar. Evolution of Cyber Warfare.Chapter III planetary Threat in Cyberspace . Threats in Cyberspae. How Real Is the Threat? Spectrum of Cyber Conflict. Recognition of the Cyber Warfare Threat.Chapter IV Combating the Threat. How Vulnerable are We? Cyber Security A Few Initiatives. Def Cyber Warfare. Cyber security Strategy.Chapter V Conclusion. The Digital Battlefield. Recommendations.CHAPTER IITHE FUTURE OF WARFARESo it is said, if you know others and know yourself, you will not be imperiled in a hundred battles if you dont know others, but know yourself, you will win one and lose one if you dont know others and dont know yourself, you will be imperiled in every single battle. -Sun TzuWill conventional warfare remain the custom for the future or will a new wave of warfare emerge? Down through the corridors of time, wars have been fought for various reasons. Conflict arose from regional instabilities, economic and social perils, and religious animosities. In their book, War and Anti-War Survival At The clear up of The 21st Century, Alvin and Heidi Toffler categorize the progression of warfare into three stages or waves agrarian, industrial, and informational. While some areas of the world clam up remain in the agrarian realm and some others have advanced to the industrial state, a few have broken out into a completely new era-the information age.Information Revolution and WarfareIf you know the enemy and know yourself, you need not fear the result of a hundred battles .If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. This extract comes from the 6th century BC Sun Tzus The Art of War and is still as compelling today as it was two and a half millennia ago. As a matter of fact, it is in all probability safe to say that cognition and information about ones adversary have a greater impact now than they have had at any other point in the history of warfare. At the same time, critical information is now often stored electronically in spaces reachable from the Internet, which pith there is a prospective for it to leak out to ones adversary, or for the opponent corrupting it in order to affect ones decision making capabilities.There is no standardize definition of Information Warfare. However it has been defined as Actions taken to achieve information superiority by affecting adversely information, information based processes, information systems and computer based networks of the adversary, while protecting ones own information.An aim of warfare always has been to affect the enemys information systems. In the broadest sense, information systems encompass every means by which an adversary arrives at knowledge or beliefs. A narrower view maintains that information systems are the means by which an adversary exercises control over, and direction of fielded forces. Taken together, information systems are a comprehensive found of the knowledge, beliefs, and the decision making processes and syste ms of the adversary. The outcome sought by information attacks at every level is for the enemy to receive sufficient messages that convince him to stop fighting.Information Warfare is a form of conflict that attacks information system directly as a means to attack adversarys knowledge or beliefs. Information Warfare can be prosecuted as a component of a larger and more comprehensive set of hostile activities a net war or cyber war or it can be undertaken as the sole form of hostile activities. Most weapons, a word used to describe the lethal and nonlethal tools of warfare only have high utility against external adversaries. While most often busy against external adversaries, many of the weapons of information warfare are equally well suited for employment against familiar constituencies. For example, a state or group cannot use guns or bombs against its own members however, the weapons of Information Warfare can be used, have been used, and very likely will be used against both ex ternal and inner adversaries.Information warfare as defined by Martin Libicki has seven componentsCommand and Control Warfare.Intelligence based warfare.Electronic Warfare.Psychological Operations.Hacker Warfare.Economic Information Warfare.Cyber Warfare.This concept of seven components is universally recognised today, as it encompasses the entire spectrum that Information Warfare offers. Besides, it strongly argues that Information Warfare is not exclusively a military function and various actors viz. the media, clannish industry and civil society including civilian hackers play a key role in structure a nations capability to wage Information Warfare. The role of private industry has gradually been acknowledged as cutting edge information technologies become increasingly permeative in sensors and weapon systems. The information systems while making the military more efficient also devote it vulnerable to attacks on the systems itself. Winn Schwartau, also known as the Civil Arch itect of Information Warfare has defined Information Warfare in this very context Information Warfare is a conflict in which information and information systems act as both the weapons and the targets. As far as the Indian base on Information Warfare is concerned, history amply reveals that information was essentially viewed as a strategical resource. Kautilya, the great strategist of the Maurya period, strongly advocated the need of obtaining accurate information about the enemy forces and plans of action. In fact, he is considered to be instrumental in the victory of the Mauryans and placing Chandragupta Maurya on the Magadha throne. His astute thinking on warfare and delicacy is portrayed in the famous treatise Arthshastra. While postulating that war may not always be the adept option, Kautilya espoused the importance of information and knowledge in winning wars.Information Superiority and Cyber Warfare. Information Technology is a double edged weapon. It provides vast opport unities but simultaneously introduces new vulnerabilities and threats, which may arise through computers, subject field and connectivity or, to put it distinguishablely, hardware, software, information and networks. Information superiority over our adversaries including militant and terrorist outfits is very essential. Non Lethal information weapons can black out communication systems, destroy valuable data and cripple the nation. Therefore, we have to act instant(prenominal) than any adversary. This requires defensive as well as offensive cyber warfare capabilities. Cyber warfare can be a full fledged war and vital infrastructure shall get targeted. To handle cyber wars, highest national level decision making is required, in real time and with full fall back options. For this purpose, basic building blocks include excellent monitoring tools for network traffic, web sites and databases, intrusion detection, firewalls, encryption and decryption algorithms, public key infrastructur e and remote access facilities. wicked cyber warfare spans computer crimes and information terrorism. Everyone is under threat telephone, government agency supply, banks, transport, and the day to day needs. lt is important to create tools, awareness, and structures to assess threats to information resources, including military and economic espionage computer break-ins, denial-of-service, destruction and modification of data, distortion of information, forgery, control and disruption of information flow, electronic bombs, etc. ln essence, the thrust of the initiatives must lead to information assurance like life assurance.Defining CyberwarCyber Warfare. It is the sub-set of information warfare that involves actions taken within the cyber world. There are many cyber worlds, but the one most appropriate to cyber warfare is the Internet and related networks that share media with the Internet. Cyber Warfare as related to defence forces refers to conducting of military operations accor ding to information related doctrine. It means disrupting or destroying information databases and communication systems. It means exhausting to know everything about the enemy while keeping the adversary from knowing much about oneself. It means move the equilibrium of information and knowledge in ones favour especially if the balance of forces is not. It means using information so that less cap and labour may have to be expended.Cyberwar refers to conducting, and preparing to conduct, military operations according to information-related ideology. It means disrupting if not destroying the information and communications systems, broadly defined to include even military culture, on which an adversary relies in order to know itself who it is, where it is, what it can do when, why it is combating, which threats to counter first, etc. It means trying to know all about an opponent while keeping it from knowing much about oneself. It means turning the balance of information and knowledg e in ones favour. This form of warfare may involve diverse technologies-notably for C3I for intelligence collection, processing, and distribution for tactical communications, positioning, and identification-friend-or-foe (IFF) and for smart weapons systems-to give but a few examples. It may also involve electronically blinding, jamming, deceiving, overloading, and intruding into an adversarys information and communications circuits. Yet cyberwar is not simply a set of measures based on technology. And it should not be confused with past meanings of computerized, automated, robotic, or electronic warfare.Cyber warfare requires different principles of warfare which have been derived from thousands of years of experience as documented by Sun Tzu, Clausewitz, Jomini, Liddell-Hart, and others. Some of the energising warfare principles apply to cyber warfare while some principles of kinetic warfare have no meaning in cyber warfare. Some principles of kinetic warfare may actually be antag onistic to cyber warfare. The various characteristics and principles of cyber warfare are as underWaging cyber war is relatively cheap. Unlike traditional weapon technologies, acquiring information weapons does not require vast financial resources or state sponsorship.Boundaries are blurred in cyberspace. conventional distinctions public versus private interests, warlike versus criminal behavior, geographic boundaries, such as those between nations tend to get lost in the chaotic and rapidly expanding world of cyberspace.Opportunities abound to manipulate perception in cyberspace. policy-making action groups and other nongovernment organisations can utilize the Internet to galvanize political support.Cyber war has no front line. Current trends suggest that the economy will increasingly rely on complex, interconnected network control systems for such necessities as oil and gas pipelines, electric grids, etc. and these will become vulnerable to cyber attacks.Cyber-warfare must have kinetic world effects. Cyber warfare is meaningless unless it affects someone or something in the non cyber world.Anonymity. Cyber warfare can be waged anonymously. Anonymity is the nature of new technologies, especially telecommunications. An anonymous attack creates two problems. Not only has a states national security been breached, but there is no one to hold accountable for the attack.Offensive Nature. Information technology and computer systems are vulnerable by nature. Therefore, taking defensive measures against the information warfare threat will always be difficult and costly. Improving the defense of information systems also contributes to the security dilemma since decreasing ones susceptibility to information warfare increases the attraction of using information warfare offensively.Cyberwar may have broad ramifications for military organization and doctrine. As noted, the literature on the information revolution calls for organizational innovations so that different par ts of an institution function like interconnected networks rather than associate hierarchies. Thus cyberwar may imply some institutional redesign for a military in both intra- and inter-service areas. Moving to networked structures may require some decentralization of command and control, which may well be resisted in light of earlier views that the new technology would provide greater central control of military operations. But decentralization is only part of the picture the new technology may also provide greater topsight-a central understanding of the big picture that enhances the management of complexity. Many treatments of organizational redesign glorify decentralization yet decentralization alone is not the key issue. The pairing of decentralization with topsight brings the real gains.Cyberwar may also imply developing new doctrines about what kinds of forces are needed, where and how to deploy them, and what and how to strike on the enemys side. How and where to position w hat kinds of computers and related sensors, networks, databases, etc. may become as important as the question used to be for the deployment of bombers and their support functions. Cyberwar may also have implications for the integration of the political and psychological with the military aspects of warfare.In sum, cyberwar may raise broad issues of military organization and doctrine, as well as strategy, tactics, and weapons design. It may be applicable in low- and high-intensity conflicts, in conventional and non-conventional environments, and for defensive or offensive purposes.As an innovation in warfare, I anticipate that cyberwar may be to the 21st century what blitzkrieg was to the 20th century. At a minimum, it represents an extension of the traditional importance of obtaining information in war-of having superior C3I, and of trying to locate, read, surprise, and deceive the enemy before he does the same to you. That remains important no matter what boilers suit strategy is pursued. In this sense, the concept means that information-related factors are more important than ever due to new technologiesEvolution of Cyber WarfareSince the early days of the Internet, there were individuals trying to compromise computer systems security via the network. initially their activities were limited to defacement of web pages and cause mostly by mere thrill seeking. In the mid-nineties political activists realized the potential for publicity coming with the attacks, and defacements carrying a political message became more frequent (Hacktivism). The palette of attack types also widened greatly, most notably some of them became aimed at bringing services or whole systems down, by generating inordinate network traffic (denial of service, email bombardments).The first reported politically motivated cyber terrorist attack using a flood of emails was carried out by the Tamil Tigers against Sri Lankan embassies in 1998. It was successful, even as it did not bring target ed servers down, because more importantly it attracted worldwide media attention to the attackers cause. Activist groups involved in other struggles around the world soon followed with similar attempts.The diplomatic conflict between Pakistan and India over Kashmir has, since the late 1990s, been paralleled by a series of mutual cyber attacks. In the Middle East, every time political or military fight escalated between Israel and Palestinians, so did fights on the virtual battlefield. Both sides have used sophisticated techniques and well planned strategies for their cyber attacks. Pro-Palestinian attacks have been carried out by a number of terrorist groups (some of which even came up with the term cyber jihad), and pro-Jewish ones might have been arrange by the state of Israel, though there is no clear evidence to support that. Studies have shown that Israel leads the list of countries in terms of numbers of conducted computer attacks per 10,000 Internet users.This brings us to t he newest trend in cyber warfare cyber attacks carried out by hacker groups inspired, coordinated, funded and supplied with resources by nation states. They are usually large master and prolonged operations targeting specific systems within enemy structures. Probably the first of this type of attacks took place during the NATO air strikes against targets in Former Republic of Yugoslavia during the Kosovo violence in 2000. Targeted were all 100 of NATO servers, each subject to excessive network traffic originating mostly from Serbia, as well as Russia and China its supporters in the conflict. The cyber attacks caused serious disruptions in NATOs communication and services, lasting several days, but did not directly affect the bombing campaign.These days cyber warfare still mostly consists of uncoordinated cyber terrorism acts performed by groups whose main aim is publicity and media coverage. Gradually though the nature of cyber warfare is going to change into activities coordinate d and paid for by nation states and large international terrorist networks. We can expect attacks trying to exploit vulnerabilities in critical infrastructure like telecommunication systems, airports, military force plants, oil and gas infrastructure, supply of water, and military systems. In the coming years we are likely to see a quick rise in the number of cyber battles and one can imagine that in the future wars are going to be fought without dropping bombs and firing missiles.CHAPTER IIIGLOBAL THREAT IN cyberspaceThreats in cyberspaceThere are four fundamental categories of threats to our information and information infrastructure, characterised by the head of structure in their attack capability and the measure of trust or access that the threat enjoys. These categories areUnstructured External Threats. These are individual or small group of attackers who rely heavily on others tools and published vulnerabilities. They attack targets of opportunity and lack persistence aga inst difficult targets.Structured External Threats. These are coordinated attackers i.e. hostile intelligence agencies or organised crime syndicates, which possess a deep technical knowledge of the target, strong motivation, and the capability to mount combination attacks using multiple complex tactics and techniques.Non Malicious indwelling Threats. These are accidental breaches of security caused due to ignorance or malfunctioning of system.Malicious Internal Threats. Here the attackers are trusted members of the org or a less trusted support worker with some degree of access.The threats can also be classified under the following heads