Connect with us

Intelligence

The Impact of Cyber Security theory in the World

Sajad Abedi

Published

on

The correct control of cyber security often depends on decisions under uncertainty. Using quantified information about risk, one may hope to achieve more precise control by making better decisions.

Information technology (IT) is critical and valuable to our society. IT systems support business processes by storing, processing, and communicating critical and sensitive business data. In addition, IT systems are often used to control and monitor physical industrial processes. For example, our electrical power supply, water supply and railroads are controlled by IT systems. These “controlling” systems have many names. In this Notes they are referred to as SCADA (Supervisory Control and Data Acquisition) systems, or occasionally, as industrial control systems. They are complex real-time systems that include components like databases, application servers, web interfaces, human machine interfaces, dedicated communication equipment, process control logic, and numerous sensors and actuators that measure and control the state of the industrial process. In many industrial processes (e.g., electrical power transmission) these components are also distributed over a large geographical area. SCADA systems can be seen as the nervous system of industrial processes and since our society is heavily dependent on the industrial processes that SCADA systems manage, we are also dependent on the behavior of our SCADA systems.

Over the last two decades our SCADA systems and their environments have changed. They used to be built on proprietary and specialized protocols and platforms. Today, however, SCADA systems operate on top of common and widely used operating systems (Windows XP) and use protocols that are standardized and publicly available. These changes have altered the threat environment for SCADA systems.

The move to more well-known and open solutions lowers the threshold for attackers who seek to exploit vulnerabilities in these SCADA systems. Vulnerabilities are regularly found in the software components used in SCADA systems (the operating systems) and instructions that can be used to exploit these vulnerabilities are often made available in the public domain. The increased openness also lowers the thresholds for attacks targeting special-purpose SCADA components, programmable logic controllers (PLCs). Today there is an interest in the vulnerabilities they have and there is information available in the public domain about their design and internal components. In fact, it is even possible to buy a subscription to exploit code specifically targeting SCADA systems’ components. In other words, a successful cyber attack against a SCADA system today does not require the SCADA-expertise that was required prior to the move to more open, standardized and common components.

In parallel with the move to more common and widely known solutions, SCADA systems have moved from being isolated and standalone to be interwoven in the larger IT environment of enterprises. Process data collected by SCADA systems, production plans, and facility drawings are often exchanged over enterprises’ computer networks. It is also common to allow users to remotely connect to operator interfaces, for instance, so that process-operators can connect remotely when they are on standby duty and so that suppliers are able to perform maintenance remotely.

The increased integration with more administrative enterprise systems has also contributed to a changed threat environment. Administrative systems are, with few exceptions, connected (directly or indirectly) to the internet. Hence, the possibility for administrative systems to exchange data with SCADA systems is also a possibility for attackers or malware to come in contact with these systems and exploit their vulnerabilities, without physical proximity.

The lowered threshold to find and use SCADA-related vulnerabilities and tighter integration with enterprise systems are two cyber security problems that add to the volume of cyber security issues related to architecture and configuration of the actual SCADA systems. Historically, SCADA systems were built to be reliable and available, but not to be secure against attacks with a malicious intent.

SCADA systems are thus critical assets, have exploitable vulnerabilities, and are interwoven into the enterprise architectures. Decision makers who wish to manage their cyber security need to be able to assess the vulnerabilities associated with different solution architectures. However, assessing the cyber security of an enterprise environment is difficult. The budget allocated for cyber security assessments is usually limited. This prohibits assessments from covering and investigating all factors that could be of importance. The set of variables that should be investigated, and how important they are, is also hazy and partly unknown. For instance, guidelines such as do not prioritize their cyber security recommendations. Such prioritizations are also difficult to do in a generic guideline since the importance of many variables are contingent on the systems architecture and environment and guidelines are limited to one or few typical architectures. Variables are also dependent on each other. An attack against a SCADA system may be performed in a number of ways and can involve a series of steps where different vulnerabilities are exploited. Thus, some combinations of vulnerabilities can make an attack easy, but a slightly different combination may make attacks extremely difficult. Thus, informed decisions require an analysis of the vulnerabilities associated with different architectural scenarios, and at the same time, an analysis of how these vulnerabilities relate to each other.

These problems are not unique for SCADA systems. Many administrative IT systems also have complex environments; administrative IT systems often need to be analyzed on a high level of abstraction; the importance of different variables is hazy also for administrative IT systems. Like the administrative environment, the SCADA environment consists of software, hardware, humans, and management processes. And as described above, there is a substantial overlap between the components which are used in both environments today. However, there is a difference in what needs to be protected in these environments. Security is often thought of as a triage of confidentiality, integrity and availability. For SCADA systems, integrity and availability of functionality are crucial, but confidentiality of business data is not. Because of this, cyber security assessments of SCADA systems have a different focus than for many other systems. The importance of availability and integrity has also other implications. For instance, because of the consequence of a potential malfunction, it is recommended that SCADA systems should not be updated before extensive testing, and network based vulnerability scanners should be used with care in SCADA environments.

Information security is increasingly seen as not only fulfillment of Confidentiality, Integrity and Availability, but as protecting against a number of threats having by doing correct economic tradeoffs. A growing research into the economics of information security during the last decade aims to understand security problems in terms of economic factors and incentives among agents making decisions about security, typically assumed to aim at maximizing their utility. Such analysis is made by treating economic factors as equally important in explaining security problems as properties inherent in the systems that are to be protected. It is thus natural to view the control of security as a sequence of decisions that have to be made as new information appears about an uncertain threat environment. Seen in the light of this and that obtaining security information usually in it is cost, I think that any usage of security metrics must be related to allowing more rational decisions with respect to security. It is in this way I consider security metrics and decisions in the following. The basic way to understand any decision-making situation is to consider which kind of information the decision-maker will have available to form the basis of judgments. For people, both the available information, but also potentially the way in which it is framed (presented), may affect how well decisions will be made to ensure goals.

One of the common requirements on security metrics is that they should be able to guide decisions and actions to reach security goals. However, it is an open question how to make a security metric usable and ensuring such usage will be correct (with respect to achieving goals) comes with challenges. The idea to use quantified risk as a metric for decisions can be split up into two steps. First do objective risk analysis using both assessment of system vulnerabilities and available threats in order to measure security risk. Second, present these results in a usable way so that the decision-maker can make correct and rational decisions. While both of these steps present considerable challenges to using good security metrics, I consider why decisions using quantified security risk as a metric may go wrong in the second step. Lacking information about security properties of a system clearly limits the security decisions, but I fear that introducing metrics do not necessarily improve them; this may be due to 1) that information is incorrect or imprecise, or 2) that usage will be incorrect. This work takes the second view and we argue that even with perfect risk assessment, it may not be obvious that security decisions will always improve. I am thus seeking properties in risky decision problems that actually predict the overall goal – maximizing utility – to be, or not to be, fulfilled. More specifically, we need to find properties in quantifications that may put decision-making at risk of going wrong.

The way to understand where security decisions go wrong is by using how people are predicted to act on perceived rather than actual risk. I thus need to use both normative and descriptive models of decision-making under risk. For normative decisions, I use the well-established economic principle of maximizing expected utility. But for the descriptive part, I note that decision faults on risky decisions not only happen in various situations, but have remarkably been shown to happen systematically describe by models from behavioral economics.

I have considered when quantified risk is being used by people making security decisions. An exploration of the parameter space in two simple problems showed that results from behavioral economics may have impact on the usability of quantitative risk methods. The results visualized do not lend themselves to easy and intuitive explanations, but I view my results as a first systematic step towards understanding security problems with quantitative information.

There have been many proposals to quantify risk for information security, mostly in order to allow better security decisions. But a blind belief in quantification itself seems unwise, even if it is made correctly. Behavioral economics shows systematic deviations of weighting when people act on explicit risk. This is likely to threaten security and its goals as security is increasingly seen as the management of economical trade-offs. I think that these findings can be used partially to predict or understand wrong security decisions depending on risk information. Furthermore, this motivates the study how strategic agents may manipulate, or attack, the perception of a risky decision.

Even though any descriptive model of human decision-making is approximate at best, I still believe this work gives a well-articulated argument regarding threats with using explicit risk as security metric. My approach may also be understood in terms of standard system specification and threat models: economic rationality in this case is the specification, and the threat depends on bias for risk information. I also studied a way of correcting the problem with reframing for two simple security decision scenarios, but only got partial predictive support for fixing problems this way. Furthermore, I have not found such numerical examinations in behavioral economics to date.

Further work on this topic needs to empirically confirm or reject these predictions and study to which degree they occur (even though previous work clearly makes the hypothesis clearly plausible at least to some degree) in a security context. Furthermore, I think that similar issues may also arise with several forms of quantified information for security decisions.

These questions may also be extended to consider several self-interested parties, in game-theoretical situations. Another topic is using different utility functions, and where it may be normative to be economically risk-aversive rather than risk-neutral. With respect to the problems outlined, rational decision-making is a natural way to understand and motivate the control of security and requirements on security metrics. But when selecting the format of information, a problem is also partially about usability. Usability faults often turn into security problems, which is also likely for quantified risk. In the end the challenge is to provide users with usable security information, and even more broadly investigate what kind of support is required for decisions. This is clearly a topic for further research since introducing quantified risk is not without problems. Using knowledge from economics and psychology seems necessary to understand the correct control of security.

Continue Reading
Comments

Intelligence

The drone attacks on Saudi Arabia’s oil wells

Giancarlo Elia Valori

Published

on

In the early morning of Saturday, September 14 last, at 3.31 and 3.42 a.m., the Yemeni Houthi Shiite rebels supported by the Iranian “Revolutionary Guards” – the right eye of Imam Qomeini, as they are called in Iran – launched about ten drones against the largest Saudi oil extraction area owned by ARAMCO.

Allegedly the operation was launched from Iraq. Both Abqaiq, the largest stabilization facility in the world, as well as the Buqaiq facility in the extraction field, and finally Kurais, about 60 kilometres from Abqaiq, were hit with drones.

  It is the largest oil disruption ever, considering all those caused by wars or other reasons.

The Shiite attacks have immediately reduced Saudi production by about five million barrels per day, i.e. about half of the Saudi Kingdom’s daily output.

 With the drone attacks, the world has lost 6% of its oil output.

 The Saudi authorities have said that, as early as September 17, everything has been under control.

The first geopolitical deduction that can be made is that the current attacks, much more virulent than those already occurred last May, open a second front of Arabia’s war against Iraq, which, in any case, would severely strain the Saudi armed forces, already absorbed by the war in Yemen- albeit with meagre results.

Moreover this could open a new strategic area, in which the USA could be forced to help Saudi Arabia and Israel could be forced to later project its power not only onto its northern and southern borders, but also onto eastern Syria and Iraq – and permanently so, unlike what currently happens.

Certainly, all this regards above all Iran that, however, could not afford a hybrid and conventional war with Saudi Arabia and its traditional regional allies.

 Moreover, the Shiite Houthi’s attack on the Saudi oil facilities was conceived and probably planned by the Head of the Pasdaran, Qassem Soleimani.

Hence the Houthi operation has run parallel with the action directly organized by the Pasdaran on September 15 last, i.e. the seizure of a ship – the name of which is still unknown -carrying a fuel cargo of over 250,000 litres.

 All this happened in the Strait of Hormuz, near the island of Tunb, in Iranian waters.

 A full option strategy to show Iran’s new regional strategic status.

According to Iranian sources, the rationale underlying the naval operation of the Iranian Revolutionary Guards concerns the substantial oil smuggling to and fro the United Arab Emirates.

Tout se tient.

  Iran, on the one hand, while assessing the war burden for Saudi Arabia in Yemen, wants to open other fronts of the conflict, thus also extending Israel’s defence chain. Hence Iran pursues the overstretch of its traditional opponents.

 Another possible assessment of the drone operation carried out by the Houthis and Iran is that it could be an Iranian response to the actions undertaken by French President Macron who has recently tried to organize a side meeting, at the UN General Assembly, between US President Trump and  Iranian President Rouhani.

Ali Khamenei, the Rahbar and, hence, Iran’s Supreme Leader, was, however, clearly opposed to a new Iran-US diplomatic relationship, and his Revolutionary Guards have immediately understood the issue.

Moreover, the very recent drone attacks on the two Saudi facilities are not even the first and only ones. As mentioned above, on May 15 last, two Saudi pumping stations – placed on the East-West pipeline that reaches up to the Yanbu oil terminal were attacked with two drones probably launched from Iraq.

Hence Iran has an efficient and stable network in Iraq to launch attacks on the Saudi territory and its surrounding areas, not necessarily with drones only.

With its satellite photos, Israel has shown that the Al Quds Force, the elite of the Pasdaran, is building an Iranian military station in Albukamal, on the Syrian-Iraqi border-and probably these operations indicate that the base is already finished.

  It is supposedly a base for at least 3,500 soldiers, with means that should be used above all for the “hybrid war”, but not only for it.

Once again Israel has become a target for Iran, from the new bases in Northern Iraq. The United States, however, does not want to be entangled and bogged down into a new “long war” in the Middle East, even though it will help Saudi Arabia (and, obviously, Israel) from afar, while Saudi Arabia has explicitly stated that the Iranian drones are very hard to track.

At economic level, however, the Saudi oil crisis has the same magnitude as the oil crisis following the Yom Kippur war.

 This crisis, however, is really such only because Saudi Arabia has proved to be fragile, not only in terms of mere oil quantity, which has been immediately reintroduced into the daily balance, using the Saudi huge reserves.

Nevertheless they will run short and nobody really knows what the reserves of the Saudi wells are, which are reportedly still very large. However, there are those who have doubts in this regard, since it is the best kept Saudi State secret.

 This has been the worst attack ever on the “oil bank”, as analysts call the Saudi Kingdom.

Hence the attack is a real game change rand it is currently hard to predict all its effects, even for technical experts and  strategic analysts.

 It much depends on Mohammed bin Salman’s moves, as well as on the US real engagement in the region, and finally on Israel’s future military policy.

 According to some organizations that study oil markets, the Iranian and Houthi operation is at least as severe as the invasion of Kuwait – which also “sucked” Iraqi oil- or as  the 1979 Iranian Shiite revolution itself.

 President Trump has already authorized the release of US strategic reserves (SPR), where necessary, “to keep the markets well supplied”.

As early as September 16, however, Saudi ARAMCO has been expected to recover at least a third of its production, with a maximum of two or three million barrels of Saudi oil that will go back to the markets within two-five days, while additional 2.7 million barrels will arrive on the market later, considering the nature and specificity of the Abqaiq facility.

 It is a huge facility located in a Saudi area where the  presence of Shiite Islam is far from negligible, i.e. about 15-20%, mainly in the eastern zones and among the workers operating in the wells and facilities.

This is another political sign-halfway between religion and class struggle – not to be neglected.

When the markets opened, on the Monday following the attacks, the oil barrel price increased by 20%, with a peak of 71.6 USD per barrel.

However, what are the Iranian assets in the current war launched against the great Wahhabi and Sunni power, namely Saudi Arabia – a war which is a proxy one only from a formal viewpoint?

They are manifold and remarkable.

 There are over 45 Iranian military airports. The maritime positions currently held by the Revolutionary Guards are over 16, all located on the coasts and islands of the Persian Gulf.

 The missile stations in Iran and Iraq have several carriers capable of reaching a range of 2,500 kilometres.

 Iran’s area denial and access denial capabilities are much greater than those of any country in the region.

Iran has a significant submarine fleet, both in the Persian Gulf and in the Indian Ocean, as well as a large fleet of very fast motorboats and patrol boats.

At military level, Iran is not afraid of its obvious tactical superiority nor of the first or second-level reactions of its opponents.

Cyberattacks are another Iranian “excellence” while, only recently, Saudi ARAMCO has been updated in terms of protection from cyberattacks- albeit we are still at less relevant levels than Iran’s.

 It is no by mere coincidence that the Saudi oil company has already suffered cyberattacks, with the Shamoon virus in 2018. Moreover, due to their geographical location, also the Saudi ports and infrastructure are scarcely protected from missile or air attacks.

 But also from sea bombings, especially on the ports of Ras Tanura and Ras Juaymah, located in the Persian Gulf, and of Yanbu, in the Red Sea, which are hard to protect.

So far, however, the Saudi critical infrastructure has been defended only from Qaedist attacks, not from a real military operation, possibly with the Houthi conventional or hybrid war protection.

Not to mention the desalination plants, which process 70% of all the drinking water distributed in Saudi homes, in addition to electricity grids, which are based on the production of energy using over two thirds of the abundant oil supplies. They are surely targets of the drone attacks, as well as cyberattacks or conventional operations.

 Another factor not to be neglected regards one of the mainstays of Mohammed bin Salman’ strategy, namely the sale of Saudi ARAMCO.

Clearly the attacks significantly reduce the stock market value of the company, and it just so happened that, in the last days before the attack of last Saturday, the sale procedure had recorded a strong acceleration.

 Mohammed bin Salman has set the cost of the ARAMCO operation at 2 trillion dollars.

Hence, considering the infrastructure weakness shown by Saudi Arabia, it will be very unlikely for investors to run to buy the company and carry out transactions on the Stock Exchange.

It is also easy to understand that Iran’s and its proxies’ operation against Saudi Arabia is such as to place Iran in a vantage position in a future new negotiation on the nuclear issue.

It should be recalled that the war in Yemen started in 2015 when Saudi Arabia entered that country to free some areas, including the capital Sana’a, from the insurgents.

Later Saudi Arabia established a friendly government, led by Abu Mansur Hadi.

Saudi Arabia, however, was not able to hold its positions and reach its strategic objectives.

In fact, holding Yemen means to completely control the Persian Gulf and the areas pertaining to it.

Saudi Arabia has kept only Aden and Al Mokha, as well as few other areas, while the border between Arabia and Yemen is still a land of conflict and clashes, in a tribal zone, on the Saudi side of the border line, which has always been scarcely favourable to the Al Saud family and to the Wahabi tradition of Islam.

 Nevertheless, not the whole Ansar Allah, the Houthi Shiite movement, is strictly dependent on Iran.

Hence the war in Yemen is a huge cost for Saudi Arabia, while it is negligible for Iran.

We should also consider the support provided to the rebels in the South by Abu Dhabi, the other Emirates and Oman, a country that has always had its own specific policy vis-à-vis Iran.

It should also be recalled that Saudi Arabia was directly hit by drones on December 4, 2017.

However, only a part of the Yemeni tribes are currently  loyal to Hadi’s central government and they have often had to enter the Saudi territory, while the other tribes, including the Sunni ones, have supported the tribal-national autonomy proposed by the Houthis.

As already mentioned above, however, ultimately not even Iran will be able to control Ansar Allah completely.

 Other effects of the oil crisis will be seen in India, whose  economic take-off relies solely on Middle East oil, with 18% of its annual consumption resulting from Saudi oil alone.

 Other Asian countries shall change their main supplier, but also the United States – despite its shale oil production -has so far imported 400,000 barrels per day in 2019 alone.

 The situation is not bad at all for Russia which, for years, has been setting oil prices similar to OPEC’s. The same holds true for Kuwait and the Emirates, but the possible expansion of production could currently reach a million barrels per day, which are not enough to cover the Saudi shortfall.

 Reverting to Yemen, it should also be recalled that the local war is the result of the US-sponsored “Arab spring”.

Hence, it is however unlikely that the attacks on oil wells and facilities (and we should consider that they are not far from the Yemeni border) provide the opportunity for a combined Saudi, US and Israeli attack on Iranian military positions in Iraq or in the Persian Gulf.

From a disadvantaged position, Iran has managed to create its own strategic level playing field with regional and international players, which is the real new fact of the drone attack on the Saudi oil facilities that took place last Saturday.

Continue Reading

Intelligence

Iran: New details of shooting Global Hawk disclosed

Newsroom

Published

on

Deputy of Operations of Iran’s Passive Defense Organization Amir Khoshghalb, in an interview with Mehr news agency, released the details of downing US Northrop Grumman RQ-4 Global Hawk spy drone by IRGC.

“We were precisely observing the US drone’s activity even from the beginning moments of its flight,” he said, “We knew its route and it was under full supervision of Iran Defense Organization.”

“The drone was moving towards Iran, breaching international regulations i.e. taking that route it was making a threat to Iran,” the Iranian official said. 

“It had even turned off its identification system,” he added.

“We needed to take a tactical measure, accordingly,” he said.

“Our tactical measure has various aspects; first we issued a radio warning,” Khshghalb described, “In some cases, the warning is stronger and will lead into a strong tactical measure such as shooting.”

“On its route, which was longer than three hours, the drone, which was under our full surveillance, was seeking something,” he reiterated.

“May be we could take initial measures much earlier but we let the drone do its job and end its route,” he said, “We repeatedly issued warnings when the drone was on its way moving towards us asking it to act upon international regulations but it ignored all of them.”

On June 20, In June, Iran’s IRGC downed a US Northrop Grumman RQ-4 Global Hawk spy drone after it had violated Iranian airspace. Despite the US claims that the drone had been flying over international waters, Iran said it had retrieved sections of the drone in its own territorial waters where it was shot down.

The intruding drone was shot by Iran’s homegrown air defense missile system “Khordad-3rd”.

US President Donald Trump said afterward that he aborted a military strike to retaliate against Iran’s downing of the US drone because it could have killed 150 people, and signaled he was open to talks with Tehran.

Chief of General Staff of Iranian Armed Force, Major General Mohammad Hossein Bagheri, said on Wednesday that the US was on the verge of attacking Iran but called off the plans after Iran downed the intruding drone.

“The US was to take a practical measure [military strike] against us but in the name of a high number of probable victims, it overturned the decision,” he said, adding, “The main reason, however, was Iran’s deterrence power.”

These are the result of the Iranian thought and the commands of the Revolution Leader, he said, noting that despite all problems, Iran enjoys great capabilities in the defense sector and the Iranian nation will not let eruption of another war.

From our partner MNA

Continue Reading

Intelligence

Rethinking Cyber warfare: Strategic Implications for United States and China

Zaeem Hassan Mehmood

Published

on

“Every age had its own kind of war, its own limiting conditions, and its own peculiar preconceptions.”Carl von Clausewitz

Internet has transformed the front lines of war. Modern conflicts are now waged online in cyberspace. World Wide Web (WWW) has eradicated all physical borders and defences, without which weak and powerful states are all prone to attacks. Concurring to this pretext, a number of countries have formally recognized cyber as the new domain of warfare in their strategy papers and documents. United States and China are the master players in this realm having military units active, with sophisticated state of art capabilities dedicated to cyber strikes. The consequences are dire, for the sole superpower, and for the rising economic giant which is projected to take over the former by 2025.

The dynamic nature of cyber warfare has caused frustration in the inner circles of Washington and Beijing. Both the public and the private sector have been targeted. The former to get hands on state secrets and latter for intellectual property rights. According to an estimate by US Cyber Command (USCYBERCOM), it has cost the American economy $338 billion, an amount closer to the entire Gross Domestic Product (GDP) of Pakistan. China on the other hand leads the Asia-Pacific region in cyber losses which incurs the country an annual estimated loss of $60 billion.

Next Generation Warfare

There is a surge seen in cyber attacks against the US. The Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI) and National Security Agency (NSA) at multiple times have came under attack. This is followed by Silicon Valley tech giants, such as Netflix, Twitter and Spotify who on numerous occasions have been taken down by cyber attackers. It is very difficult to trace the identity and origin of the attack, as various techniques like changing Internet Protocol (IP) cannot only hide identity of attacker but misattribute it to other nations. Cyber security analysts working in their private capacity have collected evidence that seems indicate China as the alleged perpetrator of recent waves of cyber-attacks.

However, cyber pundits have openly stated that they cannot guarantee with a hundred percent accuracy that the evidence collected in wake of cyber-attacks is authentic and not planted by perpetrators to seem to look genuine. In cyberspace. An attack could be from anywhere around the globe. It could be from friends and foes alike, anyone can attack and make it look like an attack came from China or other adversary. In the past, cyberattackers from France bypassed into secured servers stealing classified information relating to American products and designs. Added to that, it is an expensive and difficult task to analyze these attacks. To know that you have been attacked or infiltrated is itself a big achievement. Considering that, it take days or even months to find that your security has been compromised. It took seven months for security analyst to find the Stuxnet virus that was hiding itself into a legitimate Siemens software responsible for controlling centrifuges at nuclear power plants around the world. According to an estimate starting rates for analyzing and identifying cyber attacks start from $650 dollars per hour, which often end up towards an uncertain conclusions.

Philippe Goldstein author of Babel Zero argues that attacking against a wrong adversary would be catastrophic. A troublesome scenario, where attacks in cyberspace can be met with conventional and even nuclear culminating a “Cyber Armageddon”. It is this reason that states have taken cyber warfare seriously and synonymous to national security. China has incorporated cyber command structure within its armed forces, under the“Three Warfare strategy.”

Cybersecurity analysts have called minuet “cyber bullets” as ‘Cyber weapons of Mass Destruction.’ All one needs is ‘bad timings, bad decision making and some bad luck!’ and you can end up having a World War III which was 24/7 nightmare of Cold War veterans. The world is not immune from such attacks. Anyone having an access to any computing device, from iPods to digital smart watches, having right technical skills can cause a national security crisis. This is well depicted in John Badham’s film, WarGames where a young hacker unknowingly sets a US military supercomputer to launch nuclear weapons on the former Soviet Union. Few years back, an attack on FBI’s website resulted in leaking of classified data caused alarm bells in Washington. Later it was found out the perpetrator was a 15 year old school boy from Glasgow, Scotland.

The way forward for states remains cumbersome in the absence of legal framework from the United Nations (UN). Further complications arise when the attack is orchestrated by a non-state actor or private individual from a particular state. Recent debates among the North Atlantic Treaty Organization (NATO) members have arisen in the wake of alleged Russian sponsored cyber activities against Europe and America whether the collective defence measures under Article 5 would apply to a cyber-attack.

Cyber security is a relatively new introduction in war studies. The US Department of Defence (DOD) recognized cyber warfare, as the fifth domain of warfare following land, sea, air and outer space. There are around 30 countries that have dedicated cyber military units, whereas more than 140 countries have or are in developing stages to acquire cyber weapons. Cyber is the means by which countries irrespective of their financial standing can acquire to further states objectives. US and China are considered advanced states in cyber realm, having cyber military technology and capabilities that are rarely matched by other contenders. Therefore, studying their way of cyber dealings, strategies and policy making would allow other countries such as Pakistan to better able to understand the dynamics and nature of this new type of warfare. India has tasked the Defence Cyber Agency (DCA), presently headed by a two-star Admiral which reports directly to Chairman of the Chiefs of Staff Committee (CCSC). DCA is presently undertaking to prepare a Cyber warfare doctrine for India. The repercussions of the developments are critical for Pakistan, which require a comprehensive safety and information guideline to be prepared for the masses. 

Continue Reading

Latest

Trending

Copyright © 2019 Modern Diplomacy