In the past, cyber-warfare was a fictional concept presented in movies and TV shows. A recent example includes the action thriller Blackhat (2015,) where the FBI teams up with China to locate cyber-criminals that have hacked a Hong Kong nuclear plant and the Mercantile Trade Exchange in Chicago. Unfortunately, cyber-warfare is more than just a fictional concept. Today, there is more and more evidence that some countries are using state sponsored hacking to infiltrate other countries’ networks and infrastructure.
Why is this a real threat? Strategic cyber-warfare, unlike the term as it may imply, does not involve hand-to-hand combat. It represents a great threat, not only the military but the general public. Cyber-warfare is an internet-based conflict involving politically motivated attacks on information and information systems. Cyber-warfare attacks and disables websites and networks. It disrupts essential services, steals or alters classified data, cripples financial systems, and much more. Once an attack is launched, it is hard to figure out who launched the cyber-attack. Along with industry leaders, the US department of Defense is becoming more aware and now implementing security measures in order to better protect the public and prepare for future threats from state sponsored hacker attacks.
Cyber-warfare is politically motivated by enemy countries to attack another country’s infrastructure such as (but not limited to,) water treatment plants, power grids (electricity and natural gas,) telecommunications, and public transportation. Targets are either strategic or tactical for the sole purpose of espionage or sabotage. Cyber-espionage entails stealing sensitive information or gaining insight into another infrastructure such as enemy troop movement or weapons systems. Cyber-sabotage can cause equipment failure and significant damage such as nuclear meltdown or massive power outages.
One of the possible targets for state sponsored hackers is our country’s electrical power grid. The U.S. Department of Homeland Security is working together with energy providers to enhance the security of control systems. More security is being developed and implemented as the next generation of “smart grid” energy networks are being built.
What happens during a cyber-warfare attack? Hackers target and attack an opponent’s network infrastructure or resources in their database that contain sensitive data. They infiltrate a given system to determine flaws and explore those flaws to gain control of that system and/or destroy it beyond recovery.
Malware (short for malicious software) is the term for hostile or intrusive software designed to cause intentional harm to computer systems. Disguised or embedded into non-malicious files, malware includes viruses, worms, Trojan horses, ransomware, spyware, adware, and scareware. Some of the known malware tools that state sponsored hackers have used in their attacks are:
Flame (also known as “Skywiper,”) was discovered in 2012 by the MAHER Center of Iranian National and used to target countries in the Middle East. This type of malware created a fake Microsoft document appearing as an update through Microsoft. It was distributed to all computers on the network running a Window’s operating system. Purely espionage by design, Flame recorded audio, screenshots, keyboard activity, network traffic, and recorded Skype conversations that scattered throughout the world.
Stuxnet, a computer worm, was discovered in 2010 and targeted industrial programmable controls (PLCs.) PLCs allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, and power plants. The virus propagates throughout the network modifying the codes and giving unexpected commands. Iran’s Natanz nuclear facility was the target of a Stuxnet worm which sabotaged operational capacity and caused serious technical problems forcing shutdown.
Cyber-warfare is more than a fictional concept. It is very real. While movies and TV transmit a popular perception of cyber-warfare, they exist solely for entertainment. The challenge is to differentiate cyber-warfare in the real world and find ways to minimize the damage and ultimately prevent them.