The man next door is starting a war

Posted: September 22, 2011 in Analysis

The internet now gives those with a cause the opportunity and the tool to start a war says John Curry. John is an academic currently carrying out collaborative work with various bodies on gaming cyber war.

Before exploring the concept of individuals pitching nation-states into a war or a war-type situation, a fundamental misconception about cyber war should be challenged.

The very phrase ‘cyber warfare’ is a misnomer; it conjures up visions of government crisis teams controlling armies of hackers; making decisions about the deployment of cyber weapons against the national infrastructure of the enemy.

This misconception is propagated by books such as Richard Clark’s book Cyber War and pseudo-documentaries showing an unfolding crisis, such as the CNN Cyber Shockwave exercise.

Between 1998 and 2010, 22 attacks against national infrastructures have been reported in the public domain. However, these attacks have been practically all one way, with the defending nations only reacting to block the incoming the attacks and keep their IT systems running. There has only been one cyber war recorded in the media and that war does not even have a name.

The first cyber war

On 1 April 2001, a Chinese fighter plane collided with an American spy plane edging along Chinese airspace over the Pacific. The damaged American plane jettisoned its surveillance equipment and landed at a very surprised Chinese airfield. The Chinese fighter pilot was not recovered.

In apparent response to the incident, China defaced 500 US websites. American hackers retaliated and defaced 3,500 Chinese websites. Several months later China then released the so called Code Red Worm that infected 359,000 systems across the world at its peak. Although blamed on anonymous hackers, the attacks were all traced to government servers on both sides of the Pacific.

The first cyber war apparently ended in a draw. A footnote to history records that the American system developer, Ken Eichman, who worked out how to block the attack was rewarded by being invited to the White House for lunch. Curiously, he just worked for a publishing house.

History speaks

Discussing history in a computer magazine might seem strange, but the knowledge of the past challenges the conception that wars between countries are solely the preserve of states and governments. History is littered with examples of individuals starting wars.

In 1754, George Washington ambushed a French scouting party (an act of aggression in peacetime). It was one of the first military steps leading to the Seven Years War (1756-1763). The actions of Gordon (of Khartoum) led the British empire into an unwanted war in 1885.

The start of World War I was caused by the assassination of Arch Duke Ferdinand by the secret Serbian nationalist Black Hand Society using the new technology of easily concealed pistols. The sale of readily available internet based weapons for use by individuals or small groups has opened the possibility of nation states suddenly finding themselves in a war they did not expect or want.

Cyber tools have enabled individuals and determined groups to wage psychological attacks via the internet. The idea of such attacks is as old as history itself. An interesting example was the British suffragette movement that used the telephone to start a bogus general mobilisation in the early 1920s.

There have already been many examples of the internet being used to spreading propaganda, threatening, spreading disinformation or jamming the web by attacking internet service providers and government sites. These attacks can all cause damage and create chaos.

The potential for such attacks has been apparently accepted by the international community as the downside of a connected world.

WikiLeaks, an organisation headed by Julian Assange, publishes private, secret and classified media from anonymous sources and news leaks.

The actions of Private First Class Bradley Manning in giving over 250,000 leaked diplomatic cables to WikiLeaks had international implications. The overthrow of the presidency in Tunisia has been attributed in part to a reaction against the massive corruption revealed by the leaked cables.

The casual confirmation by American diplomatic staff of widespread endemic corruption in the Tunisian regime was the pebble that started the social avalanche that brought down the government. The social revolution in the Middle East cannot have been foreseen by the WikiLeaks group.

The Stuxnet worm, which damaged the Iranian nuclear program by controlling the so called SCADA control systems that interface between computers and machinery, has been a wake-up call. It demonstrated the possibility of launching tactical attacks on civil services like electricity, water supply, government services, banking etc. Such a successful attack could cause chaos and disorder normally associated with a major natural disaster or a war.

Strategic or ‘mega’ attacks involving very large scale sustained action against strategic national sites such as defence related, missile-control, air-traffic control, money transfer, etc. are probably outside the scope of even large criminal organisations.

However, limited tactical cyber attacks that cause considerable disruption, heavy financial loss and/or political turmoil are feasible. As demonstrated by the Russian attack on Estonia in 2007, as soon as the cash points stop working, the man on the street demands retaliation.

Know thine enemy

One of the issues in cyber warfare is working out who the aggressor actually is. The discovery of malware in the US power grid in April 2009 was believed to have come from China and Russia, but the proof was not conclusive. The cyber attack on Estonia was started by a Russian blogger who was upset by the removal of a Russian statue paying tribute to Soviet soldiers for driving the Nazis out of Estonia during World War II.

The blogger helpfully included code for conducting a denial of service attack against Estonia in their blog, which others apparently picked up and used. It is an open question how much of the subsequent cyber attack was sanctioned by the Russian state or whether the actions of the hackers were merely tolerated.

If a country is on the receiving end of an effective widespread cyber attack that affects the man on the street, then the pressure on a government for using the time honoured tradition of military action might be overwhelming. Technically minded determined individuals or small groups now have the potential to shake the world through cyber warfare. Of course, as demonstrated by WikiLeaks, the actual consequences may not be to the liking of those who started it all.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s