Area of Impact: Politics and Government

The Types of Cyberwarfare

Here are some varieties of cyberwarfare, ranked from mildest to most severe (link to original article)

Web vandalism

Foreign opponents can deactivate or deface government or military Web pages. (This is usually just a nuisance and easy to undo.)

Disinformation campaigns

The Internet is a popular tool for finding news, and can be used to spread mis- and dis-information to affect a population's beliefs or psychology. The Net can also be used as a platform for rhetoric to incite sympathizers. (This is difficult to implement quickly.)

Gathering secret data

Classified information that is not handled securely can be intercepted and even tampered with. (Foreign espionage has always been a threat, but now there is less a need for foreign intelligence operatives to physically infiltrate a location.)

Disruption in the field

Military activities are carefully coordinated, and heavily dependent upon electronic communications transmitted over computers and satellites. Opponents can block, intercept these vital communications, or pollute them with false orders or responses. (This type of cyberwar severely endangers the lives of soldiers in the field.)

Attacking critical infrastructure

Many components of our national critical infrastructure - electricity, water, fuel, communications, transportation - are surprisingly vulnerable to concerted electronic attack. Serious domestic disasters, including financial meltdown, are possible. (This type of cyberwar poses the most direct threat to civilians.)

Cyberterrorism is also a form of warfare

Terrrosits also need to be able to give out information such as training videos, manuals, messages and information for recruitment, followers and other terrorists. They do this through the internet.....

Some more info on Web vandalism

Vandals often use hacking techniques to deface a website or destroy data and files, but there are also those who just want to steal resources (make use of other peoples’ servers without their knowledge or permission) or to cover their tracks by stealthily making use of hardware owned by legitimate businesses to carry out processing for illegal operations or to relay spam and viruses to others.

http://tutorials.ausweb.com.au/web/Tutorials/Website-Security-or-Upgrade-Issues/Vandalism-and-Hacking/

ClassTask

The class has been asked to be advisors to the government of Edtopia. The president has just learnt about cyber terrorism and your job is to brief him and his advisors. In your brief, you need to present the different methods of cyber terrorism. For each you need to explain that it is and specific documented examples of each to show that it can be deployed. You should also assess the risks of being attacked with this method – what is the worst case scenario for Edtopia? This should be based on evidence that you have found. You need to give the President options as to what he can do to prevent each method of cyber terrorism in his country. You should also assess the implications of the solution to the citizens.
Each of you have been given one or more of the types of cyber warfare to research. Next Tuesday (29 January), you will be given some classtime to put your research together and then you will present this to the SL class on Friday.

Examples of Cyberterrorism

(This was collected by the HL class)

Disinformation campaigns
http://www.firstmonday.org/issues/issue7_10/vegh/#v3
Rebel movements have used laptop computers and the internet to spread their propaganda all over the world. The imagery found in most of them was the struggle of the poor people against the all-too-powerful army of the government.
http://www.intelligence.org.il/eng/sib/8_04/internet.htm
Using the Internet to market terrorism: The Palestinian Islamic Jihad markets its terrorist messages using Internet sites supported by Western (mainly American) companies


Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a group, known as the Chaos Computer Club, was discovered in 1997. They had created an Active X Control for the Internet that can trick the Quicken accounting program into removing money from a user's bank account. This could easily be used to steal money from users all over the world that have the Quicken software installed on their computer. This type of file is only one of thousands of types of viruses that can do everything from simply annoy users, to disable large networks, which can have disastrous, even life and death, results.
http://csciwww.etsu.edu/gotterbarn/stdntppr/cases.htm

Gathering Secret Data
Classified information that is not handled securely can be intercepted and even tampered with. (Foreign espionage has always been a threat, but now there is less a need for foreign intelligence operatives to physically infiltrate a location.)

ESPIONAGE
Espionage or spying is a practice of gathering intelligence about an organization or a society that is considered secret or confidential without the permission of the holder of the information. Spies also use epsionage in war. Unlike other forms of intelligence collection disciplines espionage involves accessing the place where the desired information is stored, or accessing the people who know the information and will divulge it through some kind of subterfuge. It is “The act of obtaining, delivering, transmitting, communicating, or receiving information about the national defense with an intent, or reason to believe, that the information may be used to the injury or advantage of any foreign nation”. Espionage activities are controlled by organizations such as the National Clandestine Service (US) and the Secret Intelligence Service (UK). Espionage is usually governmental, corporate or industrial espionage. Agencies are utilized within a government or private companies are employed to collect information on their behalf such as SCG International Risk and others.

v TECHNOLOGY & TECHNIQUES
Ø Agent Handling
Ø Black Bag Operations
Ø Concealment device
Ø Covert listening device
Ø Cryptography
Ø Cut-out
Ø Dead drop
Ø Eavesdropping
Ø False flag operations
Ø Honeypot
Ø Interrogation
Ø Nonofficial cover (NOC)
Ø Numbers messaging
Ø One-way voice link
Ø Secure communication
Ø Steganography
Ø Surveillance
Ø TEMPEST — Protection devices for communication equipment.

v EXAMPLES
Ø Information on deception and subversion is contained in ancient writings of Chinese and Indian military strategists such as Sun-Tzu and Chanakya. Chandragupta Maurya, founder of the Maurya Empire, used assassinations, spies and secret agents, as described in Arthasastra.
Ø The ancient Egyptians and the Hebrews used spies as well.
Ø Feudal Japan often used ninja to gather intelligence.
Ø More recently, spies played a part in Elizabethan England (Francis Walsingham).
Ø The Cold War between the United States of America (and allies), the Soviet Union and the People's Republic of China (and allies) involved espionage, specifically related to nuclear weapons secrets. Recently, espionage agencies have targeted the illegal drug trade and those considered to be terrorists.
Ø The former Soviet Union preferred human sources over research in open sources, while the United States has emphasized technological methods such as SIGINT and IMINT.
Ø Since January of 2000, agencies have been data mining the world's stock exchanges. On October 26, 2001, the US did this in the form of the Patriot Act. It helped to keep track of the financing of people who might be laundering money. It is done without warrants.

v RISKS
Ø The risks of espionage vary. A spy breaking the host country's laws may be deported, imprisoned for espionage or/and treason, or even executed, as the Rosenbergs were.
Ø When Aldrich Ames handed a stack of dossiers of CIA agents in the Eastern Bloc to his KGB-officer, at least ten people were secretly shot. When Ames was arrested by the FBI, he faced life in prison; his contact, who had diplomatic immunity, was declared persona non grata and taken to the airport. Ames's wife was threatened with life imprisonment if her husband did not cooperate; he did, and she was given a five-year sentence.
Ø Hugh Francis Redmond, a CIA officer in China, spent nineteen years in a Chinese prison for espionage—and died there—as he was operating without diplomatic cover and immunity.
Ø Both national and non-national organizations, conduct espionage operations. Espionage isn’t always directed at secret operations of a target country; national and terrorist organizations and other groups need to get agents into target countries to learn their security routines. They also needed to arrange secure ways of transferring money.
Ø Communication is necessary in espionage and clandestine operations, and also a great vulnerability when the adversary has sophisticated SIGINT detection and interception capability.
Ø Certain organizations who have an association with espionage, such as the US FBI, UK Security Service, and Canadian Security Intelligence Service do not perform espionage, but all monitor and defend against it, the CSIS principally at analytical levels. In the US and UK, respectively, the National Clandestine Service, part of the Central Intelligence Agency, performs espionage, while the Secret Intelligence Service does so for Great Britain. Canada does not appear to run espionage, although it collects SIGINT. The Russian SVR performs espionage while the FSB defends against it.

Titan Rain was the U.S. government's designation given to a series of coordinated attacks on American computer systems since 2003.The attacks were believed to be Chinese in origin, although their precise nature (i.e., state-sponsored espionage, corporate espionage, or random hacker attacks) was uncertain. The designation "Titan Rain" has been changed, but the new name for the attacks is itself classified if connected with this set of attacks.In early December of 2005 the director of the SANS Institute, a security institute in the U.S., said that the attacks were most likely the result of Chinese military hackers attempting to gather information on U.S. systems. Titan Rain hackers gained access to many U.S. computer networks, including those at Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and NASA.

Moonlight Maze is the U.S. government's designation given to a series of alleged coordinated attacks on American computer systems in 1999.The attacks were traced to a main frame computer in Moscow but it is not known if that is where they originated.
It was claimed that these hackers had obtained large stores of data that might include classified naval codes and information on missile guidance systems, though it was not certain that any such information had in fact been compromised.
On September 20, 1999, Newsweek printed a story on Moonlight Maze that was written by Gregory Vistica.
It was entitled " 'We're in the middle of a cyberwar' ", based on a quote from then-Deputy Secretary of Defense John Hamre. [1]
However, this was refuted shortly thereafter in an article by Federal Computer Week's Dan Verton [2].
The attack has only been traced to Russia and it is unknown whether the attack originated from there.

Known Attacks