CyberWarfare

Area of Impact: Politics and Government toc = = =The Types of Cyberwarfare=
 * //Here are some varieties of cyberwarfare, ranked from mildest to most severe (l//__ink to original article)__**

**Web vandalism**
Foreign opponents can deactivate or deface government or military Web pages. (This is usually just a nuisance and easy to undo.)

**Disinformation campaigns**
The Internet is a popular tool for finding news, and can be used to spread mis- and dis-information to affect a population's beliefs or psychology. The Net can also be used as a platform for rhetoric to incite sympathizers. (This is difficult to implement quickly.)

**Gathering secret data**
Classified information that is not handled securely can be intercepted and even tampered with. (Foreign espionage has always been a threat, but now there is less a need for foreign intelligence operatives to physically infiltrate a location.)

**Disruption in the field**
Military activities are carefully coordinated, and heavily dependent upon electronic communications transmitted over computers and satellites. Opponents can block, intercept these vital communications, or pollute them with false orders or responses. (This type of cyberwar severely endangers the lives of soldiers in the field.)

**Attacking critical infrastructure**
Many components of our national critical infrastructure - electricity, water, fuel, communications, transportation - are surprisingly vulnerable to concerted electronic attack. Serious domestic disasters, including financial meltdown, are possible. (This type of cyberwar poses the most direct threat to civilians.)

**Cyberterrorism is also a form of warfare**
Terrrosits also need to be able to give out information such as training videos, manuals, messages and information for recruitment, followers and other terrorists. They do this through the internet.....

Some more info on Web vandalism
Vandals often use hacking techniques to deface a website or destroy data and files, but there are also those who just want to steal resources (make use of other peoples’ servers without their knowledge or permission) or to cover their tracks by stealthily making use of hardware owned by legitimate businesses to carry out processing for illegal operations or to relay spam and viruses to others.

http://tutorials.ausweb.com.au/web/Tutorials/Website-Security-or-Upgrade-Issues/Vandalism-and-Hacking/

=ClassTask= The class has been asked to be advisors to the government of Edtopia. The president has just learnt about cyber terrorism and your job is to brief him and his advisors. In your brief, you need to present the different methods of cyber terrorism. For each you need to explain that it is and specific documented examples of each to show that it can be deployed. You should also assess the risks of being attacked with this method – what is the worst case scenario for Edtopia? This should be based on evidence that you have found. You need to give the President options as to what he can do to prevent each method of cyber terrorism in his country. You should also assess the implications of the solution to the citizens. Each of you have been given one or more of the types of cyber warfare to research. Next Tuesday (29 January), you will be given some classtime to put your research together and then you will present this to the SL class on Friday.

=**Examples of Cyberterrorism**= (This was collected by the HL class)

http://www.firstmonday.org/issues/issue7_10/vegh/#v3 Rebel movements have used laptop computers and the internet to spread their propaganda all over the world. The imagery found in most of them was the struggle of the poor people against the all-too-powerful army of the government. http://www.intelligence.org.il/eng/sib/8_04/internet.htm Using the Internet to market terrorism: The Palestinian Islamic Jihad markets its terrorist messages using Internet sites supported by Western (mainly American) companies
 * Disinformation campaigns**

Cyber-terrorists often commit acts of terrorism simply for personal gain. Such a group, known as the Chaos Computer Club, was discovered in 1997. They had created an Active X Control for the Internet that can trick the Quicken accounting program into removing money from a user's bank account. This could easily be used to steal money from users all over the world that have the Quicken software installed on their computer. This type of file is only one of thousands of types of viruses that can do everything from simply annoy users, to disable large networks, which can have disastrous, even life and death, results. http://csciwww.etsu.edu/gotterbarn/stdntppr/cases.htm

__**Classified information that is not handled securely can be intercepted and even tampered with. (Foreign espionage has always been a threat, but now there is less a need for foreign intelligence operatives to physically infiltrate a location.)
 * __ Gathering Secret Data

 v  ** __TECHNOLOGY & TECHNIQUES__ **  Ø  [|Agent Handling]  Ø  [|Black Bag Operations]  Ø  [|Concealment device]  Ø  [|Covert listening device]  Ø  [|Cryptography]  Ø  [|Cut-out]  Ø  [|Dead drop]  Ø  [|Eavesdropping]  Ø  [|False flag] operations  Ø  [|Honeypot]  Ø  [|Interrogation]  Ø  [|Nonofficial cover] (NOC)  Ø  [|Numbers messaging]  Ø  [|One-way voice link]  Ø  [|Secure communication] <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  [|Steganography] <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  [|Surveillance] <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  [|TEMPEST] — Protection devices for communication equipment. v  __** EXAMPLES **__ <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  Information on deception and [|subversion] is contained in ancient writings of [|Chinese] and [|Indian] military strategists such as [|Sun-Tzu] and [|Chanakya]. [|Chandragupta Maurya], founder of the [|Maurya Empire], used [|assassinations], spies and secret agents, as described in //[|Arthasastra]//. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  The [|ancient Egyptians] and the [|Hebrews] used spies as well. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  [|Feudal Japan] often used [|ninja] to gather intelligence. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  More recently, spies played a part in [|Elizabethan] [|England] ([|Francis Walsingham]). <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  The [|Cold War] between the [|United States of America] (and allies), the [|Soviet Union] and the [|People's Republic of China] (and allies) involved [|espionage], specifically related to [|nuclear weapons] secrets. Recently, espionage agencies have targeted the [|illegal drug trade] and those considered to be [|terrorists]. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  The former Soviet Union preferred [|human sources] over [|research in open sources], while the United States has emphasized technological methods such as [|SIGINT] and [|IMINT]. Ø  Since January of 2000, agencies have been data mining the world's stock exchanges. On October 26, 2001, the US did this in the form of the [|Patriot Act]. It helped to keep track of the financing of people who might be laundering money. It is done without warrants.
 * __ ESPIONAGE __**
 * Espionage ** or **spying** is a practice of gathering [|intelligence] about an organization or a [|society] that is considered [|secret] or confidential without the permission of the holder of the information. Spies also use epsionage in war. Unlike other forms of [|intelligence collection disciplines] espionage involves accessing the place where the desired information is stored, or accessing the people who know the information and will divulge it through some kind of subterfuge. It is //“The act of obtaining, delivering, transmitting, communicating, or receiving information about the national defense with an intent, or reason to believe, that the information may be used to the injury or advantage of any foreign nation”//. Espionage activities are controlled by organizations such as the [|National Clandestine Service] (US) and the [|Secret Intelligence Service] (UK). Espionage is usually [|governmental], corporate or [|industrial espionage]. Agencies are utilized within a government or private companies are employed to collect information on their behalf such as [|SCG International Risk] and others.

v  __**RISKS**__ <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  The risks of espionage vary. A spy breaking the host country's laws may be deported, imprisoned for espionage or/and [|treason], or even [|executed], as the [|Rosenbergs] were. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  When [|Aldrich Ames] handed a stack of dossiers of CIA agents in the Eastern Bloc to his [|KGB]-officer, at least ten people were secretly shot. When Ames was arrested by the [|FBI], he faced life in prison; his contact, who had [|diplomatic immunity], was declared [|persona non grata] and taken to the airport. Ames's wife was threatened with life imprisonment if her husband did not cooperate; he did, and she was given a five-year sentence. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  [|Hugh Francis Redmond], a CIA officer in China, spent nineteen years in a Chinese prison for espionage—and died there—as he was operating without diplomatic cover and immunity. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  Both national and non-national organizations, conduct espionage operations. Espionage isn’t always directed at secret operations of a target country; national and terrorist organizations and other groups need to get agents into target countries to learn their security routines. They also needed to arrange secure ways of transferring money. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  Communication is necessary in espionage and clandestine operations, and also a great vulnerability when the adversary has sophisticated [|SIGINT] detection and interception capability. <span style="FONT-FAMILY: Wingdings; mso-fareast-font-family: Wingdings; mso-ansi-language: EN; mso-bidi-font-family: Wingdings"> Ø  Certain organizations who have an //association// with espionage, such as the US [|FBI], UK [|Security Service], and [|Canadian Security Intelligence Service] do not //perform// espionage, but all monitor and defend against it, the CSIS principally at analytical levels. In the US and UK, respectively, the [|National Clandestine Service], part of the [|Central Intelligence Agency], performs espionage, while the [|Secret Intelligence Service] does so for Great Britain. Canada does not appear to run espionage, although it collects [|SIGINT]. The Russian [|SVR] performs espionage while the [|FSB] defends against it.


 * //Titan Rain//** was the [|U.S. government]'s designation given to a series of coordinated attacks on American [|computer] systems since 2003.The attacks were believed to be [|Chinese] in origin, although their precise nature (i.e., [|state-sponsored espionage], [|corporate espionage], or random [|hacker] attacks) was uncertain. The designation "Titan Rain" has been changed, but the new name for the attacks is itself classified if connected with this set of attacks.In early December of [|2005] the director of the [|SANS Institute], a security institute in the U.S., said that the attacks were most likely the result of Chinese military hackers attempting to gather information on U.S. systems. Titan Rain hackers gained access to many U.S. computer networks, including those at [|Lockheed Martin], [|Sandia National Laboratories], [|Redstone Arsenal], and [|NASA].

It was claimed that these hackers had obtained large stores of data that might include classified naval codes and information on missile guidance systems, though it was not certain that any such information had in fact been compromised. On September 20, 1999, [|Newsweek] printed a story on Moonlight Maze that was written by Gregory Vistica. It was entitled " 'We're in the middle of a cyberwar' ", based on a quote from then-[|Deputy Secretary of Defense] [|John Hamre]. [|[1]] However, this was refuted shortly thereafter in an article by Federal Computer Week's Dan Verton [|[2]]. The attack has only been traced to Russia and it is unknown whether the attack originated from there.
 * //Moonlight Maze//** is the [|U.S. government]'s designation given to a series of alleged coordinated attacks on American computer systems in [|1999].The attacks were traced to a main frame computer in Moscow but it is not known if that is where they originated.

Known Attacks

 * The [|United States] has come under attack from countries such as [|China] and [|Russia]. See [|Titan Rain] and Moonlight Maze.
 * On [|May 17], [|2007], it was reported that [|Estonia came under cyber attack] from [|Russia]. The [|Estonian parliament], ministries, banks, and media were targeted.
 * On first week of [|September 2007], the [|Pentagon] and various [|French], [|German] and [|British] government computers were attacked by hackers of [|Chinese] origin. The [|Chinese] government denies any involvement.
 * [|Kyrgyzstan] was attacked by [|Estonian] hackers during its election.