Cyberwar has ceased to be an eccentricity reserved for isolated acts, small things. New technologies are part of civilians and their armies. ANDattacking them has caught up with conventional warfare.
The massification of smartphones, the expansion of the Internet, instant communication, all these are not just improvements that civilians enjoy. Many of the improvements that new technologies have brought us are exploited by the military. Advances in communications, drones with piloted kilometers of distance, all kinds of support for the soldier on the ground, and a long etcetera.
This means that the war no longer involved in sending soldiers and piloting drones. Attacks on civil and military communications, bringing down electrical networks, or causing panic among the civilian population. Cyber attacks have become just as useful as conventional attacks. AND this has only just begun.
What is a cyber attack? How is cyber warfare done?
A cyber attack is an action in which an attacker enters the networks of a nation to create damage or chaos. That attacker may be another state, or it may be groups of people like terrorists, companies, activists, criminal organizations, or extremist groups. It goes without saying that, on many occasions, some countries have been accused of financing these groups to attack other nations.
Usually a good number of armies are integrating cyberwarfare as part of its operations. In addition to attacking other nations in the event of war, these groups in turn attempt to penetrate their own nation’s systems, as a way of preventing attacks they may receive. And of course, they are also capable of operating in the shade.
These attacks can be divided into two parts. The first part is conventional espionage: hack networks to get information. Both conventional espionage and cyber espionage are not considered acts of war, but they do cause serious tensions. Perhaps the most famous case is the discovery – thanks to Snowden – that the NSA spans a good number of European leaders and countries.
Furthermore, we have the sabotage: direct attacks on infrastructure to stop them working. This is where denial of service attacks or crippling critical infrastructure come in. And, for example, the U.S. power grid is very weak to cyber attacks, according to repeated reports from U.S. agencies. A widespread blackout in a country could cause an economic collapse, lead to an invasion, or simply create a national crisis.
The most famous cyber attacks
Stuxnet and the Iran nuclear project
Stuxnet is one of the best known cyber attacks by everyone. Conceived as a worm that targets industrial systems, gossip assures that it is the result of a pact between Americans and Israelis. Some even speculate that it was created in the Bush era to sabotage Irn’s nuclear program. The researchers, when analyzing their code, affirm that this is the work of a professional. It is careful to attack only in very specific conditions and is complex to hide.
The worm made the headlines for this very reason: many claim that Stuxnet was responsible for the unfortunate and continued errors experienced by the Iran nuclear program. It is estimated that it is responsible for destroying a fifth of the country’s nuclear centrifuges. And that the computers were disconnected from the Internet didn’t do much good. The worm entered hidden in the pendrives of the engineers.
Sony Pictures, The Interview and North Korea
When Sony decided to produce a comedy around the murder of Kim Jong-Un, many were already waiting for a response from North Korea. This response allegedly came from a group of hackers funded by North Korea. Guardians of PeaceSony Pictures’ confidential filtering in November 2014, including copies of unreleased films and information about its employees, and a month later it demanded Sony to withdraw the film.
At the same time, threatened with attacks on cinemas to release the movie. Sony, in response, released the film in digital format and canceled the release at street level. This caused the film to run like foam, in both legal and media not so legal. On the other hand, US intelligence officials claim that the attack has been financed by North Korea, something the country denies.
Google, China and Operation Aurora
Google’s case with China is peculiar. If you go to the country now and try to do a Google search, or check your Gmail, you will be met with a block. And all this goes back to 2010, the date on which Google revealed Operation Aurora to the world. A series of cyber attacks by a group close to the People’s Liberation Army (the military branch of the Communist Party of China, the ruling party) against US companies.
Among those American companies, in addition to Google, we find giants such as Adobe, Yahoo, Symantec and Northrop Grumman. In addition to steal intellectual property and infiltrate, the group of hackers would have been looking for private data on Chinese activists. Google’s response to this incident was to stop complying with Chinese censorship laws, officially ceasing to function in the country.
Do we need a Geneva digital convention?
Microsoft President and Chief Legal Officer Brad Smith is clear: we need a Geneva convention that we can apply to the digital realm. The tensions generated by these attacks are increasing, the attacks pass through privately owned infrastructure, and on many occasions the civilians are simply affected.
To address this, Smith proposes creating a code of rules on cyber warfare. Think that the industry should commit to defending users. It also affirms that we must create a specialized body to respond against cyber attacks.
In any case, you are quite right that these attacks are generating a lot of tension. And this has only just begun. Cyber attacks are becoming a bigger and bigger part of an attack. And, facing a powerful attacker and a weak defense, it is easy to foresee a catastrophe.