2013 The Year of the Cyber-War
June 4, 2013
United States, China, Russia, Israel, Iran and North Korea – Top Players on the Cyber Battlefield
As talk of the US and China’s informal California summit continues to spread, the dire circumstances regarding today’s cyberspace are becoming more evident. While the most powerful countries continue to be the United States, China, Russia, Israel, Iran and North Korea, Security Analysts report that 12 out the world’s 15 largest military powers are currently building their programs in preparation of a cyber-war. Whether or not an all-out cyber-war will actually ensue is debated among security professionals, however, there is no question in regards to the fact that it can happen and that it could potentially turn deadly.
Critical Infrastructure Attacks
Unlike a normal battlefield where soldiers use physical force, a cyber-war is much more subtle but when strategically executed can cause collateral damage. Modern networks are heavily reliant on the Internet, from banks to hospitals to traffic lights; everything is fueled by computers. Due to this, a targeted attack on a nation’s critical infrastructures can produce catastrophic consequences. Today’s most vulnerable structures include:
- Stock Exchange
- Nuclear Power Plants
- Water Purification Systems
A well executed attack on any number of these critical pieces can leave an entire country in the dark, literally. A total shut down of a nation’s banking system, power, clean water or stock exchange will undoubtedly lead to fear and civil panic. Additionally, in a situation such as this, emergency responders will not be able to coordinate any meaningful type of response since their own radio networks would be worthless without power. In this way, cyber security professionals defend the position that a cyber-war could very well lead to the physical loss of life similar to traditional warfare.
The Big Players
The effects of cyber-war are considerable to say the least and to make matters worse, all parties involved are at a standstill of strategic distrust and not one country believes that another will resist taking action if the opportunity presents itself. For this reason, the US and Chinese presidents are meeting to discuss the establishment of international cyber norms and rules for countries to follow. However, while the most prominent in the cyber space, they are not the only players. Below is a summary of each country involved and where their skills lie on the cyber front.
Realizing that cyber warfare is inevitable, the US government has increased spending and training in preparation. In recent years, the US has devoted hundreds of millions of dollars to developing and refining their cyber-attack capabilities with a strong focus on the offensive. Budget documents for this year also report an additional $5.8 million to go towards cyber-defense capabilities. The US is also suspected to be responsible for a number of cyber-attacks on Iranian networks and nuclear power plants. However, the US government is careful to state that their preparation is only to be used in the event of a cyber-war; head of Cyber Command and Army General Keith Alexander also notes that any major attack on the US’ critical infrastructures could be viewed as an act of war.
While China is often cited to be the source of many cyber-attacks, especially on American companies and US citizens, their hacking methods are considered less sophisticated as other nations. However, China’s advantage comes from the sheer number of hackers they have working and their ability to rapidly fire off small scale attacks at their targets. Additionally, the unprecedented number of hacks China has launched has allowed the country to gain years’ worth of corporate and government secrets that they can use to their advantage.
Russia initiates some of the most advanced cyber-attacks and houses the most organized cyber mafia in the world. The Russian Business Network is the oldest and largest organized cybercriminal establishment; it is comprised mostly of former KGB cyber spies. This network of cybercriminals uses high level toolkits not employed anywhere else in the world. Additionally, Russian cybercriminals report great patience and persistence when engaging in an attack. In some cases, they will prepare for over a year in order to perform a deep-level attack without leaving a single trace that it occurred. Russian cybercriminals, however, use their sophisticated technical abilities to focus on corporate espionage to sell the information they steal to competitors for cash.
Israel recently installed a control center specifically for cyber defense in reaction to the increasing number of cyber-attacks the country has endured from nearby Iran. Additionally, the country is building up a multi-billion dollar weapons arsenal to contend with Iran’s nuclear program. While there has been no confirmation that the country has endured a significantly damaging cyber-attack, the erection of the control center, one of only a few cyber defense systems of its kind, signals it’s only a matter of time. All speculation reports that Israel will unlikely launch the pre-emptive attacks it has threatened Iran with but the capability for it is definitely present and growing.
Iran recently raised its cyber defenses in protecting the country’s banking system, communications networks, oil and industrial facilities and nuclear power sites. Additionally, at the beginning of this year Iran presented a public demonstration of its newly refined capabilities to defend against cyber-attacks from other leading countries such as the US and Israel, both suspected of having attacked Iranian networks. The majority of attacks stemming from Iran are distributed denial of service (DDoS) attacks targeted at the US’s banking institutions including Wells Fargo, Bank of America, PNC and Citigroup Citibank.
North Korea, while not the most technologically advanced country, has become the leader in cyber terrorism efforts. These efforts combined with the country’s well stocked cyber and nuclear arsenals make them a huge threat in the event of a cyber-war. The North Korean cyber terrorism unit boasts around 3,000 hackers, all of whom are sent outside of the country for training and never send a cyber-attack within North Korean borders. As a result, their capabilities are not only strong but even more difficult than normal to trace back to the North Korean government. This also increases the uncertainty as to the level of damage an attack from the North Koreans could bring to a nation’s infrastructure.
It is evident that each of the above countries has the capability of producing crippling effects from a well-placed cyber-attack; however, would any of them want to risk the effects of cyber retaliation on their own infrastructures? This is only one of the many questions to be addressed in the talks between Presidents Obama and Xi Jinping in the coming months and the outcome cannot easily be predicted. Of what is known so far, corporate espionage will undoubtedly continue despite negotiations but avoiding critical infrastructure attacks is vital for all players involved. The US considers avoiding cyber-war a top national issue and would like to see it be addressed by the international community. As for the citizens of the countries involved, let’s hope it can be settled before any collateral damage ensues.