Land, air and sea, those are the three traditional dimensions a war is fought on, but at the turn of the 21st century, with the invention of the Internet and the ever-increasing connectivity of our physical world, a fourth dimension has appeared: cyberspace. Actors in this new field can be regrouped essentially in three categories according to their motives; hackers, hacktivists and nation states. Hackers usually hack for profit, they exploit software vulnerabilities in order to get access to credit card information for example. On the contrary, hacktivists are not motivated by the monetary gains but by pushing a political message. Those two types of actors aren’t as threatening because they usually involve a very limited amount of resources and therefore cannot do much damage. This statement is sadly not true anymore for nation states, the third category that penetrate systems to gather large swaths of intelligence or inflict real world damage with their computer viruses.
Last week, Symantec (a leading antivirus software company) revealed that they had identified multiple attacks on governments, scientific institutions and private companies in Belgium, Luxembourg, Vietnam and Hong Kong and attributed those attacks to Chinese intelligence agents (aka the Buckeye Group). While the simple fact that such attacks happen is not quite newsworthy, the method is. Indeed, the attacks were performed using tools the National Security Agency (aka the Equation Group) developed and used against Chinese networks. Researchers at Symantec believe that by analyzing network traffic, the Buckeye group was able to replicate parts of the attack code and repurpose them to attack western targets.
This incident raises two questions. Why are governments building cyberweapons and exploiting zero-day vulnerabilities instead of reporting them and making the internet a safer place? And how will this affect our world in the future?
Why are governments building cyberweapons instead of making the internet a safer place ?
“It (Cyberweapons) is another kind of weapon. It is for unlimited range in a very high speed and in a very low signature. This gives you a huge opportunity. The superpowers have to change the way they think about warfare”
Maj. Gen. Amos Yadlin, Head of Israeli Defense Intelligence (2006-2010)
This quote gives us some parts of the answer to the question as it points out three key characteristics of cyberweapons; unlimited range, high speed and low signature. No other conventional weapon possesses those advantages. Bullets and shells can be traced, and they must be fired by personnel on the ground while cyberweapons can inflict real-world damage in an instant without exposing its operators to a risk. Governments with cyber-capabilities have therefore an interest to militarize this fourth dimension in order to conduct entirely deniable operations in peacetime just like the attacks reported by Symantec a week ago.
How will this affect our world in the future?
Gen. Michael Hayden, NSA director (1999-2005) & CIA director (2005-2009)
The future looks grim. When the Stuxnet virus hit the uranium enrichment plants in Natanz (Iran) in 2010, security experts were astonished by the complexity of the virus. It was the first time that a computer virus was used by a government to inflict real world damage. This example and the one reported by Symantec last week show us that we will need to include cyberthreats in the security debate. Just imagine the physical consequences if the targets had been nuclear reactors, power stations, telco’s, ISP’s or even water distribution networks.
To sum it up, cyberwarfare, the fourth dimension of war, is on its rise and will likely continue to play an important role in the twenty-first century. Attacks will happen even in peace time and the importance of the targets will very likely increase over time. We, as a society need to realize the implications of this novel dimension and grasp the potential destruction it could generate. While the first response might seem to create technical units focusing on cyberthreats, ultimately the need of global legal framework on cyberspace will trump it as our world becomes more and more interconnected.
- Chinese repurposement of American cyber weapons:
- “Zero Days” documentary, Alex Gibney : https://www.youtube.com/watch?v=C8lj45IL5J4
- The Black Budget: Washington Post Article : https://www.washingtonpost.com/wp-srv/special/national/black-budget/?
- Michael Hayden conference : https://www.c-span.org/video/?314419-1/electric-grid-cybersecurity-michael-hayden-industry-perspectives
- Swiss Cyber Defense unit : https://www.vtg.admin.ch/fr/actualite/themes/cyberdefence.html
- Gen. Amos Yatlin image: Taken by Halifax International Security Forum https://www.flickr.com/photos/halifaxtheforum/
- Gen. Michael Hayden image; Taken by Gage Skidmore https://www.flickr.com/photos/gageskidmore/
- 1. While being mostly classified, budgets of the largest cyber-powers range in the billions of dollars per year. Leaked documents show a budget of 52.6 Billion dollars in 2013 for major US Intelligence Agencies. https://www.washingtonpost.com/wp-srv/special/national/black-budget/? ↑
- 2. Source : https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit ↑
- 3. Zero day are vulnerabilities that haven’t been reported yet to software companies and therefore haven’t been patched. ↑
- 4. Source : Interview of Maj. Gen. Yadlin on the documentary « Zero Days » (51:01), Trailer; https://www.youtube.com/watch?v=C8lj45IL5J4 ↑
- 5. The Stuxnet virus hit the Iranian uranium enrichment plants and destroyed the centrifuges in 2010. More information on https://en.wikipedia.org/wiki/Stuxnet ↑
- 6. Source : https://www.c-span.org/video/?314419-1/electric-grid-cybersecurity-michael-hayden-industry-perspectives (38:25) ↑
- 7. Just like Switzerland did a few months ago with the creation of the Cyber Defense unit in the military. https://www.vtg.admin.ch/fr/actualite/themes/cyberdefence.html ↑