What's new

Cyber Weapons of Mass Destruction

The SC

ELITE MEMBER
Feb 13, 2012
21,228
19
22,365
Country
Canada
Location
Canada
Weapons, in their simplest form, could be considered as, “instruments of harm”.

The types of weapons and their range, lethality and precision have increased substantially with the advancement of technology and the need to obviate the perceived threat. The weapons thus have evolved with time. The time taken to translate the concept into a product/weapon has been reducing in consonance with the pace of development of technology and its engineering into production. Cyber weapons are also evolving just as the conventional weapons albeit at a much faster pace. In the cyber world, the technological advancements happen in days or even hours with the emergence of corresponding new threats. The most significant development has been the reach of cyber weapons in the real physical world as demonstrated by the Stuxnet attack on the Iranian Nuclear facility.

Cyber warfare is the use of technology to attack the computer and information networks of another nation and, in some case, it can cause harm comparable to actual warfare.

Cyber weapons can be classified according to the following four parameters:

(a) Precision – That is the capability to target only the specific objective and reduce collateral damages.
(b) Intrusion – the level of penetration inside the target.
(c) Visibility – the capability to remain undetected
(d) Ease of Implementation – a measure of the resources needed to develop the specific cyber weapon

Use of cyber weapons is complementary to conventional military strikes. It could be possible to:

(a) Support offensive operations by destroying enemy’s defence/critical infrastructure
(b) Probe the technological capabilities of the adversary by evaluating the ability of an agent to infect the enemy system.
(c) Cyber weapons are more efficient and less expensive.
(d) The attack is carried out at the speed of light.
(e) Cyber weapons are less noisy (stealth weapons) – no one wants to acknowledge the vulnerabilities of their system.
(f) Attribution is very difficult – the possibility to operate under cover makes cyber weapons very attractive.
(g) Cyber weapons are offence dominant and ideal weapons for asymmetric warfare – the warfare of 21st century
(h) Preparation phase of cyber weapons is easy to hide from prying eyes and development of cyber weapon is hard to identify.

Cyber Weapons – The New WMDs

Just as the industrial revolution brought about a fundamental change in warfare, the Information Age is ushering in a new, low cost option for strategic defence in the form of cyber warfare in general and cyber weapons in particular. These can now accomplish most of the strategic tasks that once required air superiority or nuclear capability. The situation is similar to the time when early nuclear theory wrestled with many of the similar issues that we now face in attempting to understand cyber weapons.

Some of the important issues are:

(a) The long range strike capabilities of cyber warfare have the potential to be extremely effective when employed as an anti-coercion weapon (power projection capability at minimal cost).
(b) A strong cyber capability is a deterrent force that will largely mitigate outside interference in domestic and regional affairs.
(c) Cyber weapons have the potential to become an equalising force because they require a fraction of investment compared to nuclear weapons or the strategic air power and yet would be able to execute most of similar missions and that too with limited or no collateral damage. While a cyber weapon can cause a total black out of the electric grid for the operationally desired duration, the same can be restored just by a click of a switch!
(d) Given the speed and precision with which a cyber attack can be carried out, these weapons can be used for anything from a warning shot to signal an adversary to a catastrophic strike that could cost trillions of dollars and an unspecified discomfort to the people.

The wide range of issues mentioned above make the cyber weapons unique. The fact that a cyber arsenal is also exceedingly cheap means that the available destructive capacity for poor and weak States vis-à-vis a developed and networked State is unprecedented. The ability to strike quickly and on such a scale with no possibility of retribution makes cyber weapons uniquely terrifying. A well executed cyber campaign coupled with careful public relations has the potential to traumatise a society in ways not seen after Hiroshima and Nagasaki. Cyber weapons are a cheap way to build a global strike capability against networked states.

Curtailing of inter-state coercion. Just like large and capable conventional forces, cyber weapons present a strong deterrent for a potential attacker. While very few countries have the capability of intervention at the regional or global levels, any country with a network connection may be able to launch an effective retaliatory strike. Consequently, interventionist foreign policies will become exceedingly expensive both in the material and human cost. The new dangers that the fifth domain of warfare creates will limit the behaviour of bigger nations. There is a school of thought that the Iraq war would have to be fought differently if Iraq had cyber weapons.



As governments and societies around the world become increasingly more dependent on computer systems, it means there is greater adoption of cyber capabilities. As these systems are in charge of everything from financial services to transport networks, it is much easier and simpler to target and disrupt these systems instead of using traditional military methods

Cyber warfare, in a marked difference to standard weapons of destruction, is much more covert and harder to trace. For example, elements like malware can lie in wait undetected in a system, slowly sending information to its creator or waiting in ambush for the right opportunity to unleash its destructive capabilities. For a lot of the time, no group comes forward to claim responsibility for these attacks so there is plenty of room for speculation around state-sponsored organisations.



There are a number of nations developing cyber weapons to use in future conflicts, including Russia and China. Other countries that are just as active include the US, France and Israel.

For example, Stuxnet was a joint venture between the US and Israel to destroy Iran's nuclear programme capability.

Other examples, Botnets that exist to launch distributed denial of service (DDoS) attacks can target critical services and cripple entities digitally, or may even serve as a diversion from other malicious cyber activities, such as attempts to infiltrate the network. Spear phishing and social engineering, too, are techniques also deployed in order to get cyber war closer to the targeted systems.



One useful example of how multiple layers of attack can be used to great effect is Stuxnet. An employee situated inside an Iranian nuclear power site inserted a USB stick embedded with the Stuxnet worm, either knowingly or unknowingly, into an air-gapped system. Exploiting multiple zero-day exploits, this malware searched for specific software running centrifuges, and commanded them to spin dangerously fast and then slow for a period of months without being detected. These centrifuges eventually broke and more than 1,000 machines were rendered useless.

While Stuxnet is one of the best examples of cyber warfare in action, there are other significant events that can be attributed to state-level attacks. There is a tactic also seen in state-sponsored cyber attacks, where countries claim an attack originates from "patriotic hackers" acting on their own terms without any persuasion or reward from the state.

Cyberwarfare has now leveled the playing field in industry, in government, and in national defense. Simply because it’s the cheapest, easiest, fastest and most effective form of warfare we’ve ever seen, and because cyberwarfare defenses are more vulnerable than they’ve ever been. A shadowy world that is still filled with spies, hackers and top secret digital weapons projects, cyberwarfare is an increasingly common, and dangerous feature of international conflicts. But right now the combination of an ongoing cyberwarfare arms race and a lack of clear rules governing online conflict means there is a real risk that incidents could rapidly escalate out of control.

https://home.sophos.com/en-us/medialibrary/Microsites/Home/Images/cyberwarfare.jpg


Just like normal warfare which can range from limited skirmishes to full-on battles, the impact of cyberwarfare will vary by target and severity. In many cases the computer systems are not the final target -- they are being targeted because of their role in managing real-world infrastructure like airports or power grids. Knock out the computers and you can shut down the airport or the power station as a result.

There are plenty of grim cyberwarfare scenarios available. Perhaps attackers start with the banks: one day your bank balance drops to zero and then suddenly leaps up, showing you've got millions in your account. Then stock prices start going crazy as hackers alter data flowing into the stock exchange. The next day the trains aren't running because the signalling stops working, and you can't drive anywhere because the traffic lights are all stuck on red, and the shops in big cities start running out of food. Pretty soon a country could be reduced to gridlock and chaos, even without the doomsday scenarios of hackers disabling power stations or opening dams.

A worst- case Cyberattack scenario sees attackers combining outright destructive attacks focused on critical infrastructure with data manipulation on a massive scale.

Cyberattacks on nuclear facilities could lead to severe consequences. Delayed or spoofed information transmitted to decisionmakers could lead to serious miscalculations. Errors in early warning systems or launch operations could lead to disastrous results during times of crisis, and the loss of confidential information could present opponents with dangerous opportunities to further compromise sensitive systems.



Governments are increasingly aware that modern societies are so reliant on computer systems to run everything from financial services to transport networks that using hackers armed with viruses or other tools to shut down those systems could be just as effective and damaging as traditional military campaign. But unlike traditional military attacks, a cyberattack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation. However, they also see the opportunity that cyberwarfare capabilities bring, offering a new way to exert influence on rival states without having to put soldiers at risk. The fear of being vulnerable to the cyberweapons of their rivals plus a desire to harness these tools to bolster their own standing in the world is leading many countries into a cyber arms race.



Why the who, what and how of cyberwarfare matters is because how these factors combine will help determine what kind of response a country can make to a cyberattack.

There is one key formal definition of cyberwarfare, which is a digital attack that is so serious it can be seen as the equivalent of a physical attack.

To reach this threshold, an attack on computer systems would have to lead to significant destruction or disruption, even loss of life. This is the significant threshold because under international law, countries are allowed to use force to defend themselves against an armed attack.

Although he legal status of cyberwarfare has been blurred because there is no international law that refers to cyberwar, since it is such a new concept. But this doesn't mean that cyberwarfare isn't covered by law, it's just that the relevant law is piecemeal, scattered, and often open to interpretation.

This lack of legal framework has resulted in a grey area that some states are very willing to exploit, using the opportunity to test out cyberwar techniques in the knowledge that other states are uncertain about how they could react under international law.

Pretty much every single nation with the money and the skills is investing in cyberwarfare and cyberdefence capabilities. More than 30 countries are developing offensive Cyberattack capabilities, although most of these government hacking programmes are shrouded in secrecy. This has lead to concerns that a secret cyber arms race has already begun.

There is a definite risk that we are at the early stages of a cyberwar arms race: as countries realise that having a cyberwarfare strategy is necessary they will increase spending and start to stockpile weapons, just like any other arms race. That means there could be more nations stockpiling zero-day attacks, which means more holes in software not being patched, which makes us all less secure. And countries with stockpiles of cyber weapons may mean cyber conflicts are able to escalate quicker. One of the big problems is that these programmes tend to be developed in secret with very little oversight and accountability.



Military systems are an obvious target: preventing commanders from communicating with their troops or seeing where the enemy is would give an attacker a major advantage.

However, because most developed economies rely on computerised systems for everything from power to food and transport, many governments are very worried that rival states may target critical national infrastructure. Supervisory control and data acquisition (SCADA) systems, or industrial control systems -- which run factories, power stations and other industrial processes -- are a big target, as Stuxnet showed.

Big industrial control systems or military networks are often considered the main targets in cyberwarfare but one consequence of the rise of the Internet of Things (IoT). Adversaries have capabilities to hold at risk critical infrastructure as well as the broader ecosystem of connected consumer and industrial devices known as the Internet of Things; Connected thermostats, cameras, and cookers could all be used either to spy on citizens of another country, or to cause havoc if they were hacked. Not all IoT devices are in homes; hospitals and factories and smart cities are now filled with sensors and other devices which means that the real-world impact of an IoT outage could be widely felt.

At a higher level, nations and groups of states are developing their own cyber defence strategies and plans which it will invoke if it faces a major, cross-border cyberattack, However, not all nations consider such planning to be a particularly high priority.

Just as nations attempt to deter rivals from attacking in conventional weapons, so countries are developing the concept of cyber deterrence to help to prevent digital attacks from occurring in the first place -- by making the cost of the attack too high for any potential assailant.

One way of doing that is securing and hardening their own computer systems so that is becomes very hard -- and very expensive -- for any attacker to find weaknesses. Thanks to the swiss-cheese nature of so many computer systems the attackers will still have the advantage here. The other option is to impose costs on the attackers through sanctions, criminal investigations or even the threat of striking back. although it seems that cyber deterrence is at best a work in progress.



Thereis a line between cyberwarfare and cyber espionage is a blurred one: certainly the behaviour necessary is similar for both -- sneaking into networks, looking for flaws in software -- but only the outcome is different; stealing rather than destroying. For defenders it's especially hard to tell the difference between an enemy probing a network looking for flaws to exploit and an enemy probing a network to find secrets.The aim of cyber espionage is to steal, not to do damage, but it's arguable that such attacks can also have a bigger impact. Still Infiltrations in critical infrastructure, can look like preparations for future attacks that could be intended to harm.

While Western strategists tend to see cyberwarfare and hybrid information warfare as separate entities, some analysts say the two are closely linked. So it is possible that Western military strategists have been planning for the wrong type of cyberwar as a result.

Some argue cyberwar will never take place; others argue cyberwar is taking place right now. The truth is of course somewhere in the middle.

Beyond the famous example of Stuxnet pure cyberwar operations will remain extremely rare, but already the concept has become absorbed into the broader set of military options that exist, just like other new technologies,

It's possible that cyber weapons may also become a more common feature of low intensity skirmishes between nations because they are capable of causing confusion and chaos but not (too) much damage. But it's unlikely that a war would ever be fought purely with digital weapons because they are too expensive and hard to control and of limited impact.

That doesn't mean cyberwarfare is irrelevant -- rather that some kind of cyberwarfare capability will be part of pretty much every military engagement from now on.



Source: compilation from different sources
 
Last edited:

Bilal9

ELITE MEMBER
Feb 4, 2014
15,994
1
25,027
Country
Bangladesh
Location
United States
North Korea and Iran are primary actors right now, and their skills and funding are on the upswing.
 

Stryker1982

SENIOR MEMBER
Oct 5, 2016
2,032
-2
3,154
Country
Canada
Location
Canada
Stuxnet was years long in the making to delay a program for a few months, overall a net negative in the aspect of time.

I suppose when cyber attacks are done to target physical infrastructure, their can be backups and replacements made to mitigate the effects, compared to the Solar winds hack or the Sony media hack.

You should elaborate on the Solar Winds hack, a company focused on protecting sensitive information is breached or University hacks that stole billions of dollars worth of research data. The damages cannot be repaired unlike infrastructure.

For some reason Russians are superb at this kind of stuff.
 

Qmjd

FULL MEMBER
Jun 21, 2020
294
-1
261
Country
Pakistan
Location
Pakistan
North Korea and Iran are primary actors right now, and their skills and funding are on the upswing.
These countries needs the most robust cyber technologies.
It's their weapon against the evils
 

jamahir

ELITE MEMBER
Jul 9, 2014
20,948
16
18,983
Country
India
Location
India
I had once read about a disgruntled former employee of an Australian municipal corporation who wrote a virus which rendered useless the town's waste water treatment plant.
 

jamahir

ELITE MEMBER
Jul 9, 2014
20,948
16
18,983
Country
India
Location
India
The anti-virus maker Kaspersky has launched its own OS called KasperskyOS. The user-base is meant to be industrial control systems and the like. I quote from this FAQ page :
Why would we need another Linux?

This is one of the most frequently asked questions. The answer is amazingly simple and straightforward: This is not Linux. It’s literally not Linux; there’s not a single string of Linux code in it. We designed the OS from scratch, for different applications and purposes.

What matters most for Linux, Windows, macOS and the like is compatibility and universality. The developers do their utmost to popularize their solutions by oversimplifying app development and toolsets. But when it comes to our target audiences (hardware developers, SCADA systems, IoT, etc.), this approach is a no-go: What matters most here is security.

In order to create a secure environment, we need to enable global Default Deny at the process level and wrap it into a microkernel. In simple words, it’s a system that does what it’s instructed to and is unable to do anything else. With traditional operating systems, that’s impossible.

However, it’s possible to build security mechanisms into an already functional system. In essence, that’s our core business. What we do is enough for many applications. However, with some applications, even the smallest risk of a cyberattack is a disaster. When security has to be guaranteed, we have to build something new. Something that is secure by design.
 

Vapour

FULL MEMBER
Jul 2, 2020
828
2
1,104
Country
Pakistan
Location
United Kingdom
Pakistan is very vulnerable to cyber-warfare. In this regard, simply being able to retaliate isn't enough, sufficient safeguards are required for defence, which may not presently be in place.
 

Bilal9

ELITE MEMBER
Feb 4, 2014
15,994
1
25,027
Country
Bangladesh
Location
United States
Yes true.. but the main players for now are China, Russia, the US and Usrael..
Not talking about skill or scale of operations.

I meant the "up and coming" players and the most active. Iranian activity on behalf of the revolutionary guards is expanding. There was Operation Cleaver a few years ago which expanded the game. You can review the last news link below for an executive review and the link for the actual report is here.

Iranian hackers also targeted critical infra in Pakistan. Targets included telecommunications firms, airlines, airports, government agencies etc. Compromises targeted included via SQL injection, spear-phishing and various types of web attacks.



Pakistan is very vulnerable to cyber-warfare. In this regard, simply being able to retaliate isn't enough, sufficient safeguards are required for defence, which may not presently be in place.
It's not just Pakistan, all countries in the subcontinent are, though, I suspect some Indian organizations may be somewhat better protected due to requirements placed upon them by Western customers.

But general understanding and awareness about hacks is near zero pretty much.
 

Vapour

FULL MEMBER
Jul 2, 2020
828
2
1,104
Country
Pakistan
Location
United Kingdom
It's not just Pakistan, all countries in the subcontinent are, though, I suspect some Indian organizations may be somewhat better protected due to requirements placed upon them by Western customers.

But general understanding and awareness about hacks is near zero pretty much.
I was speaking wrt to defence, so military installations and other critical infra, but yes the civilian side is woefully inept in terms of cybersecurity, hence why we hear of regular data breaches.
 

Bilal9

ELITE MEMBER
Feb 4, 2014
15,994
1
25,027
Country
Bangladesh
Location
United States
The anti-virus maker Kaspersky has launched its own OS called KasperskyOS. The user-base is meant to be industrial control systems and the like. I quote from this FAQ page :
Anything made by Kaspersky is banned for use in US Govt. agencies and installations (especially anti-virus product).

Kaspersky is controlled by Russian govt. and their feeds are monitored and "mined" by Moscow.
 

jamahir

ELITE MEMBER
Jul 9, 2014
20,948
16
18,983
Country
India
Location
India
Anything made by Kaspersky is banned for use in US Govt. agencies and installations (especially anti-virus product).
I didn't know that.

Kaspersky is controlled by Russian govt. and their feeds are monitored and "mined" by Moscow.
The KasperskyOS pages indicate two things :

1. The customers are given the kernel's source code which being small ( a few thousand lines ) and being a microkernel presents no potential security threat.

2. The kernel does not transmit any information of the KOS's application machine ( router, pump etc ).
 
Last edited:

Users Who Are Viewing This Thread (Total: 1, Members: 0, Guests: 1)


Top Bottom