UPSC CSE -SYLLABUS:GENERAL STUDIES-3-Challenges to internal security through communication networks, role of media and social networking sites in internal security challenges, basics of cyber security; money-laundering and its prevention
Cyberwarfare – A Growing Threat
- Cyberwarfare is a strategic competition conducted between adversaries in cyberspace.
- It allows countries to conduct covert operationson a large scale, cheaply, and anonymously.
- These latter three attributes are particularly important to understand.
- Cyberwarfare is broad because it can occur in at least five different spaces — economic, societal, cultural/intellectual, military, and political.
Economically, in the US, 85% of cyberattack targets are in the private sector — small banks, for example, can face over 10,000 attacks per day.
US government agencies recently released a joint advisory warning that BeagleBoyz, a North Korean hacking group, has once again started robbing banks worldwide, including in India, through remote internet access to fund Kim Jong-Un’s cash-strapped regime.
Societally, sowing disinformation through social media disinformation is also cyberwarfare.
Russia has been particularly savvy in this field but recently, China has stepped up its game.
Intellectual property (IP) rights are another avenue of strategic competition — in 2014, the US justice department indicted five Chinese military hackers and accused them of stealing secrets from US Steel, JP Morgan, Alcoa, Westinghouse Electrical Co., SolarWorld and United Steelworkers.
Military cyberattacks are perhaps the most associated with cyberwarfare — the “Sandworm Team”, a group associated with Russian intelligence, has conducted attacks on government sectors in the US, Ukraine, Poland, and on the European Union and NATO.
Cheap and anonymity:
Cyberwarfare is both cheap and anonymous because,
- The internet is today an essential critical infrastructure.
- Any country that is heavily reliant on it is at a relative disadvantage — the threats range from IP theft, to small businesses, to elections, to even the electricity grid.
- And it is exceedingly cheap – training videos are easily available online so all that is needed is a motivated group of people with an inexpensive laptop and an internet connection.
- A well-documented and game-changing cyberattack occurred in 2010 when a malware “Stuxnet” was released that was designed to damage Iran’s nuclear capability by making Iranian scientists and government think there were a series of internal engineering mishaps at their enrichment facility.
- It was a clever and sophisticated attack.
- Stuxnet was reported to be a result of US-Israeli collaboration and showed that governments can use malware to achieve covert intelligence objectives.
- Malware is often simple, low-cost and difficult to trace.
- A lot of malware, for example, is manufactured in China, and there is reported collaboration between the People’s Liberation Army (PLA) and Chinese universities to train hackers.
- But when a cyberattack is actually launched by either the government or individual, there is often no real consequence because of the anonymity it offers.
- The US recently released a report from its Commission on Cybersecurity with recommendations to shore up defences.
- One of the most important recommendations is to build relationships of trust between the government and private sector.
- In addition, governments must maintain priority investments in technology, science, and research and development (R&D) in the cyber sector.
- Innovation is of paramount importance given the increasing complexity and sophistication of the attacks — the US has been investing heavily in new Artificial Intelligence (AI) technologies to be able to automatically identify cyber threats and also launch cyberattacks against adversaries.
- India activated a Defence Cyber Agency last year. But much more needs to be done.
POSSIBLE UPSC MAINS EXAMINATION: