A NEW KIND OF SECURITY THREAT

A new kind of warfare, cyber warfare, is a true threat to security – not just for governments, but also for businesses and individuals.

Khatuna Mshvidobadze

Just about everyone has received one of those bogus e-mails that appear to come from a friend in trouble in, say, London—please send me $2,000!  The clumsy handiwork of petty cyber-swindlers is easy to spot, but more creative cyber-crimes against individuals, businesses and governments are perpetrated every day. And cyber-war is already a threat against which national security experts must plan.

In August 2008, Russia’s invading Soviet vintage tanks were backed by a 21st century cyber attack on Georgia.  Maintaining our security and stability suddenly became more complex than fending off the tanks and fighter jets of our gigantic neighbor.  Cyber-attacks can be the equivalent of special operations or air strikes against critical infrastructure.

Khatuna Mshvidobadze Senior Associate at the Georgian Security Analysis Center, Tbilisi.

In contrast to the time and money required to train and equip spetsnaz or air forces, high-tech and online skills are now up for sale to malevolent governments, organized crime and terrorist organizations.  Such skills can be used to destabilize a country’s economy and degrade its critical infrastructure.  Operating along the seam between crime and war, cyber-criminals have sparked a debate among experts about whether cyber-attacks should be treated as criminal acts or acts of war.

However, these are not the clowns who hijack your friend’s electronic address list to look for someone dumb enough to send them $2,000 or even more intelligent hackers seeking to vandalize your PC or steal money from your bank account.   They are sophisticated criminals operating networks that can threaten global security and stability.  Moreover, some states not only tolerate them but hire them.  A stark reality emerged from Russia’s August 2008 war on Georgia.  After a year of study, the U.S. Cyber Consequences Unit (USCCU), an independent research institute, concluded that cyber attacks were an integral part of Russia’s armed attack on Georgia.

Most of the attacks were of a type called Distributed Denial of Service attacks—DDOS.  Cyber criminals take over bits of perhaps thousands of privately owned computers and lash them together into so-called botnets that then blast information at a target, rendering it unable to perform its intended service.

Such an attack requires advance mapping, testing, registering new domains and creating dedicated websites.  However, the USCCU analysis indicated that all the necessary preparatory work had been accomplished before the war—the cyber-war coordinators were fully aware of the impending attack upon Georgia and its timing.  Most of the botnets used against Georgia had already been used for criminal activities. There were strong implications that the Russian government was in cahoots with Russian organized crime.  Amateur hackers were also recruited through social networks to augment the attacks, according to the report.  

The cyber-attacks disrupted the Georgian government’s information and communication efforts, financial transactions, Internet and cellular telephone connections for several days.

Georgia has not been the only victim of a cyber-attack.  In 2007, Estonia was attacked after its government decided to relocate a Soviet war memorial away from the Tallinn city center.  And there are many indications that we are on the cusp of a new, multifaceted trend.

Recently the giant American Internet company Google sparked an international incident when it threatened to leave China.  Google is irked by what it says are Chinese government efforts to hack personal email accounts in order to spy on political dissidents.  This came on the heels of 2009 allegations that the Chinese government blocked social networking and other Internet services such as Twitter, Facebook and YouTube to preclude their use as forums to protest government policies and actions.  US Secretary of State Hillary Clinton called upon China to conduct a transparent investigation into Google’s allegations.

And China is regularly accused of cyber espionage against American businesses and government.  “This is a big espionage program aimed at getting high-tech information and politically sensitive information—the high-tech information to jump-start China’s economy and the political information to ensure the survival of the regime,” said James A. Lewis, a cyber and national security expert at the Center for Strategic and International Studies in Washington.  European countries have also complained.

As with any major new technology, the Internet has brought good and bad.  Now the international community—or portions of it, at least—is seeking effective ways to counter cyber attacks and to define the border between crime and war.  What are the most effective technical, legal and political strategies against these threats?  For example, at what point, if any, should NATO consider a cyber attack to be an armed attack for the purpose of collective defense?

Dealing with this problem will require each country to become cyber-security conscious—and active.  However, it will also require close international cooperation because cyber-crime and cyber-war are hard to identify and locate.

Moreover, businesses must be thoroughly involved in new security efforts.  A company such as Google can be dragged into what was once the realm of police, intelligence agencies and foreign embassies.  Or, as was the case in Georgia in August 2008, an attack against our country by a foreign power was actually carried out against Georgian banks and telecommunications companies, making them incidental victims.  Any business with systems conected to the Internet could become a victim of the cyber attack. Of course, businesses must take steps to protect themselves, but in the 21st century, they will have a growing interest to cooperate with other businesses, governments and international organizations.

[top]