Rodrigo Duarte Favarini Silva
EC-Council University
ECCU 516 – The Hacker Mind: Profiling the IT Criminal!
Information warfare: Agents, attack and defence.
The internet-enabled people to receive information in real-time. The interconnection of systems allowed algorithms to be remotely controlled and to make autonomous decisions. All this progress has brought benefits, but also dangerous agents that saw in cyberspace a practical, inexpensive and anonymous way to reach their opponents (Vacca, 2009).
Information warfare (IW) is characterized by the search for destabilization, exploitation, corruption and destruction of information systems controlled by the adversary. Thornton (2007) defines IW as “actions taken in support of objectives that influence decision-makers by affecting the information and information systems of others while protecting your information and/or information systems.”. Bosworth et al. (2014) explain that “e-warfare” and “cyberwar” are different names used to make reference to IW, and cites the main cyberwar agents:
- Nation-States: Nations that have an interest in performing military or espionage operations through computerized or network systems. We have as example countries like the US, China and Russia that maintain agencies and military-trained armies for cyberwar operations.
- Cyber terrorists: People engaged in cyber-terrorism conducting acts of violence, disruption or interference against informational systems.
- Corporations: In search of competitive advantages, corporations can perform acts or hire hackers to conduct denial of service, data theft, cyber-espionage or malware operations specially designed for their competitors.
Shakarian, Shakarian and Ruef (2013) exemplify historical attacks made by Information Warfare agents:
- In 2009, security researchers discovered that many Tibetan Government-in-Exile computer systems were hacked into and monitored (likely by the Chinese government) (Shakarian, Shakarian & Ruef, 2013, p. 3).
- In 2010, the Stuxnet worm was discovered. The Iranian government later made statements indicating that the worm had infected and caused damage to its Uranium Enrichment Facilities (Shakarian, Shakarian & Ruef, 2013, p. 3).
- In 2010–2011, hacktivists from the group Anonymous played a significant role in conducting DDoS attacks against government computers (Shakarian, Shakarian & Ruef, 2013, p. 3).
Those attacks used technological weapons to disrupt services or espionage for data collection. A cyber weapon is a computer code design to be used to cause physical, functional or structural damage to systems or harm living beings (Rid, T., & McBurney, 2012). Those weapons can trigger attacks such DoS (Denial of Service) or its most destructive form Distributed Denial of Service (DDoS); can be inserted into legitimate codes becoming Logic Bombs; or viruses released into the network to infiltrate systems causing unwanted behaviour to systems or just spying on your target (Bosworth, Kabay, & Whyne, 2014).
As a defence of the IW cyberattacks, Bosworth et al. (2014) comment that actions must be taken together to prevent and decrease the damage. Even not useful at the moment, due to the absence of international treaties, legal defences can be used in a country that condemns cyberattacks. Technical defences are the primary forms of protection of information systems and are essential in the detection, control, and recovery of attacks. Cooperative efforts between nations emerge as a healthy way of reducing the use of cyberweapons and, as in traditional wars, the pacification of cyberspace.
References
Bosworth, S., Kabay, M. E., & Whyne, E. (2014). Computer security handbook. Hoboken, NJ: John Wiley & Sons.
Rid, T., & McBurney, P. (2012). Cyber-Weapons. The RUSI Journal, 157(1), 6–13. DOI:10.1080/03071847.2012.664354
Shakarian, Paulo & Shakarian, Jana & Ruef, Andrew. (2013). Introduction to cyber-warfare: a multidisciplinary approach. Books24x7.
Thornton, R. (2008). Cambridge: UK. Polity Press.
Vacca, John R. (2009). Computer and information security handbook. Books24x7.