Internet privacy and security course
About translation
Previous Next
Cyber-warfare, cyber diversions and cyber terrorism

Chapter 9

Cyber-warfare, cyber diversions and cyber terrorism

Cyber-warfare and cyber diversions

Many people still dismiss cyberwarfare as a subject of science fiction or a figment of imagination while being unaware of what this word actually means. But cyber-warfare is not a fevered fantasy, this is a reality we will all have to live in, and the better you understand what cyber-warfare is and how it is waged, the better you are equipped for it.

Using a cyber weapon, one can cause nuclear accidents, disrupt all kinds of communications including cellular and satellite connection, paralyze traffic, electricity supply… and yes, this is not a joke.

“I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.”
Albert Einstein

There is a common misconception that attacks on websites, virus development and information attacks are what cyber-warfare is about and therefore it shouldn’t be seen as a serious threat. The abovementioned is not cyber-warfare yet. However, when the nearest nuclear station has a leak and some radioactive material gets discharged into the air, the cellular service and electricity supply is disrupted this is what real cyber-warfare is about.

We admire computerization that has occurred across the board, often missing one simple truth: while offering ample opportunity, it entails serious threats. This is perfectly understood by the cyber armies of different countries.

According to the news reports, in 2012 the U.S. intensified its investments in the development of attacking malicious software. In 2014 Russian Defense Minister Sergey Shoygu signed the order to set up a cyber-warfare division unit under the General Staff of the Russian Federation, followed later by the establishment of a cyber army. Similar cyber-warfare units exist in many countries, with the most cutting-edge ones in Russia, U.S., China, Israel, North Korea and Great Britain.

The activity of a cyber army involves three key components:

  • Protection
  • Intelligence
  • Attack

A perfect example would be a hacking into Huawei Technologies servers, a Chinese networking and telecommunications equipment and services company, by the U.S. National Security Agency, leaked by Edward Snowden. This cyber espionage allowed the U.S. to organize the total surveillance of the citizens in China and other countries the equipment was shipped to (including Iran, Pakistan, Cuba).

It’s a bit harder to give an obvious example of cyber protection as it usually comes down to putting comprehensive preventive measures in place. For instance, a model of isolated Internet has been set up in Russia over the past years. It is usually presented to the society as a solution in the event of Russia becoming disconnected from the international Internet network. But it can also be used for isolation in case of consistent cyber-attacks.

Attack includes offensive action either using malicious software or doing without it. A clear example of attacking software would be Stuxnet, the malicious worm capable of physically damaging the critical infrastructure of nuclear sites. Stuxnet was used to sabotage and decommission the centrifuges at the Natanz uranium encrichment plant (Iran) setting back the Iranian nuclear program by two years. Allegedly, Stuxnet was designed by the intelligence services of U.S. and Israel.

Do you know how this type of attack was made possible? An unwitting Siemens employee stuck an infected USB flash drive in his machine. A blatant violation of security rules which Siemens actually confirmed to be their employee’s oversight.

Let me share another example of cyber diversion. In December 2015 the BlackEnergy trojan was used in a power grid attack on Ukraine’s energy suppliers “Prikarpatyeenergo” and “Kievoblenergo”, and over 80 thousand Ukrainians were cut off from power supply for several hours as a result. The attackers demonstrated a high level of coordination, extensive expertise and technical equipment, it was a consummately professional government-level cyber diversion. By the way, the infection was propagated by an email that contained the compromised document accessed on the computer of a corporate network.

One can infer from the examples above that usually (though not always) attacks are performed using simple and straightforward methods, and that they can be prevented with mere vigilance. The BlackEnergy trojan was carried in a document sent by email, Stuxnet – through a USB flash drive stuck into a workstation, it was no rocket science.

This course won’t teach you how to guard against cyber-warfare threats since as you have probably seen for yourself, this is a task executed at the government and intelligence services’ level. But we can tell you how to help your country become better protected.

First of all, you have to understand your role in cyber-warfare. You will most likely be used as a tool for spreading malware, just as in the example with the Siemens employee.

On the big screen an attack on some significant sites is performed through a network scan, search for vulnerabilities and subsequent hacking. However, in practice the majority of key systems are isolated. An isolated system doesn’t have access to the Internet and it is impossible to attack it from there, often the physical access to it is protected by the security service, but as any system out there it is composed of devices that tend to require replacement or repairs from time to time.

For instance, malicious software can be installed during the development/supply process. Suppose, a nuclear power plant requires a replacement of some component. Is it possible that the new device will arrive with the malware that has already been installed?

To accomplish that, an attacker needs to know when and what components are subject to replacement, where they are developed, gain access to the development process, model an attack and then execute it. All these steps require quality intelligence and follow-through.

Suppose, there is an employee named Andrew working at a grocery warehouse. Of course, Andrew thinks that an intelligence agency won’t take an interest in him because he’s just not that significant. But Andrew’s former classmate named Seth is working as a security guard for the head of the organization that manufactures the components for the nuclear power plant. You have probably already guessed that Andrew will become one of the key links toward the final goal – the delivery of the infected equipment to the nuclear power plant.

So the majority of common people will be used as sources of information and attack. This is how the Siemens employee became a source of attack having stuck his USB flash drive into his workstation and dealt a devastating blow against the Iranian nuclear program. You can become such an unwitting employee or a person who will be used to gain access to such employee.

 Therefore organizing your privacy and security is the key to comprehensive protection against cyber-warfare threats. This course will show you how to do it for yourself.

Cyber terrorism

Let’s shed some light on cyber terrorism. Cyber terrorism means the use of computer technologies to conduct violent acts (not terrorist acts on the Internet, as some would think).

As a rule, terrorist organizations the likes of Al-Qaeda or ISIS see the Internet as the place for their propagation of ideas, recruitment of new members and as a communication tool. Since the time the term “cyber terrorism” was coined, and it dates back to the 1980s of the last century, the world hasn’t witnessed any serious cyber terrorist attack.

According to the news reports, ISIS is investing a lot of effort into developing cyber terrorism, and the IT squad of the Khilafat is ready to bring terror to the world though their attempts look feeble. Have you heard about some high-profile terrorist acts by ISIS that used IT? I personally haven’t.

The main reason for it is the insufficient level of expertise possessed by the specialists involved with terrorist organizations. It is easier for them to set up a bomb and use it to blow a plane rather than hack into the security system of this plane and cause a catastrophe.

Yes, they succeeded in breaking into some websites, for instance, the Prince Albert Police Service (Canada) website. The majority of the attacks were performed by Muslim hackers who aren’t directly linked with terrorism and ISIS. The attacks didn’t carry any serious consequences, usually the hackers left messages, mainly anti-Israel or supporting ISIS, and failed to reach any sensitive police information.

 The lack of cyber terrorist acts doesn’t mean there is no risk of them occurring. A Department of Homeland Security official admitted at the CyberStat Summit that the agency’s team succeeded in remotely hacking into a Boeing 757 during a test. The alarming thing is that it wasn’t just a regular lab test, but a real aircraft parked at Atlantic City airport. The tragedy didn’t happen because the hack was executed by the agency’s security experts, not the real terrorists and hackers.

The attack doesn’t allow to hijack a plane by taking over its control system as it is usually shown in movies. But it allows to organize a plane crash during take-off. Unfortunately, this is not a joke and idle speculation.

Think about it, your car can be cyberjacked. The car industry is heading toward a fully driverless future where modern vehicles are completely autonomous to help a human driver. And, unfortunately, they can be hacked into.

Imagine the following situation: a rich businessman leaves his home, gets into his car and drives to work. A hacker-killer breaches the autopilot system and manipulates the controls to have the car collide head-on with a large 18-wheeler tractor trailer truck. Do you think this is a pure fantasy?

Unfortunately, car hacks is a reality. Don’t be deluded that this danger threatens only the latest cutting-edge models the likes of Tesla. In 2015 Fiat Chrysler recalled 1.4m Jeep, Dodge, Chrysler and Ram vehicles to close the loophole in the company's system all the cars were fitted with. By exploiting the vulnerability, the hackers bypassed the uConnect’s security layers and were able to remotely control the car. A pair of two cybersecurity researchers demonstrated how the controls of a Jeep Cherokee 2014 could be easily compromised to send it careering into a ditch.

Here’s a video to demonstrate the point:

Previous
11194
Next