Internet privacy and security course
Aa font
AA font size
About translation
Previous Next
Cyber-warfare, cyber diversions and cyber terrorism

Chapter 13

Cyber-warfare, cyber diversions and cyber terrorism

Cyber-warfare and cyber diversions

Many people still dismiss cyberwarfare as a subject of science fiction or a figment of imagination while being unaware of what this word actually means. But cyber-warfare is not a fevered fantasy, this is a reality we will all have to live in, and the better you understand what cyber-warfare is and how it is waged, the better you are equipped for it.

Using a cyber weapon, one can cause nuclear accidents, disrupt all kinds of communications including cellular and satellite connection, paralyze traffic, electricity supply… and yes, this is not a joke.

“I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.”
Albert Einstein

There is a common misconception that attacks on websites, virus development and information attacks are what cyber-warfare is about and therefore it shouldn’t be seen as a serious threat. The abovementioned is not cyber-warfare yet. However, when the nearest nuclear station has a leak and some radioactive material gets discharged into the air, the cellular service and electricity supply is disrupted this is what real cyber-warfare is about.

We admire computerization that has occurred across the board, often missing one simple truth: while offering ample opportunity, it entails serious threats. This is perfectly understood by the cyber armies of different countries.

According to the news reports, in 2012 the U.S. intensified its investments in the development of attacking malicious software. In 2014 Russian Defense Minister Sergey Shoygu signed the order to set up a cyber-warfare division unit under the General Staff of the Russian Federation, followed later by the establishment of a cyber army. Similar cyber-warfare units exist in many countries, with the most cutting-edge ones in Russia, U.S., China, Israel, North Korea and Great Britain.

The activity of a cyber army involves three key components:

  • Protection
  • Intelligence
  • Attack

A perfect example would be a hacking into Huawei Technologies servers, a Chinese networking and telecommunications equipment and services company, by the U.S. National Security Agency, rleaked by Edward Snowden. This cyber espionage allowed the U.S. to organize the total surveillance of the citizens in China and other countries the equipment was shipped to (including Iran, Pakistan, Cuba).

It’s a bit harder to give an obvious example of cyber protection as it usually comes down to putting comprehensive preventive measures in place. For instance, a model of isolated Internet has been set up in Russia over the past years. It is usually presented to the society as a solution in the event of Russia becoming disconnected from the international Internet network. But it can also be used for isolation in case of consistent cyber-attacks.

Attack includes offensive action either using malicious software or doing without it. A clear example of attacking software would be Stuxnet, the malicious worm capable of physically damaging the critical infrastructure of nuclear sites. Stuxnet was used to sabotage and decommission the centrifuges at the Natanz uranium encrichment plant (Iran) setting back the Iranian nuclear program by two years. Allegedly, Stuxnet was designed by the intelligence services of U.S. and Israel.

Do you know how this type of attack was made possible? An unwitting Siemens employee stuck an infected USB flash drive in his machine. A blatant violation of security rules which Siemens actually confirmed to be their employee’s oversight.

Let me share another example of cyber diversion. In December 2015 the BlackEnergy trojan was used in a power grid attack on Ukraine’s energy suppliers