The Looming Threat of Cyberwarfare
Updated: Jul 31
President Barack Obama officially became the first US cyberwarfare president by stating “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.” There are many real examples in the world that emphasize the importance of cyberwarfare and how dangerous it can be in the wrong hands.
U.S. government security expert Richard A. Clarke, in his book Cyber War (May 2010), defines "cyberwarfare" as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption." United States spent millions of dollars to build up the greatest military force in the world, however, cyberwarfare became the biggest threat to national security in these days. Cyberwarfare is more complex than conventional warfare. In a conventional warfare, the enemy is known and their capabilities and abilities are almost apparent. When it comes to the cyberwarfare, things are not as clear as in the conventional warfare. It is often difficult to tell who is responsible from the cyber-attacks in the first place. Moreover, cyber-terrorists or criminal groups do not need to have advanced military units. They are able to attack not only to a military, but also a country’s power grids, financial systems, and communications network wherever and whenever they want to. That’s why, nations and companies must constantly be on the alert for malware and other new technologies that could be used against them, and some of these technologies developed by skilled hacker groups are for sale to interested parties.
The scale and speed of cyber-attacks has escalated in all around the world. Although the governments and companies have started to realize the danger, their effort is not capable of preventing the cyber-attacks so far. The research firm Gartner projects that the world will spend $79.9 billion on information security in 2015, with the figure rising to $101 billion in 2018—and that still won’t be enough. There is a plethora of examples that unveil the inadequacy of the efforts the governments and companies. According to the business problem-solving case in the book Essentials of MIS, titled as ‘The Looming Threat of Cyberwarfare’, “In August 2012, the Shamoon virus infected 30,000 machines at Saudi Arabian oil company called Aramco. It destroyed workstations by overwriting the master boot record (MBR), which stores key information about a hard disk drive to help a computer system start up, deleted data on servers, and overwrote certain files with an image of a burning American flag.”
Actions by groups possibly sponsored by nations are another source of concern. For instance, the Stuxnet worm was discovered in June 2010, was accepted as a secret joint United States-Israel operation. The worm designed to get into a certain component’s software that controls centrifuges and made a tiny change in the code. This change was almost unrecognizable and as a result, delayed Iran’s ability to make nuclear arms by as much as five years. It would be naive to believe that this attack was developed by a single hacker group or organization. Inasmuch as, a certain group or organization could not have the required resources and knowledge. In addition to that, some certain groups from China, believed to supported by the Chinese government, attack large organizations especially in United States to steal the R&D data and successful at imitating the products with low costs.
It is extremely important to preclude these cyber-attacks in order to avoid serious harms. This problem might be assessed in three main factors; people, organization, and technology. First of all, there are lots of highly skilled cybercriminals who want to benefit from the information that they gather from different parties or harm they cause. Additionally, users of targeted systems are still too careless about cyber-security and don’t make enough effort to help protect sensitive systems.
Not only people are causing these problems, but also organizations and managements are responsible. For instance, Obama was about to sign the Improving Critical Infrastructure Cybersecurity executive order, however, congress in 2012 had failed to pass two cyber security bills, due to the fact that, worries about stepping-up the security costs. Therefore, cybersecurity standards are likely be insufficient to defend against attacks most of the time.
Although U.S government is currently in the leading position of cyberwarfare technologies, it takes much effort to maintain technological dominance since mounting these types of attacks are possible with low cost technologies. Every device that connected to the Internet is vulnerable to malicious software and penetration from outsiders. Moreover, tracing identities of the hackers or attackers is a very difficult task and even if they are identified, suspected attacker can easily deny the crime.
Although governments and corporations try to take precautions against the cyber-attacks, it is clear that they need to do more than that. However, they are now more dedicated to identify the perpetrators and they want, also as Barack Obama mentioned in his speech ‘Obama Pushes Cybersecurity Legislation’, cyber criminals to feel the full force of justice because they are doing as much damage as people involved in conventional crime. I believe that, with the help of the increased consciousness of the dignity of these cyber-attacks, the solutions will be more effective in the future, due to the fact that, these activities are eventually harmful for all parties.
In conclusion, cyberwarfare is a very serious problem and more complex than a conventional warfare. Perpetrators execute unprecedented attacks to governments and corporates in order to steal some information or cause harm. It is believed that, sometimes nations are supporting these perpetrators and attempt espionage to achieve their goals. There are many examples that indicate how effective these attacks can be. Therefore, people, organizations, and most importantly nations should take precautions and be aware of the threats. Otherwise, the ‘cyber-games’ between the nations and organizations can cause more harmful results.