- Chinese and Russian infiltration of the US electricity grid
- In 2009, the U.S oil companies Marathon Oil, ExxonMobil and ConocoPhillips were the targets of cyber attacks. Data was leaked as a result of cyber espionage, and the perpetrators could have been Chinese hackers.
- In February 2010, the European Union’s Emissions Trading Scheme (ETS) was the victim of fraudulent cyber attacks. The registries in 13 European countries were forced to close.
- According to a recent survey by McAfee, “the most victimized sector was oil and gas, where two thirds of executives report distributed denial of service (DDoS) attacks”. Twenty-seven percent in the power sector and thirty-one percent in the oil and gas sectors reported being victim of extortion through cyber attacks.
China & Cyber Insecurity?
Increasingly, accusations are emerging from industrialized and developing countries pointing to China (the Peoples Liberation Army, “Beijing”, the “government”, or its hackers) and accusing it of being the source of major cyber attacks. These have reached sensitive targets, such as critical information infrastructures, the servers of big international firms and government agencies. The methods which are used in such attacks, themselves vaguely defined, are usually those of cyber criminals: intrusion, data theft, interception of data and communications, spreading malwares and viruses, use of botnets and web defacement. If cybercriminals are motivated by financial gains, several of these attacks are not money-oriented operations and therefore point to another originating source. Some of these attacks clearly serve other goals, such as intelligence gathering or the dissemination of ideologies.
- The goal of information warfare is no longer the conquest of territories or the destruction of enemy troops, but the destruction of the enemy’s will to resist.
- Information warfare is a war in which the ability to see, to know and to strike more accurately and before the adversary is as important as firepower.
- Information warfare can be conducted in times of peace, crisis and war;
- Information warfare consists of offensive and defensive operations;
- The main components of information warfare are command and control, intelligence, electronic warfare, psychological warfare, hacker-warfare and economic warfare.
- a process to take advantage of the enemy in a war under conditions of informationization, and
- a process which finds its strongest expression in our ability or inability to use several means to obtain and ensure an efficient flow of information; our ability or inability to make full use of the permeability of information space to share and connect information and information systems, to merge materials, energy, and information and create a combined fighting force; and in our ability or inability to weaken the information superiority of the enemy and operational effectiveness of the enemy’s computer equipment.
- China develops its military capabilities in close relationship with private industry and academia, putting into practice policies promoting the connection between private and public sectors, and between civilian and military sectors. This phenomenon can be observed in a great number of other industrialized nations as well.
- At the frontier of the civil-military dimension, militia units established by the army in various military provinces involve citizens from the industry or academia. Units have been set up that have expertise in information warfare, electronic warfare, psychological warfare, information operations, network warfare, etc.
- Some sources suggest the existence of links between supporters of the People's Liberation Army and the hacker community, but one might question whether the Chinese army has any power over the latter. The 2003 “Annual Report on the Military Power of the People’s Republic of China” referenced the dangers inherent in nationalist hacking (hacktivism) during times of crisis. Many actions are credited to Chinese hackers: waves of cyber-attacks following the bombing of the Chinese embassy by NATO forces in Belgrade in 1999, attacks against the interests of Taiwan, attacks against official US official websites in protest against the collision between a Chinese fighter jet and a US spy plane in 2001, attacks against Tibetan websites and attacks in 2008 against the website of the French embassy in China following a meeting between the Dalai Lama and the French President Nicolas Sarkozy. The list of hacktivists’ attacks is a long one.
The insecurity of critical infrastructure is an urgent issue to be solved. But it is not a recent one. The dependence of modern societies on technologies is not a new story. Stuart Case wrote in 1929,
The complex combination of interdependent systems, actors, and infrastructures may be the final target of cyber attacks. In this case, the perpetrator might be a hacker operating for fun, or even spies leaking data, or cybercriminals. But the most dangerous threat is the effect-based attack: the target of the cyber attack launched against this complex may be the individuals, the society or the economy that are dependent on the critical infrastructures. Through paralysing the critical energy infrastructure (CEI), the perpetrator can target the larger social environment. Several questions must be answered in this regard. Is a comprehensive cyber attack possible against CEI? Is a cyber attack against a CEI efficient? What is the impact of the cyber attack on CEI? The infrastructure being a complex system, the attack may in fact have minimal or no impact.
- Irrefutable proof concerning the identity and motivations of perpetrators. In short, efficient attribution technologies must be developed.
- A secure technical environment provided by technology; the exploitation of technical failures is the source of cyberspace insecurity.
- Scenarios for recovery after an incident and scenarios to strengthen resilience.
- Reaction capabilities, articulated scenarios, and coherent policies to guide nations in a post attack period.
- The application of basic rather than complex and costly standards and policies of security. Most important for security is not complexity but applicability. Audit processes security certifications should be reduced, and the application of basic security solutions (using antivirus protections, regulating the use of information systems by employees, disconnecting the sensitive systems from the public internet, strengthening the security of sensitive and personal data, applying access policies, etc.) should be advanced.
- A focus on strategy: information and cyber warfare are matters of strategy, technical issues are of secondary importance.
- Developing “national” solutions (applications, software, hardware, infrastructures) rather than relying on foreign suppliers of essential technologies.