Most outstanding accomplishment of human endeavour till date took place on 20th July, 1969, when two mortals stepped on the lunar surface. This monumental feat was accomplished due to advances in rocketry and colossal (at that time) improvement in computing power. Incidentally the computing power that enabled man on moon was merely equivalent to a Pentium one of present times.
Computing power increases exponentially and is governed by Moore’s law, which states that “computing power doubles every year”. X box today is nearly 1000 times faster than a Pentium One, may be more. A physicist in USA, who needed super computer assistance for his research but failed to buy the computer time due to prohibitive cost. He purchased more than 1000 X boxes, put them in parallel and achieved the computing power that was required for research.
Needless to state that computers have changed the way we live. Warfare, too, has lapped up the ‘Power of the Chip’ in developing weapons and ancillary systems. With advancement in computing power, INFORMATION WARFARE has assumed new dimension. The most potent tool in the information warfare regime is not the super computers but the ability to ‘HACK’ into a supposedly impregnable computer network protected by numerous firewalls.
‘Hacking’ has emerged as the most potent soft weapon in information warfare era. It not only destroys, corrupts, de-regulates, alters the original programme but also can introduce undesirable inputs in the software controlling the network that may lead to catastrophe. For example it has been alleged that Russian hackers intervened with the power grid in Ukraine in 2015 causing widespread darkness for considerable period.
Information Warfare has been defined as “Conflict and/or struggle between two or more groups in the information environment”. Computer networks depend solely on the internet. Communications also use internet or use various segments of electromagnetic spectrum. Modern era of computer based/controlled communications make every nation state vulnerable to instability by merely interfering with communication network.
In order to interfere with computer networks controlling the nuclear reactors, power grid, airline/railway ticketing system to name a few and virtually all other domains of almost all nations, experienced software specialists are required to attempt illegal and illegitimate transgressions into the networks.
According to a world bank study, Russia has ‘invested’ heavily into this sphere and have over one million software specialists. Russian ‘CYBER WARRIORS’, another name for hackers are amongst the most proficient in the world. It is believed that ‘officially monitored/controlled’ groups of cyber warriors numbering around three dozen are actively involved in hacking/attempt to hack other nation’s networks. It is possible/probable that this illegal gang has been provided with state immunity. Needless to emphasise that this form of warfare is more potent and can reap unbelievable benefits without being identified.
Shifting focus from system hacking to platform hacking opens up far greater possibilities. UAVs and UCAVs are the future of aerial warfare. Imagine a scenario wherein adversary’s UAV/UCAV is taken over by an unidentified entity and is used against the originator itself. Such eventualities are no longer fictional.
It may be of interest to mention that P8 maritime patrol aircraft has been found to have serious ‘cyber security deficiencies. USAF is in the process of carrying out extensive testing of F-22 and F-35 platforms against cyber attacks. Hackers sponsored most probably by the Iranian government recently compromised a U.S. aerospace organization, according to a new report from cybersecurity firm FireEye. The hackers, which FireEye dubs APT33, also targeted a selection of other energy and aviation bodies across Saudi Arabia and South Korea.
Currently cyber attacks are confined to gathering intelligence by stealing/accessing sensitive information, defacing the home page, leaving warning messages and in few cases were espionage
Iranian hackers have previously tried to identify computers that control infrastructure in the U.S., targeted a small dam in New York’s Westchester County, and launched distributed-denial-of-service (DDoS) attacks on U.S. banks designed to slow service to a crawl. US authorities were able to establish that hacking operations took place during Iranian working hours and corresponded to the country’s work week of Saturday to Wednesday. Some of those other groups have used more destructive malware to wipe a target’s computers. In December of last year, the Department of Defense warned U.S. contractors about Shamoon, an Iran-linked malicious program that wiped thousands of computers in Saudi Arabia. Investigating team opined “We assess there may be multiple Iran-based threat groups capable of carrying out destructive operations”.
While our relations with Iran are on the upswing but Pak association with Iranian hackers might spell trouble for us. Attribution is the most difficult thing. When we are dealing with professional hackers it is hard to track and find real evidence of where it has come from. A group of Pak ‘HACKTIVIST’ sitting in New York might be able to intrude into our nuclear reactors, power grid etc. Alternatively a Pak/Chinese hacktivist might engage an ‘expert’ of unknown nationality working for cash to do the job.
Common belief is that website of National Security Agency (NSA) of USA is one of the most impregnable network. But the hackers of unknown nationality (possibly Russians) hacked into the website and stole highly classified material. It stunned the US lawmakers and the intrusion in 2015 was not made public knowledge for nearly two years. Wall Street Journal termed it as “one of the most significant security breaches in recent years”. The surprise does not end here. Detailed investigation revealed that the hack was made possible because Kaspersky Lab’s anti-virus software identified the files. A classic case of the ‘Guard involved in theft’. It might be termed as travesty of fate when viewed in the context that USA interfered with Iranian centrifuge network by introducing STUXNET virus through one of the Iranian engineers working in the facility and was using the device on his home computer as well. In an identical fashion similar act was performed when an NSA contractor took the files home without authorization and they were accessed by attackers on that person’s home computer, which was running Kaspersky Lab’s software. The stolen material included details about how the NSA penetrates foreign computer networks, the computer code it uses for such spying and how it defends networks inside the US. USA has identified Russia as the major culprit actively involved in hacking activity against the west, USA in particular. Russians are resorting to digital intrusions, which have crippled networks and they continue to refine their expertise with knowledge gained from each such intrusion.
Are we in India looking at the issue of ‘HACKTIVISM’ with the seriousness it deserves? Merely placing numerous firewalls is not adequate security. We have to discipline ourselves to eliminate in totality our culture of doing official work on our personal computers linked to internet. Not many would have the courage to accept but this stark truth cannot be wished away like an ostrich with beak in sand and eyes closed. Our speed of digitization demands absolute and total network security on one hand and on the other we must ‘officially’ develop and sponsor an ‘army’ of HACKTIVIST to hack into the networks of our adversary. This ‘soft kill’ capability should then be put into use to warn the adversaries to behave or else!
Although we call ourselves ‘software super power’ but the fact is that we do not produce a single computer chip. Everything is imported. Embedded virus viz Trojan Horse etc are known to be activated by the manufacturing country at the time of their choosing. China has progressed by leaps and bounds in acquiring advanced chip technology.
Memoirs of an Intellectual Journey 