Inside Cyber Warfare

Chapter 27

In 2010 the DPRK increased the priority of its cyber warfare unit (Office 121) to about 3,000 personnel. North Korean computers run off a Linux variant called Red Star, which has an interface similar to Windows, except with a red star replacing the Windows b.u.t.ton at the bottom left.[127]

[120] Kevin Coleman, "Is North Korea poised to revolutionize cyber warfare?", Defense Systems, November 15, 2010, accessed August 31, 2011, http://defensesystems.com/Articles/2010/11/17/Digital-Conflict-North-Korean-cyberwarfare-capabilities.aspx?Page=1.

[121] "N.Korea Trains Up Hacker Squad," The Chosunilbo, March 8, 2011, accessed August 31, 2011, http://english.chosun.com/site/data/html_dir/2011/03/08/2011030800611.html.

[122] Ibid.

[123] Jeremy Laurence, "North Korea hacker threat grows as cyber unit grows: defector," Reuters, June 1, 2011, accessed August 31, 2011, http://www.reuters.com/article/2011/06/01/us-korea-north-hackers-idUSTRE7501U420110601.

[124] Mok Yong Jae, "North Korea's Powerful Cyber Warfare Capabilities," Daily NK, May 4, 2011, accessed August 31, 2011, http://www.dailynk.com/english/read.php?cataId=nk00400&num=7647.

[125] Ibid.

[126] "North Korea And The Cyber Bandits," Strategy Page, March 25, 2011, accessed August 31, 2011, http://www.strategypage.com/htmw/htiw/20110325.aspx.

[127] Joseph L. Flatley, "North Korea's Red Star OS takes the 'open' out of 'open source'," Engadget, March 4, 2010, accessed August 31, 2011, http://www.engadget.com/2010/03/04/north-koreas-red-star-os-takes-the-open-out-of-open-source/.

Estonia

In the aftermath of the 2007 attacks, Estonia established a Cyber Defense Center in 2008 with the a.s.sistance of NATO.[128] Since then, the center has been fully accredited as a NATO Center of Excellence, bringing with it funding and multinational support. Seven NATO member nations-Estonia, Germany, Italy, Latvia, Lithuania, Slovakia, and Spain-formally signed into the creation of the center. The United States is also an observer member, and Estonia has recently invited Iceland to partic.i.p.ate in the center.[129] According to the Estonian Minister of Defense, after a visit to the US Cyber Command, Estonian cyber capabilities are considered in high regard by the United States.[130]

In addition to the center, Estonia has also established a Cyber Defense League of volunteers that, in the case of conflict, would perform duties under a unified military command. The volunteers are comprised of cyber security professionals in the private and public sectors who carry out regular weekend exercises to prepare for possible cyber situations. This is considered so vital to Estonian national security that the league is considering a draft to ensure all experts are available in the event of a crisis. While volunteer cyber armies are not unheard of, their motives and loyalty are considered uncontrollable. Estonia is likely trying to harness a cheap and already developed national tool.[131]

[128] "NATO launches cyber defence centre in Estonia," s.p.a.ce War: Your World at War (May 2008), accessed August 30, 2011, http://www.s.p.a.cewar.com/reports/NATO_launches_cyber_defence_centre_in_Estonia_999.html.

[129] "Foreign Minister Paet Invites Iceland to Partic.i.p.ate in Cyber Defence Centre," Estonian Emba.s.sy in Was.h.i.+ngton, accessed August 30, 2011, http://www.estemb.org/news/aid-1306.

[130] "Aaviksoo: Estonian cyberdefence is held in high regard in US," Estonian Ministry of Defence, accessed August 30, 2011, http://www.mod.gov.ee/en/aaviksoo-estonian-cyberdefence-is-held-in-high-regard-in-us.

[131] Matt Liebowitz, "Estonia Forms Volunteer Cyber Army," Security News Daily, January 6, 2011, accessed August 30, 2011, http://www.securitynewsdaily.com/estonia-forms-volunteer-cyber-army-0398/.

European Union

In November 2010 the European Union (EU) conducted its first-ever pan-European cyber war simulation. Cyber Europe 2010, as the exercise was called, included experts across Europe who worked to hone their response to attacks from hackers trying to reduce the Internet connectivity around Europe. Moreover, the stress of this environment helped test the appropriateness of contact points among the partic.i.p.ating countries. The European Network Security Agency (ENISA) organized the cyber exercise, and all member nations-including Iceland, Norway, and Switzerland-partic.i.p.ated.[132] In March 2011 the European Union was hacked by cyber criminals in a very similar manner to the strikes on the European Commission.[133] ENISA is planning on attending the Cyber Warfare Europe conference in September 2011.[134]

[132] "Digital Agenda: cyber-security experts test defences in first pan-European simulation," Europa, accessed August 30, 2011, http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1459&format=HTML&aged=0&language=EN&guiLanguage=en.

[133] Tom Brewster, "European Parliament hit by cyber attack," IT Pro, March 30, 2011, accessed August 30, 2011, http://www.itpro.co.uk/632359/european-parliament-hit-by-cyber-attack.

[134] "Cyber Defence & Network Security 2012," Cyber Defence and Network Security, accessed August 30, 2011, http://www.cdans.org/Event.aspx?id=598092.

France

In 2009 France created the French Network and Information Security Agency (FNISA) to provide a national watchdog on the government's sensitive networks that would detect and respond to cyber attacks.[135] Since then, little has been exposed about the disposition of French cyber security until March 2011, when the French finance ministry announced that it had suffered a cyber attack during the Paris G20 summit.[136] The attack targeted doc.u.ments relating to the summit and other economic issues.

In August 2011, France announced its intentions to build network warfare capabilities. Cyber warfare specialists under the General Directorate of Armament (DGA) demonstrated their capabilities in September 2011 using a communications mini-drone to simulate an attack on a national communications satellite.[137] Personnel dedicated to France's cyber warfare capabilities include 130 engineers and researchers with links to French universities, as well as US and UK cyber experts who provide advice to other French departments on improving their organic network securities. The DGA intends to grow these numbers by 30 per year for the next 30 years.[138] A major focus of the DGA is currently to develop secure networks for the French Naval Forces, including Naval Aircraft, by implementing an intranet.

[135] Peter Sayer, "France creates

[136] "Cyber attack on France targeted Paris G20 files," BBC News, March 7, 2011, accessed August 30, 2011, http://www.bbc.co.uk/news/business-12662596.

[137] Pierre Tran, "France Sets Stage To Build Network Warfare Capabilities," Defense News, August 15, 2011, accessed August 30, 2011, http://www.defensenews.com/story.php?i=7388378&c=FEA&s=SPE.

[138] Ibid.

Germany

Germany established a Cyber Defense Center (CDC) in June 2011 to combat the growing attacks on German networks.[139] The Cyber Defense Center is modestly staffed with six employees from the Federal Office for Information Security, two from the German Office for the Protection of the Const.i.tution (a domestic intelligence agency), and two from the Federal Office of Civil Protection and Disaster a.s.sistance. These 10 employees will eventually be joined by representatives from the Federal Police, Federal Office of Investigation, the Bundesnachrictendienst (a foreign intelligence agency), the German armed forces, and the Customs Criminal Investigation Office. The center is the result of the "Cyber Security Strategy for Germany," approved in February 2011, which also plans to work closely with the private sector.

A few weeks after the CDC was established, it became a target of a group of hackers known as the "n0n4m3 crew," or the No Name Crew. The hackers broke into the CDC networks and stole information from a program used by German police to help track criminals.[140] Two of the hackers involved were subsequently tracked down and arrested, but the successful attack on the CDC is likely to increase the focus and resources allotted on the center by the German government to avoid further embarra.s.sment.

[139] Jorge Benitez, "Germany establishes new Cyber Defense Center," The Atlantic Council, June 16, 2011, accessed August 30, 2011, http://www.acus.org/natosource/germany-establishes-new-cyber-defense-center.

[140] Brian Donohue, "Hacking Crew Attacks German National Cyber Defense Center," Threat Post, July 22, 2011, accessed August 30, 2011, http://threatpost.com/en_us/blogs/hacking-crew-attacks-german-national-cyber-defense-center-072211.

India

In August 2010 the Indian government told its agencies to enhance their capabilities in cyber warfare.[141] The strategy directed government agencies to develop capabilities to break into networks of unfriendly countries, set up hacker laboratories, set up a testing facility, develop countermeasures, and set up CERTs for several sectors. The agencies at the forefront of this strategy were the National Technical Research Organization, the Defense Intelligence Agency, and the Defense Research and Development Organization.[142]

Not long after the strategy was announced, India discovered a Chinese variant of the Stuxnet worm in Indian installations. India has since stepped up efforts in its offensive cyber capabilities.[143] In December 2010 hackers from the Pakistan Cyber Army defaced India's Central Bureau of Investigation, which was supposed to be one of the nation's most secure websites.[144] This attack caused the Indian government to call for increased capabilities in cyber security. The increasing focus on cyber security is evident through the planning of India's second cyber warfare conference, which will be held in November 2011.[145]

[141] Thomas K. Thomas, "India goes on the offensive in cyber warfare," The Hindu Business Line, August 3, 2011, accessed August 30, 2011, http://www.thehindubusinessline.com/todays-paper/article1000443.ece?ref=archive.

[142] "India to increase its cyberwarfare capabilities," The Cybernaut, September 5, 2010, accessed August 30, 2011, http://www.thecybernaut.org/2010/09/india-to-increase-its-cyberwarfare-capabilities/.

[143] Surinder Khanna, "The secret cyber war between India and China accelerates," India Daily, October 10, 2010, accessed August 30, 2011, http://www.indiadaily.com/editorial/21800.asp.

[144] "Hacked by 'Pakistan Cyber Army', CBI website still not restored," NDTV, December 4, 2010, accessed August 30, 2011, http://www.ndtv.com/article/india/hacked-by-pakistan-cyber-army-cbi-website-still-not-restored-70568?cp.

[145] "India's Only Dedicated Military Cyber Security Conference," Cyber Security India, accessed August 30, 2011, http://www.iqpc.com/Event.aspx?id=548338.

Iran

In 2010 the Iranian Islamic Revolution Guards Corps (IRGC) set up its first official cyber warfare division.[146] Since then, its budget and focus has indicated the intention of growing these cyber warfare capabilities. Education is considered a top priority in the strategy, with increased attention to computer engineering-specific cyber security programs. The IRGC budget on cyber capabilities is estimated to be US$76 million. The IRGC's cyber warfare capabilities are believed to include the following weapons: compromised counterfeit computer software, wireless data communications jammers, computer viruses and worms, cyber data collection exploitation, computer and network reconnaissance, and embedded Trojan time bombs.

The cyber personnel force is estimated to be 2,400, with an additional 1,200 in reserves or at the militia level. The IRGC also recognizes the ability to use Iran's hacker community against state targets.[147] However, the hacktivists' loyalty to the IRGC may be in question, as seen in the 2009 Iranian elections. After the Iranian government utilized its cyber army to go after political dissenters, the Iranian hacking community struck back by defacing government websites.[148] Soon after, the Iranian Stuxnet crisis occurred In June 2011 Iran announced that the Khatam al-Anbiya Base, which is tasked with protecting Iranian cybers.p.a.ce, is now capable to counter any cyber attack from abroad,[149] a claim that will likely be tested soon given the volatile nature of cybers.p.a.ce.

In August 2011 Iran challenged the United States and Israel, stating that they are ready to prove themselves with their cyber warfare capabilities. Should the Iranian cyber army be provoked, Iran would combat these operations with their own "very strong" defensive capabilities.[150] Tehran has greatly increased its cyber warfare capability in the past years, but it is likely not yet ready to wage a full-scale cyber war with the United States or Israel, despite its claims.[151]

[146] Siavash [pseud.], "Iranian Cyber Warfare Threat a.s.sessment," Siavash's Blog, entry posted May 13, 2011 accessed August 30, 2011, http://www.cyberwarzone.com/content/iranian-cyber-warfare-threat-a.s.sessment.

[147] Ibid.

[148] Lisa Daftari, "Iran's Citizen Cyber Warriors," FrontPage Magazine, November 9, 2010 accessed August 30, 2011, http://frontpagemag.com/2010/11/09/iran%E2%80%99s-citizen-cyber-warriors/.

[149] "Iran capable of countering cyber attacks," Press TV, July 8, 2011, accessed August 30, 2011, http://www.presstv.ir/detail/188146.html.

[150] Lee Ferran, "Iran to US, Israel: Bring On the Cyber War," ABC News - The Blotter, August 8, 2011, accessed August 30, 2011, http://abcnews.go.com/Blotter/iran-us-israel-bring-cyber-war/story?id=14255216.

[151] Kevin Coleman, "Iran Talks Cyber Tough," Defense Tech, August 12, 2011, accessed August 30, 2011, http://defensetech.org/2011/08/12/iran-talks-cyber-tough/.

Israel

Israel is no stranger to cyber warfare; maybe one of the most successful known acts of cyber warfare occurred when Israel shut down Syria's anti-aircraft radars so Israel's Air Force could fly undetected to destroy a suspected Syrian nuclear site in 2007. In February 2010 the Israeli Intelligence Directorate published a paper highlighting the necessity of cyber capabilities to the Israeli Defense Forces (IDF). The paper also realized the importance of cyber defense centers set up in the United States and the UK.[152]

In June 2010, word was released that Israel had begun setting up a cyber warfare unit, but with a twist-the unit was using the same recruiting methods that the IDF uses for Israeli commando units. These teams are dispatched to target countries, where they not only act as a covert commando unit, but also launch cyber attacks from inside that country. The unit is structured under the military intelligence department.[153] This goes along with the Israeli strategy that cyber warfare is an alternate means to conventional warfare, one that can be employed much more often because of the lack of formal consequences.[154]

In early 2011 Israel convened a panel of cyber experts to discuss the future of the Israeli cyber defense and security issues.[155] The panel concluded that not only do offensive cyber capabilities need to be used, a strong defense for the Israeli cyber infrastructure is also necessary. Soon after this session, Israel set up a cyber command to address these needs.[156]

The 80-person command is said to be primarily a defensive unit, although it is very likely the unit will have offensive capabilities.[157] The command will coordinate efforts between the government, cyber industry, and universities. There is also a plan to develop cyber studies at the secondary school level. The cyber command is part of Unit 8200, which is primarily an intelligence-collecting unit and is the largest unit of the IDF.[158]

[152] Arnon Ben-Dror, "Military Intelligence: Israel Defence Forces are prepared for Cyberwarfare," Defence Professionals, accessed August 30, 2011, http://defpro.com/news/details/12967/.

[153] "Israeli Cyber Commandos," Strategy Page, accessed August 30, 2011, http://www.strategypage.com/htmw/htsf/20100628.aspx.

[154] Dan Williams, "Israeli official sees cyber alternative to 'ugly' war," Reuters, February 3, 2011, accessed August 30, 2011, http://af.reuters.com/article/worldNews/idAFTRE7125A420110203.

[155] Barak Ravid, "Israel planning strategy to defend computer networks from attack," Haaretz, March 4, 2011, accessed August 30, 2011, http://www.haaretz.com/print-edition/news/israel-planning-strategy-to-defend-computer-networks-from-attack-1.353722.

[156] "Israel sets up cyber command," Defence Web, accessed August 30, 2011, http://www.defenceweb.co.za/index.php?option=com_content&view=article&id=15471:israel-sets-up-cyber-command&catid=48:Information%20&%20Communication%20Technologies&Itemid=109.

[157] Ibid.

[158] Damien McElroy, "Israel's unit 8200: cyber warfare," The Telegraph, September 30, 2010, accessed August 30, 2011, http://www.telegraph.co.uk/news/worldnews/middleeast/israel/8034882/Israels-unit-8200-cyber-warfare.html.



Theme Customizer


Customize & Preview in Real Time

Menu Color Options

Layout Options

Navigation Color Options
Solid
Gradient

Solid

Gradient