World Affairs

6/recent/ticker-posts

Cyber Attacks


Cyber Attacks, also referred as cyberwarfare or cyberterrorism in specific situations, is a type of offensive maneuver employed by both individuals and whole organizations that targets computer information systems, infrastructures, computer networks, and/ or personal computer devices by various means of malicious acts usually originating from an anonymous source that either steals, alters, or destroys a specified target by hacking into a susceptible system. Cyberwarfare or cyberterrorism can be as harmless as installing spyware on a PC or as grand as destroying the infrastructure of entire nations. In the 21st century as the world becomes more technologically advanced and reliant upon computer systems, cyber attacks have become more sophisticated, dangerous, and the preferred method of attacks against large groups by "attackers."

Cyberwarfare and cyberterrorism

Cyberwarfare utilizes techniques of defending and attacking information and computer networks that inhabit cyberspace. It denies an opponent’s ability to do the same, while employing technological instruments of war to attack an opponent’s critical computer systems. Paralleling this idea of cyberwarfare, cyberterrorism is “the use of computer network tools to shut down critical national infrastructures (such as energy, transportation, government operations) or to coerce or intimidate a government or civilian population.”[1] That means the end result of both cyberwarfare and cyberterrorism is the same, to damage critical infrastructures and computer systems linked together within the confines of cyberspace.

Factors for cyber-attacks

In cyberwarfare we must understand the basics as to why cyber-attacks are launched against a state or an individual. There are three factors that contribute to this reasoning, the fear factor, spectacular factor, and the vulnerability factor.

Fear factor

The most common, fear factor, a cyberterrorist will create fear amongst individuals, groups, or societies. The bombing of a Bali nightclub in 2002 created fear amongst the foreign tourists who frequently visited the venue. Once the bomb went off and casualties ensued, the influx of tourists to Bali significantly reduced due to fear of death.

Spectacular factor

With spectacular factors, it is the actual damage of the attack, meaning the attacks created direct losses and gained negative publicity. In 1999, a denial of service attack rendered Amazon.com unusable. Amazon experienced losses because of suspended trading and it was publicized worldwide.

Vulnerability factor

Vulnerability factor exploits how easy an organization or government establishment is vulnerable to cyber-attacks. An organization can easily be vulnerable to a denial of service attack or a government establishment can be defaced on a web page. A computer network attack disrupts the integrity or authenticity of data, usually through malicious code that alters program logic that controls data, leading to errors in output.[2]

Professional hackers to cyberterrorists

Professional hackers either working on their own or employed by the government or military service can find computer systems with vulnerabilities lacking the appropriate security software. Once found, they can infect systems with malicious code and then remotely control the system or computer by sending commands to view content or to disrupt other computers. There needs to be a pre-existing system flaw within the computer such as no antivirus protection or faulty system configuration for the viral code to work. Many professional hackers will promote themselves to cyberterrorists where a new set of rules govern their actions. Cyberterrorists have premeditated plans and their attacks are not born of rage. They need to develop their plans step-by-step and acquire the appropriate software to carry out an attack. They usually have political agendas, targeting political structures. Cyber terrorists are hackers with a political motivation, their attacks can impact political structure through this corruption and destruction.[3] They also target civilians, civilian interests and civilian installations. As previously stated cyberterrorists attack persons or property and cause enough harm to generate fear.

Syntactic attacks and semantic attacks

In detail, there are a number of techniques to utilize in cyber-attacks and a variety of ways to administer them to individuals or establishments on a broader scale. Attacks are broken down into two categories, Syntactic attacks and Semantic attacks. Syntactic attacks are straight forward; it is considered malicious software which includes viruses, worms, and Trojan horses.

Viruses

Viruses are a self-replicating program that can attach itself to another program or file in order to reproduce. The virus can hide in unlikely locations in the memory of a computer system and attach itself to whatever file it sees fit to execute its code. It can also change its digital footprint each time it reproduces making it even harder to track down in the computer.

Worms

Worms do not need another file or program to copy itself; it is a self-sustaining running program. Worms replicate over a network using protocols. The latest incarnation of worms make use of known vulnerabilities in systems to penetrate, execute their code, and replicate to other systems such as the Code Red II worm that infected more than 259 000 systems in less than 14 hours.[4] On a much larger scale, worms can be designed for industrial espionage to monitor and collect server and traffic activities then transmit it back to its creator.

Trojan horses

A Trojan horse is designed to perform legitimate tasks but it also performs unknown and unwanted activity. It can be the basis of many viruses and worms installing onto the computer as keyboard loggers and backdoor software. In a commercial sense, Trojans can be imbedded in trial versions of software and can gather additional intelligence about the target without the person even knowing it happening. All three of these are likely to attack an individual and establishment through emails, web browsers, chat clients, remote software, and updates.
Semantic attack is the modification and dissemination of correct and incorrect information. Information modified could have been done without the use computers even though new opportunities can be found by using them. To set someone into the wrong direction or to cover your tracks, the dissemination of incorrect information can be utilized.

Israel and Palestine

In the Israel-Palestine conflict cyber attacks were conducted in October 2000 when Israeli hackers launched DOS attacks on computers owned by Palestinian resistance organizations (Hamas) and Lebanese resistance organizations (Hezbullah). Anti-Israel hackers responded by crashing several Israeli web sites by flooding them with bogus traffic.[3]

India and Pakistan

There were two such instances between India and Pakistan that involved cyberspace conflicts, started in 1990s. Earlier cyber attacks came to known as early as in 1999.[3] Since then, India and Pakistan were engaged in a long-term dispute over Kashmir which moved into cyberspace. Historical accounts indicated that each country's hackers have been repeatedly involved in attacking each other's computing database system. The number of attacks has grown yearly: 45 in 1999, 133 in 2000, 275 by the end of August 2001.[3] In 2010, Indian hackers laid a cyber attack at least 36 government database websites going by the name "Indian Cyber Army".[5] In 2013, Indian hackers hacked the official website of Election Commission of Pakistan in an attempt to retrieve sensitive database information.[6] In retaliation, Pakistani hackers, calling themselves "True Cyber Army" hacked and defaced ~1,059 websites of Indian election bodies.[6]According to the media, Pakistan's has been working on effective cyber security system, in a program called the "Cyber Secure Pakistan" (CSP).[7] The program was launched in April 2013 by Pakistan Information Security Association and the program as expanded to country's universities.

China, United States and others

Within cyberwarfare, the individual must recognize the state actors involved in committing these cyber-attacks against one another. The two predominant players that will be discussed is the age-old comparison of East versus West, China’s cyber capabilities compared to United States’ capabilities. There are many other state and non-state actors involved in cyberwarfare, such as Russia, Iran, Iraq, and Al Qaeda; since China and the U.S. are leading the foreground in cyberwarfare capabilities, they will be the only two state actors discussed. But in Q2 2013, Akamai Technologies reported that Indonesia toppled China with portion 38 percent of cyber attack, a high increase from 21 percent portion in previous quarter. China set 33 percent and US set at 6.9 percent. 79 percent of attack came from Asia Pacific region. Indonesia dominated the attacking to ports 80 and 443 by about 90 percent.[8]
Enhanced by Zemanta

Post a Comment

0 Comments