A cyber attack is no less lethal than a nuclear attack. It could cripple financial systems, stock markets, navigation systems of ships at sea or airplanes in air, and shut down industrial or nuclear plants.
Cyber-warfare is, relatively, a new phenomenon. Though, the FBI had already been exploring cyberspace in respect of domestic intelligence, the NSA awoke after the aerial attack on the New-York Twin Towers. It was a bit hard for the USA’s National Security Agency to convince president Bush that a cyber force was need of the hour. The USA accuses China of having penetrated defence contractors computers to get information about US$737 billion F-35. China points to Huawei penetration and Snowden’s leaks about hacking of Chinese universities computers.
Bush skeptical of cyber-penetration
Bush, engrossed in his War on Terror (ism) kept aloof from the Internet/Google. Shane Harris, in his book War: The Rise of Cyberwarfare (p. 141) `This was the man who had once said he used “the Google” only occasionally to look at satellite images of his ranch in Texas. It would be difficult to explain in technical terms how someone sitting at a keyboard could wreak havoc from thousands of miles away, using a machine with which the president was largely unfamiliar’. Like nuclear weapons, releasing cyber-weapons required presidential assent.
A long last, the president sanctioned an ambitious cyber-warfare and espionage programme with required funding. During the Iraq War, the neophyte cyber warriors fought well in locating insurgents’ networks. In a way the cost of the programme was repaid with dividends. Since then the USA has fortified its cyber capability to meet not only external but also internal threats.
“During US military operations in Libya in 2011, which led to the ouster of Muammar Gaddafi, the NSA worked with the navy’s cyber warriors to track targets in Libya and help create “strike packages” (p. 79, ibid.). Not only the NSA but also the FBI and CIA have its cyber forces of their own. The FBI is however engaged in domestic cyber-espionage.
Alleged China “signature threat”
The USA defence production is closely allied with a host defence contractors. For instance, Lockheed Martin, Northrop Grumman and BAE System were the sub-contractors in the US$337 billion Joint-Strike fighter project. The USA surmised China had hacked contractors’/sub-contractors’ computer systems. The NSA thoroughly checked the computer systems to make them foolproof. In so doing, they had to re-write the software resulting in delay. The USA’s nightmare was that if China happened to know the vulnerabilities of the F-35 then it could exploit it in a jet-to-jet air-war.
Veracity of the allegation
It is difficult to sift propaganda from the truth in the USA’s allegation. Before the collapse of the Soviet Union, several books portrayed the USSR as a potent threat to the USA. But the USSR collapsed like a house of cards. Maybe, the China bogey, also, was a hoax.
China’s cyber modus operandi
When an employee opened an email of a defence contractor from a “trusted source”, the incoming mail inserted a digital backdoor to allow China to monitor every keystroke that the employee typed, besides every website visited and every file, created, uploaded, or downloaded. China even captured all the passwords that the contractors used for logging in to the web forums. The NSA claims to have tracked “threat signatures” and communicated them to defence contractors.
US penetration into Chinese systems
The USA regards Huawei as a Chinese military-intelligence proxy. As such, it successfully penetrated it besides Beijing’s Tsinghua university. Snowden showed documents to journalists that revealed “the NSA had penetrated at least sixty-three [Chinese] universities’ computers or servers” (p. 72, ibid.).
Creation of a Cyber-force
Success in use of cyber-weapons stimulated the USA to create a robust cyber-force. Rigorous aptitude tests were developed by the US military to recruit the best warriors. It is already mandatory for all entrants to the US Air Force to undergo basic cyber-security training. Five military academies now include cyber-warfare as a field of study. The NSA sponsors a war game among all the services to choose the best hackers.
Shortlisted air-force cyber-specialists are trained at Keesler Air Force Base, on the gulf Coast of Mississippi, just like pilots. The would-be cyber warriors have to run a a gauntlet before being qualified to wear the cyberspace badge, a pair of silver wings crossed by a lightning bolt centred on a globe.
There were 12,600 air force cyber-force warriors (2013 estimate). Majority of them guarded networks, plugged vulnerabilities, and updated networks. Only one percent of them were assigned the”exquisite” work of penetrating enemy computer systems. We know Stuxnet crawled into Iranian nuclear systems and destroyed one-fifth of fast-spinning Iranian centrifuges. https://en.wikipedia.org/wiki/Stuxnet
Stuxnet is a cyber weapon built jointly by the United States and Israel in a collaborative effort known as the “Olympic Games” during 2005 -10. Stuxnet reportedly ruined almost one-fifth of Iran’s nuclear centrifuges. It caused the fast-spinning centrifuges to tear themselves apart. It could paralyse factory assembly-lines or power plants, most of which are in Europe, Japan, and the US. Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software.
Are Secra-phones and standalone computers safe?
Shane writes that US president Bush was incredulous about claims made in briefings about capability of cyber-penetration. “Bush wanted to know. Was the White House at risk? Bush pointed to the secure phone on his desk that he used to talk to the cabinet officials and foreign leaders. “Could someone get into that?” he asked. McConnell realized that until this moment, the president had never been told just how weak the government’s own electronic defenses were, or the country’s. “Mr. President, “McConnell said, “if the capability to exploit a communication device exists, we have to assume that our enemies either have it or are trying to develop it.”(page 141, ibid).
It is a myth that standalone computers (not connected to the Internet) can’t be penetrated. Even they are vulnerable, perhaps more vulnerable as everybody in an organisation knows their importance.
The age of Information Power
The age of bipolar cold-war is over. We now live in an unpredictable age where “speed” is the most important element of power. Armistead E. Leigh (ed.), in his book Information Operation: Warfare and the Hard Reality of Soft Power says, `What the future holds for military forces, and the national security establishment is unclear”. The age we live in is unpredictable. COVID19 turned it topsy-turvy.
Incredible advances in technology will change our lifestyle. Electric car and bots to recharge electric batteries may outnumber gasoline filling stations and gas-guzzling cars. Online education and online commerce may become a permanent feature of everyday life with concomitant threats. Card cloners may outnumber pickpockets.
Pakistan too should do its best to adjust with the changing world of information power.
Mr. Amjed Jaaved has been writing freelance for over five decades. He has served the federal and provincial governments of Pakistan for 39 years. His contributions stand published in the leading dailies and magazines at home and abroad (Nepal. Bangladesh, et. al.). He is the author of eight e-books including The Myth of Accession. The views expressed in this article are the author’s own and do not necessarily reflect the editorial policy of Global Village Space.