The Pros And Cons Of Cyber Warfare

Cyber Warfare is definitely the future, like any other advancement in technology; where there is potential to harm and pacify our enemies, we will exploit it. Cyber warfare or cyber weapons are no different from any other advancements. Like the boat, airplane, and nuclear energy before it computers will and have been used as a weapon, a tool from which nations can conduct war against their enemies, joining rank with forms warfare we are already accustomed to. What makes cyber warfare different from these established forms of warfare is its capabilities and clandestinely.

What is cyber warfare? Cyber warfare is the infiltration of a nation’s computers or networks by another nation or organization with the intention of espionage or causing damage

and disruption to its systems. There are several types of cyber warfare usually falling in the categories of espionage, sabotage and denial of service. Some of the major players in Cyber Warfare are obviously some the most modern The United States, United Kingdom, Russia and China, but Iran, Syria, Israel, and North Korea despite their small size have also made great use of cyber warfare.
Many of the fears of cyber warfare involve the possible attacks that could cause wreak havoc on the cyber physical systems that have a large effect on the critical infrastructure that we are dependent on in our daily lives.

Cyber physical systems are the computers and networks that monitor, interact, and control some physical systems. In modern industrial nations, these systems are commonplace controlling our electrical grid, telecommunication, healthcare, water supply, transportation, manufacturing, and financial institutions. These systems will continue to become more integrated and our society will continue to be more and more dependent on them, this dependency on cyber physical system is what makes them and countries such as the United States a target for

cyber-attacks.
The basis of almost all these nations’ cyber warfare commands and units is to allow them ability to conduct cyberattacks, while at the same time preventing and protecting against cyber attack. China although having its own cyber warfare units, including People’s Liberation Army Unit 61398, from which it launches cyberattacks against others it, is also believed to make use government sponsored civilian hackers. Most of the documented cyber attacks originating in China have been cyber espionage; cyber espionage is a type of cyber attacks whose purpose is to simply gain information. There has speculation that the development of China’s Chengdu J-20 fighter plane is based on designs of the United States’ very own Lockheed Martin F-35 jet acquired through cyber espionage attacks on the United States’ defense and government network. How China was able to infiltrate these networks is unknown, however such capability to conduct aggressive cyber espionage comprises and calls into question the cyber security of the United States.
North Korea’ breach of Sony Pictures’ computer files and confidential information of executives in response to the upcoming release of The Interview, a political satire of North Korea. The Guardians of Peace, a group of hacker believed to have been sponsored by government of North Korea, claimed responsibility for attack as well as threated to continue their attack with Sony Picture did not cease limited screening of the film. Following through with their claim, they released various confidential emails between executives and even threated theaters showing the film, until finally the release of the Interview was cancelled. After the urging of President Obama Sony Pictures decided to release the film, during that same period, North Korea reported internet outages, which were believed to be retaliation by the United States. This chain of events is any example of recurring theme of ambiguousness of cyber warfare, as there was no definite evidence implicating North Korea as the perpetrator of the cyber attack against Sony.
Some of the most famous and poignant examples of the capabilities cyber weapons are Stuxnet, Duqu, and Flame. Stuxnet is one of the best examples of a cyber warfare that we have. It was larger and much more complex than anything we had seen before. It initially infected systems through infected thumb drives; from there it utilized zero day exploits and security clearances to infect other systems. However, the worm did not do anything to the systems it do not target, lying dormant until it reached its target. It creators seemed to be targeting Iran’s nuclear facilities Natanz and Bushehr, once it reached the PLC, programmable logic controllers, that controlled the facilities uranium enriching centrifuges. It varied the speed of the centrifuges slowly damaging them until they were no longer able to operate, thus sabotaging Iran's nuclear program. By the time, it was discovered it had disable over a thousand centrifuges, setting Iran nuclear program back by more than four years. The most amazing thing is it was not discovered until it accidently infected other systems. Once it was discovered, the question became who would target Iran’s nuclear program and who had the access and capability to program such a cyber weapon. It is strongly believed by experts and firms in cyber security that the creators of Stuxnet were Israel and the United States. Much more advanced worms such as Duqu and Flame have been reported to be have created in at least some part by the same group that created Stuxnet.
The United States has the United States Cyber Command, USCYBERCOM, under the United States Strategic Command, which is itself under the Depart of Defense.

USCYBERCOM unifies the command of the cyberspace efforts and units of the United States military. The United States Department of Defense also has outlined the principles that form its cyber defense strategy, building and maintaining ready forces and capabilities to conduct cyberspace operations, defend the DoD information network, secure DoD data, and mitigate risks to DoD missions. Be prepared to defend the U.S. homeland and U.S. vital interests from disruptive or destructive cyberattacks of significant consequence. Build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict environments at all stages. Build and maintain robust international alliances and partnerships to deter shared threats and increase international security and stability. The five pillars of cyber security, confidentiality, integrity, availability, non-repudiation, and authentication. Protecting information from disclosure to unauthorized individuals, systems or entities, Protect information, systems, and services from unauthorized modification or destruction, Timely, reliable access to data and information services by authorized users, the ability to correlate a recorded action with its originating individual or entity, and the ability to verify the identity of an individual or entity

respectively.
Because of how the implications and consequences of cyber attack or launching a retaliatory cyber attack are not truly established. The North Atlantic Treaty Organization, NATO has even commissioned a study by a few experts in cyber security on how international law can be applied to cyber warfare, known as the Tallinn Manual. However, the manual is nonbinding and leaves several gaps in application. Under the manual it is up to the effected state distinguish whether a cyber attack is an act of force or not. It leaves the use of third parties, government sponsored civilian hackers or private security that are often involved the development of cyber weapons or the implementation of a cyber attack. Although a step in the right direction, the Tallinn Manual does not establishment any real or effective policy on how to react to cyber warfare or subsequent retaliation. Cyber space in terms of the legality of cyber warfare is essentially seems to be the Wild West, where there is no real consequence of conducting a cyber attack besides the possible retaliation of the effected nation.
Is Cyber Warfare Ethical? This is a difficult question, maybe we can use “conventional” warfare as talking point to relate to cyber warfare. We could all agree that there definitely cases where conventional warfare are justified, as retaliation or preemptive strike. They are a means to an end, a tool, to defeat the enemy. Cyber warfare can be thought of somewhat similarly. However, cyber warfare has problems that conventional warfare does not. For example, a cyber attack can potentially cause much more collateral damage than a traditional attack, since a computer virus that attacks a military network can indiscriminately attack a civilian network if exposed. The creator or attackers can’t be easily identified by those who been attacked, the very nature of these cyber weapons is programming them to be nearly untraceable, the only way to identify who could have attacked is by thinking who would be motivated to do this. Conventional warfare unlike cyber warfare is much more quantifiable than, whether a nation has nuclear weapons, how many do they have, how many aircraft carriers they, how many tanks they possess, how many men of military age can a nation field, with cyber warfare the capabilities of a nation is much harder to discern. Stuxnet was used to sabotage the nuclear program of Iran, which many western nations believe to be a front for the development of nuclear weapons. In this case, Stuxnet was designed to only attack a specific target, and caused minimal if any damage to anything other the target. Stuxnet is one of the few documented cyberattacks used to sabotage. Cyber weapons have the ability to target specific targets they can also result in the indiscriminate attack of civilian systems and networks
A great example of this is how relatively small nations like Iran, Israel, or North Korea are able to wreak havoc on the networks of companies in advanced nations like the United States. Meaning cyber warfare can very much be used as a form of asymmetric warfare. This type of warfare is inevitable it is the natural course of things, where there is potential to attack, disable without them ever knowing there will be people who will exploit for what is believed to good, stopping Iranian nuclear development, or bad, stealing trade secrets for industries another nation.
I initially reached out to Eugene Vorobeychik, PhD an assistant professor of Computer Science and Computer Engineering at Vanderbilt University and Senior Member of Techanical Staff of Sandia National Laboratories for an interview. Dr. Vorobeychik has conducted research on cyber physical system security and the application of game theory in both physical and cyber security, especially concerning health care data. Although agreeing to answer a few of my questions on his work and opinion cyber physical system security and the vulnerability of the United States to sophisticated attacks that target these systems, he was unable to answer my question at the time of this report.