CYBER WARFARE IS THE ULTIMATE THREAT TO

CYBER SECURITY.WHAT DOES LAW SAY ABOUT IT ?

ADV. PRASHANT MALI

CYBER LAW & CYBER SECURITY EXPERT

WHAT IS CYBER WARFARE? AS PEOPLE SAY

• U.S. government security expert Richard A. Clarke, in hisbook Cyber War (May 2010), defines "cyberwarfare" as"actions by a nation-state to penetrate another nation'scomputers or networks for the purposes of causing damage ordisruption."

• The use of computing resources to intimidate, harm people, places orsystem we depend upon.

WHAT IS CYBER WARFARE ?

• Cyberwarfare is politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare.[1]

..Wikipidia

WHAT IS CYBER WARFARE ?

• Cyber warfare is NOT about Penetration of Networks

WHAT IS CYBER WARFARE ?

• Cyber warfare is NOT about defacing web sites

WHAT IS CYBER WARFARE ?

•Cyber warfare is NOT about DDoS attacks

WHAT IS CYBER WARFARE ?

• Cyber warfare is NOT about Malicious SoftwareIT IS NOT

EVEN CYBER TERRORISM

OR

CYBER ESPIONAGE

WHY NOT MALICIOUS CODE OR TROJAN ?

• It has an Expiry date.. Before a Vulnerability is patched or “Snowdens are Awakened “

• It has associated pressure to “use it” before you “lose it.”

• If no cyber conflict Where to use so becomes Stale

• Cannot distinguish Friends or allies, can boomerang

WHY IT IS NOT CYBER TERRORISM ?

• Cyberterrorism is the use of Internet based attacks in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses.

• Cyber Warfare is NOT About "Cyber-Enabling" Regular Terrorism

WHAT IS CYBER WARFARE THEN ?

Low-intensity persistent asymmetric economic cyber attacks, such as spam Let’s start by looking at spam.

WHAT IS CYBER WARFARE THEN ?

Cyber attacks on fundamental Internet protocols such as DNS (the domain name system) or BGP (the Internet’s wide area routing protocols)

WHAT IS CYBER WARFARE THEN ?

Kinetic ("physical") attacks on high value Internet “choke points” such as cable landing sites or Internet exchange points

WHAT IS CYBER WARFARE THEN ?

Operations conducted against critical civilian infrastructure such as industrial control systems (so-called “SCADA” systems)

WHAT IS CYBER WARFARE THEN ?

• Strategic high altitude strikes aimed at destroying or disrupting national infrastructure on a wide-scale through electromagnetic pulse (EMP) effects

INTERNATIONAL LAW

• Since the provisions of international agreements supersede the provisions for international cooperation, not only bilateral agreements but also multilateral agreements among nations must be signed.

• UN Security Council should also focus on cyber terrorism threat. Most of the permanent members of the Council are also the most vulnerable and targeted countries in the world.

• These countries also host most of the international cyber attacks.

• A robust, international legal framework under UN that addresses cyber aggression is the most critical component of a comprehensive approach to deter cyber attack, much more critical than national offensive and defensive cyber capabilities.

• International law and norms are fundamental to deterrence because states “share an interest in adopting or codifying common standards for the conduct of international transactions...or in promoting or banning specific kinds of behavior by” states.

• In this way, international law builds the framework that guides how and when states employ offensive and defensive cyber capabilities and forms the foundation of cyber deterrence. International law adds certainty to punitive actions and amplifies the costs of cyber attack by engendering a negative response from the international community, not just from the attacked state

INCIDENTS

• On 21 November 2011, it was widely reported in the U.S. media that a hacker had destroyed a water pump at the Curran-Gardner Township Public Water District in Illinois. However, it later turned out that this information was not only false, but had been inappropriately leaked from the Illinois Statewide Terrorism and Intelligence Center.

• On 6 October 2011, it was announced that Creech AFB's drone and Predator fleet's command and control data stream has been key logged, resisting all attempts to reverse the exploit, for the past two weeks.The Air Force issued a statement that the virus had "posed no threat to our operational mission".

• In July 2011, the South Korean company SK Communications was hacked, resulting in the theft of the personal details (including names, phone numbers, home and email addresses and resident registration numbers) of up to 35 million people. A trojaned software update was used to gain access to the SK Communications network. Links exist between this hack and other malicious activity and it is believed to be part of a broader, concerted hacking effort.

• Operation Shady RAT is an ongoing series of cyber attacks starting mid-2006, reported by Internet security company McAfee in August 2011. The attacks have hit at least 72 organizations including governments and defense contractors.

INCIDENTS

• On 4 December 2010, a group calling itself the Pakistan Cyber Army hacked the website of India's top investigating agency, the Central Bureau of Investigation (CBI). The National Informatics Center (NIC) has begun an inquiry.

• On 26 November 2010, a group calling itself the Indian Cyber Army hacked the websites belonging to the Pakistan Army and the others belong to different ministries, including the Ministry of Foreign Affairs, Ministry of Education, Ministry of Finance, Pakistan Computer Bureau, Council of Islamic Ideology, etc. The attack was done as a revenge for the Mumbai terrorist attacks.

• In October 2010, Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said Britain faces a "real and credible" threat from cyber attacks by hostile states and criminals and government systems are targeted 1,000 times each month, such attacks threatened Britain's economic future, and some countries were already using cyber assaults to put pressure on other nations.

• In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. The worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare.

• In July 2009, there were a series of coordinated denial of service attacks against major government, news media, and financial websites in South Korea and the United States. While many thought the attack was directed by North Korea, one researcher traced the attacks to the United Kingdom.

INCIDENTS

• Russian, South Ossetian, Georgian and Azerbaijani sites were attacked by hackers during the 2008 South Ossetia War.

• In 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian organization". During the election campaigns and riots preceding the election, there were cases of Denial-of-service attacks against the Kyrgyz ISPs.

• In September 2007, Israel carried out an airstrike on Syria dubbed Operation Orchard. U.S. industry and military sources speculated that the Israelis may have used cyber warfare to allow their planes to pass undetected by radar into Syria.

• In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. The largest part of the attacks were coming from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted.

EFFORTS AT PROHIBITION

• The Shanghai Cooperation Organization (members of which include China and Russia) defines cyberwar to include dissemination of information "harmful to the spiritual, moral and cultural spheres of other states".

• In September 2011, these countries proposed to the UN Secretary General a document called "International code of conduct for information security".

• The approach was not endorsed by western countries as it entailed too many hints on political censorship of the internet.

• In contrast, the United States' approach focuses on physical and economic damage and injury, putting political concerns under freedom of speech.

• In June 2013, Barack Obama and Vladimir Putin agreed to install a secure Cyberwar-Hotline providing "a direct secure voice communications line between the US cybersecurity coordinator and the Russian deputy secretary of the security council, should there be a need to directly manage a crisis situation arising from an ICT security incident."

THANK YOU

Mobile:+919821763157

cyberlawconsulting@gmail.com

www.prashantmali.com