CYBERSPACE: THE FIFTH DIMENSION OF WARFARE - PART I
Sections
Introduction
Cyberspace – An Operational Domain of Warfare
Types of Cyber-Attacks
Some Noteworthy Cyberwar Classifications
References
Introduction
The dimensions of warfare have evolved over the centuries from Land and Sea to encompass Air and Outer Space in the 20th Century. While land is integral to a nation, occupied and defended, sea and air are common pool resources that are sought to be dominated even beyond own territory. The decade of the sixties saw the emergence of space as the new arena of competition, with the proliferation of satellites and missiles driving the cold war. Technological developments have driven lethality, range and speed in all four domains to their maximum limits.
With the heavy dependence on networks in the 21st Century, Cyberspace is emerging as an increasingly contested domain, with critical importance for the projection of military force. In fact, Cyberspace has been formally designated by many nations in their respective military doctrines as the fifth dimension of warfare. This emergence is the arguably the most important and fundamental change in the nature of warfare over the past several decades. Networks are emerging as future battlefields, where cyber weapons will attack and defend at electronic speeds, using strategies and tactics which are still evolving. An earlier post, “From Battlefield to Battlespace,” dwells upon the multi-dimensional nature of the global arena of conflict in current times.
It merits mention here that while attacks in cyberspace may be carried out by individuals, groups and organisations for their respective benefits, in the context of warfare only those cyber-attacks are of relevance which have strategic significance from the perspective of national security.
In this two-piece write-up, we discuss the emergence of Cyberspace as an operational domain of warfare, deliberate on types and classifications of cyber-attacks/ cyberwar, briefly describe some real-world examples of cyberwar over the past decade, and finally dwell upon certain doctrinal aspects related to offensive cyberwar strategies as well as some legal implications of conducting cyberwar.
Cyberspace – An Operational Domain of Warfare
Reasons for Emergence
Some of the reasons for the emergence of cyberspace as an operational domain of warfare are as under [1]:-
- Cyberspace provides an effective mechanism to integrate the sensor, shooter and command & control grids into a tightly integrated Observe-Orient-Decide-Act (OODA) loop, enabling the conduct of Network Centric Operations.
- With increasing dependence on cyberspace for capabilities in the other four domains of land, sea, air and space to function effectively, cyber-attacks may be employed to degrade these capabilities, and thus contribute in significant ways to degrade enemy combat potential in a multi-domain conflict.
- Capabilities in cyberspace are gradually reaching a stage where cyber-attacks on their own may achieve significant destructive effects in the physical world. The Stuxnet attack on Iran’s centrifuges in 2010 provided a good demonstration of such potential. These capabilities would raise the importance of cyber-weapons to a whole new level.
- Due to its asymmetric nature, cyberspace can be exploited by a less powerful adversary to offset military capabilities in the other domains. For the same reason and also because of its “non-attributable” and “long-range” characteristics, cyberspace can be used effectively by state and non-state actors as an asymmetric means of warfare for terrorist activities as well as sub-conventional operations.
- Due to its reach and pervasiveness, cyberspace provides unprecedented opportunities for the conduct of psychological operations as part of an integrated operational plan.
Doctrinal Sanctity
Nations across the world are gradually incorporating cyberspace as an operational domain of warfare in their doctrinal literature. The US considers Cyberspace as an operational domain, as per its Strategy for Operating in Cyberspace of 2011 [2], which states that “DoD must ensure that it has the necessary capabilities to operate effectively in all domains – air, land, maritime, space, and cyberspace. At all levels, DoD will organize, train, and equip for the complex challenges and vast opportunities of cyberspace.” Its doctrine on Cyberspace Operations of 2013 also states that “Cyberspace, while a global domain within the information environment, is one of five interdependent domains, the others being the physical domains of air, land, maritime, and space.” India too, in its Joint Services Doctrine – 2017, refers to Cyberspace as an operational domain [3]. Although the latest military doctrines of other major global players, such as China and Russia, are not available in the open domain, it is evident from the resources and capabilities being developed by them that cyberspace is being treated them as an operational domain, which is also the case with most of the advanced militaries in the world.
Defining Cyberspace
Cyberspace consists of many different and often overlapping networks, as well as the nodes on those networks, and the system data that support them. Though not all nodes and networks are globally connected or accessible, cyberspace continues to become increasingly interconnected. Networks can be intentionally isolated or subdivided into enclaves using access controls, encryption, disparate protocols or physical separation. With the exception of physical separation, however, none of these approaches eliminate underlying physical connectivity but only limit access.
A formal definition of Cyberspace does not appear to exist in any military doctrine as of now, perhaps because of its intangible and dynamically changing characteristics. However, as per US DoD Joint Publication 3-12 of 2013, cyberspace operations (CO) rely on “an interdependent network of IT infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers, and the content that flows across and through these components [4].”
Cyberspace – A Layered View
Cyberspace can be viewed as three layers (physical, logical, and social) made up of five components (geographic, physical network, logical network, cyber persona, and persona) (see figure below) as under [5]:-
- The physical layer includes the geographic component and the physical network component. The geographic component is the physical location of elements of the network. While geopolitical boundaries can easily be crossed in cyberspace at a rate approaching the speed of light, there is still a physical aspect tied to the other domains. The physical network component includes all the hardware and infrastructure (wired, wireless, and optical) that supports the network and the physical connectors (wires, cables, radio frequency, routers, servers, and computers).
- The logical layer contains the logical network component which is technical in nature and consists of the logical connections that exist between network nodes. Nodes are any devices connected to a computer network. Nodes can be computers, personal digital assistants, cell phones, or various other network appliances. On an Internet Protocol (IP) network, a node is any device with an IP address.
- The social layer comprises the human and cognitive aspects and includes the cyber persona component and the persona component. The cyber persona component includes a person’s identification or persona on the network (e-mail address, computer IP address, cell phone number, and others). The persona component consists of the people actually on the network. An individual can have multiple cyber personas (for example, different e-mail accounts on different computers) and a single cyber persona can have multiple users (for example, multiple users accessing a single eBay account). This holds important implications for the Armed Forces in terms of attributing responsibility and targeting the source of cyber action. It also means that the Armed Forces will require significant situational awareness, forensic, and intelligence capabilities to counter the complex cyber threat landscape.
Inter-Dependence of Domains
CO rely on links and nodes that reside in the physical domains and perform functions experienced both in cyberspace and the physical domains of Land, Sea, Air and Space. For example, network servers may reside in a land-based data complex or at sea aboard warships, and network transmissions pass through air and space and even underwater. Similarly, activities in cyberspace can enable freedom of action for activities in the physical domains. Activities in the physical domains can create effects in and through cyberspace by affecting the electromagnetic spectrum or the physical infrastructure. The relationship between space and cyberspace is unique in that virtually all space operations depend on cyberspace and a critical portion of cyberspace can only be provided via space operations. Space provides a key global connectivity option for CO. Conversely, CO provide a means by which space support is executed. These interrelationships are important considerations across the spectrum of war-fighting domains [6].
Types of Cyber-Attacks
Although there are many different ways in which cyber-attacks have been classified, a categorisation which is very relevant to the current discussion is one based on the intention behind the cyber-attack. As per this criteria, cyber-attacks and their corresponding perpetrators may be classified under five heads, as under [7]:-
- Cyber-Crime. This is carried out by Cyber-thieves, who are individuals who engage in illegal cyber-attacks for monetary gain. Examples include an individual who illegally steals and uses or sells credit card numbers, or someone who deceives a victim into providing access to a financial account. There could be organised cyber-crime groups too carrying out cyber-crime activities.
- Cyber-Hactivism. Attacks under this category are carried out by Cyber-activists, who are individuals who perform cyber-attacks for pleasure, philosophical, political, or other nonmonetary reasons. Examples include someone who attacks a system as a personal challenge (a “classic” hacker), and a “hacktivist” such as a member of the cyber-group Anonymous, who undertakes an attack for political reasons. The activities of such individuals or groups can range from nuisance-related denial of service attacks and website defacement to disrupting government and private corporation business processes.
- Cyber-Espionage. Such cyber-attacks are carried out by Cyber-spies, who are individuals who steal classified or proprietary information used by governments or private corporations to gain a competitive strategic, security, financial, or political advantage. These individuals often work at the behest of, and take direction from, adversary government entities. Targets include government networks, cleared defense contractors, and private companies.
- Cyber-Terrorism. Cyber-terrorists are state-sponsored and non-state actors who engage in cyber-terrorism to pursue their objectives. Transnational terrorist organizations, insurgents, and jihadists may use the Internet as a tool for planning attacks, radicalization and recruitment, a method of propaganda distribution, and a means of communication, and for disruptive purposes. Cyberterrorists may also seek a destructive capability to exploit vulnerabilities in critical infrastructure in order to carry out physical destruction through cyberspace in pursuit of their agenda.
- Cyberwar. Cyberwar is a term which is often used in a generic sense to refer to all types of cyber-attacks. However, in a specific sense as in its usage here, it refers to attacks carried out by Cyber-warriors of a state in support of a country’s strategic objectives. These cyber-warriors could belong to either a cyber-unit which forms an integral part of the state’s military organisation, or to state-backed militia or hacker groups which act at the behest of the state.
Since this discussion is about cyberspace as an operational domain of conflict, of relevance here are the latter three types of cyber-attacks, namely, cyber-espionage, cyber-terrorism and cyberwar, each of which may be used individually or in a suitable combination to pursue a nation’s strategic objectives, and thus have a bearing on national security strategy.
Some Noteworthy Cyberwar Classifications
There are two other authors whose classification of cyberwar deserve mention, as given out in succeeding paragraphs.
In 1993, a widely-cited US Naval Postgraduate School article, “Cyberwar is Coming!” by two professors, Arquilla J and Ronfeldt D, envisioned two levels of Internet conflict, as under [8]:-
- Netwar. Netwar refers to information-related conflict at a grand level between nations or societies. It means trying to disrupt, damage, or modify what a target population “knows” or thinks it knows about itself and the world around it. A netwar may focus on public or elite opinion, or both. It may involve public diplomacy measures, propaganda and psychological campaigns, political and cultural subversion, deception of or interference with local media, infiltration of computer networks and databases, and efforts to promote a dissident or opposition movement across computer networks.
- Cyberwar. Cyberwar refers to conducting, and preparing to conduct, military operations according to information-related principles. It means disrupting if not destroying the information and communications systems, on which an adversary relies in order to “know” itself. It means trying to know all about an adversary while keeping it from knowing much about oneself, thereby turning the “balance of information and knowledge” in one’s favour, especially if the balance of forces is not.
In 2001, computer scientists from the Carnegie Mellon University Computer Emergency Response Team (CERT) wrote an article for the NATO Review, “Countering Cyber War,” which argued that cyber-attacks would play an increasingly strategic role in warfare and that NATO must immediately begin to plan for the defense of cyberspace. The CERT team described three levels of cyber warfare, as under [9]:-
- Adjunct to Military Operations. The first level is as a simple adjunct to traditional military operations to gain information superiority, such as by targeting an air defense system. However, because military functions such as early warning have an intrinsic strategic value to a nation, a successful cyber-attack against air defense could lead to strategic losses.
- “Limited” Cyberwar. In this second level of cyberwar, civilian Internet infrastructure becomes part of the battleground, and the target list includes some civilian enterprises.
- “Unrestricted” Cyberwar. The third and most serious level is “unrestricted” cyberwar. Here, an adversary seeks to cause maximum damage to civilian infrastructure in order to rupture the “social fabric” of a nation. Air-traffic control, stock exchange, emergency services, and power generation systems could be targets. The goal is to inflict as much physical damage and cause as many civilian casualties as possible.
In this part, the emergence of Cyberspace as an operational domain of warfare, as well as the types and classifications of cyber-attacks/ cyberwar have been discussed. In the next part, some real-world examples of cyberwar over the past decade will be described, and certain doctrinal aspects related to offensive cyberwar strategies as well as some legal implications of conducting cyberwar will be dwelt upon.
References
(1) Skill Development for Cyber Operations – Current Status and Recommended Framework [Restricted], Flash Perspectives, Military College of Telecommunication Engineering, Apr 2016, pp. 3.
(2) Strategy for Operating in Cyberspace, US DoD, July 2011, pp. 5.
(3) Joint Doctrine – Indian Armed Forces, Directorate of Doctrine, Headquarters Integrated Defence Staff, Apr 2017, pp. 13.
(4) Cyberspace Operations, US DoD Joint Publication 3-12, Feb 2013, pp. I-2.
(5) Skill Development for Cyber Operations – Current Status and Recommended Framework [Restricted], Flash Perspectives, Military College of Telecommunication Engineering, Apr 2016, pp. 4.
(6) Network Centric Warfare – Concept, Status and Way Forward for the Indian Army [Restricted], Flash Perspectives, Military College of Telecommunication Engineering, Dec 2015, pp. 15.
(7) Theohary CA & Rollins JW, Cyberwarfare and Cyber Terrorism: In Brief, Congressional Research Service, Mar 2015, pp. 2.
(8) John Arquilla and David Ronfeldt, Cyberwar is Coming! Comparative Strategy, Vol 12, No. 2, Spring 1993, pp. 141–165.
(9) Timothy Shimeall et al, Countering Cyber War, NATO Review, Winter 2001-02, pp. 17.
0 Comments