As our infrastructure becomes more and more dependent on modern computer systems, software, and networking, it has also become vulnerable to an entirely new form of warfare. Several recent events indicate that Cyber warfare is developing rapidly, and software that is relatively easy to develop has proven to be considerably dangerous. In addition, concerns about the use of social engineering and the use of bots to spread propaganda and potentially influence elections have been raised repeatedly since the US election. Several countries have been experimenting with such technological warfare capabilities, and this has created a new global landscape that policymakers and voters need to be aware of. The reality is that conventional foreign policy and military tools simply do not work against cyber-attacks, whether they are state-sponsored or not.
Governments and intelligence agencies have been interested by the possibility of using software as a weapon of war ever since the first pieces of malware, such as the ‘Elk Cloner’ and ‘Brain.net virus’ appeared in the 1980s. However, their destructive potential was limited, as very few pieces of crucial infrastructure depended on computer systems, and even fewer on networked systems that could be accessed remotely. Today, trains, hospitals, educational institutions, air-traffic control, power plants and countless other essential services depend on networked computer systems, and so the potential for cyber-attacks causing damage has increased. Perhaps the most damaging incidence of such an attack to date was the use of Stuxnet, a malware programme believed to have been developed by US Intelligence agencies, to cripple Iranian nuclear enrichment facilities in 2010.
More recently, several hospitals in the UK were affected by the WannaDecryptor (or WannaCry) malware, which encrypted important computer files, making them inaccessible, and demanded ransom, while using the NHS network to spread itself to other computers. According to the National Audit Office, at least 81 NHS trusts across England were affected. This was clearly either a prototype or developed unprofessionally, as it was linked to an unregistered domain that acted as a kill switch, which was discovered by a researcher at Malware Tech Blog who used it to disable the attack. Although the origins of this malware are still unknown, it is unlikely that a cyber-weapon developed by a state would have such a kill switch built into it, so a more likely explanation is that this was simply an attempt by civilian hackers to make money by holding computer systems to ransom. A similar programme called ‘Petya’ later targeted Ukrainian and German banks. Losses as a result of such attacks in 2017 were estimated to be around $4 billion USD.
The 2016 Democratic National Committee (DNC) hack in the US has also been cited as an example of cyber warfare, and despite the lack of evidence, many have speculated that it was orchestrated by the Russian Government to manipulate the US elections. This example illustrates a major issue with the way in which politicians have apparently failed to understand the nature of this new threat – former US Secretary of State and Presidential nominee Hilary Clinton, in a campaign speech, stated that she would ‘treat cyber-attacks just like any other attacks’, and threatened to use ‘economic, diplomatic, and military’ measures against Russia. Such an approach is misguided – firstly, it is almost impossible to know for certain whether or not any given cyber-attack is state-sponsored or not. Secondly, cyber-attacks are not the same as any other attack; they are fundamentally different in many ways. For example, attacks can be launched from multiple different locations around the world simultaneously and location data can easily be falsified or concealed.
Aggressive policy and threatening to use physical weapons is not the answer to the challenge of cyber weapons. Neither is Theresa May’s increasingly Orwellian surveillance and data collection policy.
What is needed is a more sensible, defensive policy – investment in basic computer security measures, such as regularly updating software (which could have protected the NHS from the WannaDecryptor attack), setting up backup networks, isolating critical networks from the internet, and developing low-tech backups to be used in emergencies. Despite this being a very technical issue, most of these concepts are common sense. An employee clicking on an infected internet link should never lead to entire hospital networks being paralyzed for days – computers being used to access the internet should be kept isolated from such critical infrastructure. All this can be implemented with a fraction of the cost of the government’s current £1.9 Billion strategy, and would be significantly more effective at preventing cyber-attacks as well as reducing the impact of everyday cybercrime.
As technology improves in areas such as AI and Machine Learning, it is likely that malware and other forms of technological warfare will become more potent. The government has been spending billions on defence projects such as the new aircraft carriers, presumably in an attempt to revitalise Britain’s traditional power-projection capability.
Perhaps defending against the weapons of the future should be a higher priority than fighting the cold wars of a bygone era.
By Bilal Asghar