Defiant North Korea appears to feel like demonstrating its military wherewithal. After successfully conducting a nuclear test,and a series of missile tests,they have now targeted cyberspace. During the first week of July the websites of the US White House and South Koreas equivalent,the Blue House,were attacked,as were a few other US and South Korean government sites. The impact of this particular attack was limited; however,the attack demonstrates that bloodless cyber-warfare is a real possibility and needs to be addressed accordingly.
One characteristic of cyber-warfare is that it is very difficult to conclusively assign responsibility. This attack is no exception; the North Korean government has not accepted any responsibility,either. However,South Korean experts share the opinion that the attacks originated from North Korea and from some servers/ computers from the US,probably operated by North Korean sympathisers. Experts feel that these attacks are based on the code base of a very old virus called MyDoom. Some circumstantial evidence exists that the attacks were devised to target Korean language systems and the attacker may have used a Korean language email format.
North Koreas disgruntlement is largely because the South Korean administration has stopped the aid promised under the Sunshine Policy. Earlier,they tested missiles on the US Independence Day and now it appears that these attacks were in reaction to the US freezing their bank accounts in Malaysia. They were nowhere close to achieving classic objectives the destabilisation of enemy IT architecture or damaging its economic activity but did succeed in leading some to look again at whether crucial IT is protected.
The attack may have failed,but the world must take note of it anyway. It will,after all,go down in history as the first cyber-attack undertaken by one state against others,as a straightforward policy choice. (The large-scale infection,howsoever mild,it caused convinced South Korean experts that it was well-conceived,coordinated and could not have been launched without state backing.) If they were launched with actual expertise behind them,the attacks could have created havoc. In the year 2007,the small Baltic state of Estonia was brought to a standstill by a three-week wave of grassroots cyber-attacks.
India,living with terrorist threats to daily life for two decades,needs to take cyber-warfare/ cyber-terrorism very seriously. Some groups have received state support; most recently,it was reported that elements in the Pakistani state provided technological support to terrorist groups to
allow them to use their satellite phones without being heard,demonstrating a willingness to experiment with technology. Tomorrow,it is possible that international pressure will cause them to increase their emphasis on bloodless cyber-terrorism.
Then,of course,there is the long-held suspicion that various recent attacks on the computer networks of the Indian ministry of external affairs had a Chinese angle to them. (The Chinese have also been accused of hacking into the Pentagon computer networks.) Were North Korea to wish to develop expertise in this field,the obvious place for them to turn to again is China. The South Korean defence ministrys recent allocation of $20.33 million to beef up security for its computer systems clearly indicates the seriousness of this threat.
And,most importantly,during the last month the US military announced the creation of a new cyber-command which could play both a defensive and offensive role. Pentagon intended their decision to reflect how serious the threat is. But,in reality it is very difficult to prejudge a cyber threat it could come from a terror group or a state or even from an individual. As Indias dependence on IT tools increases,in both civilian and military spheres,its military needs to look to such examples. The future online world isnt secured; India needs to formulate its security structures and put them in place well in time.
The writer researches non-traditional threats to national security at the Institute for Defence Studies and Analyses,Delhi
express@expressindia.com
