Cyber warfare is a real threat and it is happening as we write. Government and corporate cyber resources are under attack around the globe. Nowhere has this been as apparent than with all the recent news about North Korea. The closed-off country has been making waves in the news recently after being credited for several cyber-attacks on the UK and US throughout November. The scariest part is how easy and risk-free this has been for them so far and is a real sign that we as countries need to beef-up our cyber security just as much as our physical security.
Of course, North Korea is only the most recent case of cyber warfare in the world. There are many other case studies we can look at from the past. Earlier this year the Department of US Navy was hacked through contractor emails. 134,000 sailors had their personal information and social security numbers stolen. This information will likely be sold for use in identity theft. This is not just stealing information to make credit cards and buy stuff on a fictitious account. This hack is more. This is cyber warfare. This hack is compromising the families and distracting the focus of service men and women in the Navy.
Many divisions of the military have been preparing for Cyber Warfare for years. The People’s Liberation Army Unit 61398 is a division of the Chinese military that is dedicated to hacking corporations and governments around the world. A report by computer security firm Mandiant provided detail on this organisation and, after many diplomatic denials, the Chinese government confirmed the existence of the group.
There were allegations of foreign hacking last year that are still being investigated. This is surrounding the Russian hacking groups that were very active in trying to influence the outcome of the 2016 United States election. This is Cyber Warfare on another scale as one country could manage to manipulate the political climate of a rival country and possibly get away with it entirely.
Cyber warfare is our biggest threat today. It is more effective than blowing up buildings and roads. It is more effective than killing and capturing opposing forces. It is the warfare of the 21st century. It is warfare that captures minds and hearts, not just bodies. The new bombs are fake news, leaked emails and violent propaganda. The United States spends hundreds of billions of dollars on new fighter jets, bombs and automatic weapons. Yet, the Marine Corps database, managed on contract with HP, was not secured. This is what allowed SQL injection breach to the Marine Corps Intranet by the Navy hackers noted above.
Two years ago the British Government announced that they would be spending £1.9 billion on cyber security over a 5 year period, effective as of the 1st November, 2016, and we have begun to see the effects of this with new cyber security centres being erected and government backed training schemes in cyber security for over 2 million people. These are all a step in the right direction but when you compare it to the military budget of 2016, a staggering £35.1 billion, it feels like cyber warfare is not being treated as seriously as it should. It does not help that the recent Autumn 2017 budget makes no mention of increases to cyber security or that many UK business’ are actually slashing their cyber defence budgets. Perhaps the recent cyber security attacks will act as a signal that we as a country need to step up our cyber security game.
For the time being, however, it is also important to recognise and act on the urgent need for vigilant management of network security profiles, continuous training, and permanent monitoring and management with tools that are available now.
Tapping links and utilising Firewalls, Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP) and other threat landscape reduction tools are a promising start to deterrence of debilitating breaches from foreign governments as well as domestic hackers. Packet Brokers are capable of providing simplified connection of multiple security tools. These devices allow mapping of data flows to specific tools and provide fail-safe protection to the network in case one of the security tools goes off line. Further, tools may be connected redundantly for maximum security without compromising network availability.
Cyber warfare is the new battlefield. It is quiet but effective. It is hidden from public view but very much a public threat. We have some good tools to fight it now but must up our game for the future. Military investment must maintain our traditional fighting forces but must also support a rapid transition to fighting a new type of war.