National Defence University, Islamabad Pakistan
National Defence University, Islamabad Pakistan
National Defence University, Islamabad Pakistan
PAKISTAN
NSWC 2011/12
become a reality over the years and which has been employed by a variety of players for obtaining
objectives in the domain of military as well as political and corporate fields. The paper digs out ways
and means adopted by these identities to create certain effects over the targeted entities. The paper
also covers the inherent flaws of internet which allow for certain actors to exploit the vulnerabilities
of the internet and target its users at will. An account of different cyber-attacks in the military and
nonmilitary domain allows the reader to absorb the magnitude of threat along with the diversity of
its manifestation. An effort has been made to evaluate the possibility for establishment of cyber
arms control and cyber security regimes. Purely in the military domain, the impact of Information
Operations and Information Warfare Operations capabilities and our own vulnerabilities in this
regard have been highlighted. The degree of importance accorded to cyber warfare by countries like
US and China as evident through their doctrines and training besides development of weapons and
techniques amply highlights the importance of the subject. Finally, objective analyses followed by
certain relevant recommendations have been compiled to offer a road map to exploit the available
ACKNOWLEDGEMENTS
RESTRICTED
2
RESTRICTED
First and foremost, I must acknowledge the guidance and support afforded to
input, it would not have been possible to produce this thesis in its finalized form. I
MuneerAfsar and Lieutenant Colonel Muhammad Irfan in the collection of useful data
pertaining to the topic of research. Finally, the support of National Defence University
was vital to have provided me the environment and assistance to produce this paper.
RESTRICTED
3
RESTRICTED
TABLES OF CONTENTS
Seria Content Page
l
1. Declaration ii
2. Abstract iii
3. Acknowledgements iv
4. List of contents v
RESTRICTED
4
RESTRICTED
9. Bibliography 29
RESTRICTED
5
RESTRICTED
CHAPTER - 1
RESTRICTED
6
RESTRICTED
have given reality to the concepts previously found in the realm of science fiction
only. In this new form of warfare, bloodless war theatres will emerge where battles
will be fought to attain better situational awareness and information dominance
whereby information warriors may succeed in stopping a war even before it starts or,
wage war in a wholly new dimension.
2
Byard Q. Clemmens, “Cyberwarfare: Ways, Warriors and Weapons of Mass Destruction”, Military
Review, September/October 1999, V.79, P.35.
3
Pakistan Computer Emergency Response Team. “The Future of Computers & Internet Cyber
Warfare”.[Online] Available http://pakcert.com.pk/cyberwarfare/
RESTRICTED
7
RESTRICTED
c. Characteristics4
(1) Low Entry Cost. The cyber weapon technologies do not require
sizeable financial resources or state sponsorship. The only
prerequisite for cyber warrior is expertise of the system, and
access to important target information and data network.
(2) Blurred Traditional Boundaries. In cyberspace, the boundaries
between nations and private-sector organizations are porous,
rendering distinctions between war and crime, and between
public and private interests, less meaningful. Similarly distinction
between foreign and domestic sources of cyber threat and
actions is difficult.
(3) Difficulty of Warning and Attack Assessment . There will be
formidable problems in distinguishing between cyber warfare
attacks and other kinds of activities and events, such as
espionage, accidents, system failures, and hacker pranks. An
4
RAND. “Strategic War in Cyberspace”. [Online] Available http://www.rand.org/publications/
RB/RB7106/ 106.html, January 1996.
RESTRICTED
8
RESTRICTED
RESTRICTED
9
RESTRICTED
RESTRICTED
10
RESTRICTED
RESTRICTED
11
RESTRICTED
RESTRICTED
12
RESTRICTED
RESTRICTED
13
RESTRICTED
dig out ways and means adopted to achieve a particular end. It also helps
determining whether these attacks are a standalone affair or a non kinetic application
in a long drawn campaign which may include certain kinetic means as well. Some of
these attacks are briefly covered here.
a. Military Domain
(1) Titan Rain – 2003
(a) This incident involved extraction of 10 – 20 tetra
bytes of data off the Pentagon’s unclassified network by
alleged Chinese cyber warriors.
(b) Chinese military were reported to have created a
facility in Cuba to monitor US internet traffic and
Department of Defense communications.
(2) Syrian Nuclear Facility Attack – September 2007 9
(a) Israeli F-15 Eagles and F-16 Falcons raided an
alleged Nuclear Facility being built by Syria with North
Korean assistance on 6 September 2007.
(b) Syrian Air Defence Network was ‘owned’ by
Israeli Air Force that night since all radars were blank and
ground based controllers which were required to guide air
defence missile systems did not see or do anything.
(c) This was made possible through cyber assault
on the Syrian Air Defence system. There were at least
three different options available to the Israeli cyber
warriors to manage the attack, covered briefly below:
i. A stealth unmanned aerial vehicle (UAV)
flown in Syrian air space earlier into Syrian Air
Defence Radar’s beam could have sent back
computer packets back to the system that could
have made the system malfunction.
ii. Israeli agents could have compromised
the Russian computer code controlling the Syrian
Air Defence network by slipping a trapdoor into the
9
Ibid, 7.
RESTRICTED
14
RESTRICTED
10
‘’Significant Cyber Incidents Since 2006’’.[Online] Available http://techploicy@csis.org, 29.
11
Ibid, 66.
12
Richard A Clarke and Robert K Knake, Cyber War, (Harper Collins Publications, USA, 2010), 99.
RESTRICTED
15
RESTRICTED
13
‘’Significant Cyber Incidents Since 2006’’.[Online] Available http://techploicy@csis.org.
RESTRICTED
16
RESTRICTED
CHAPTER – 2
RESTRICTED
17
RESTRICTED
(3) Use internet (which includes sites from all the major
news sources) to spread false information or simply disable all
the news sources on the internet.
(4) Zero out financial accounts of the important
government or private offices, institutions or persons.
(5) Misroute trains, collapse the air traffic control system
and cause failure of all utilities.
(6) Through hacking change the composition of steel at a
mill to make it vulnerable to cracking in extreme hot/cold
weather or manipulate components of a food product to add
some amounts more than the normal so that it is large enough
to become toxic.
(7) Through computer malfunctions cause detonation or
failure of military weapon systems, leaving a country vulnerable
to conventional, or worse, WMD attack.
(8) Cause widespread environmental damage through
explosions at computer-controlled chemical factories,
undetected leaks in the oil pipelines and the bursting of dams.
(9) Fatalities that would result from these attacks include
deaths from transportation accidents, deaths from exposure to
extreme heat or cold caused by power failures, drowning from
burst dams, riots, and the list goes on.
9. Need of Cyber Arms Control and Cyber Deterrence . The world
needs cyber arms-control as well as cyber- deterrence. Such treaties have been
resisted till now by most countries for fear that they could lead to rigid global
regulation of the internet. Moreover US feels that such treaties will ultimately result in
undermining the dominance of American internet companies, stifling innovation and
restricting the openness that underpins the net. Perhaps America also fears that its
own cyber war effort has the most to lose if its well-regarded cyber spies and cyber-
warriors are reined in.
10. Redefining Cyber Security. We have advanced into an age
where cyber security has assumed greater importance in view of the enhanced
capabilities and resource mobilization available to various state and non state actors
RESTRICTED
18
RESTRICTED
to initiate what is known as cyber terrorism and was regarded a distant possibility.
The world view, especially in the West is fast adjusting to the growing reality. Some
interesting aspects of cyber security confronted by managers and administrators
today are covered in subsequent paragraphs 14.
a. To assume that cyber terrorism would be aimed at critical
infrastructure allowed governments to assign their security
responsibility to the private sector since it owned most of this critical
infrastructure; however this approach is fast losing its credentials.
b. Military and intelligence services and recruited proxy forces
like hackers and criminals can carryout specific tasks.
c. Stealing of intellectual property and confidential business
information by foreign governments, companies or citizens poses a
serious cyber security issue in a world dominated by greater
connectivity and easier access.
d. Politics of a target country can be manipulated through denial
of service attacks, leaks of material obtained through hacking and other
sophisticated exploits without hiring any mob to do so.
e. Cyber crimes are a growing reality. These extract money from
financial institutions and sometimes, continue under the noses of
intelligence and law enforcing agencies since these criminals are being
tolerated for their contributions elsewhere.
f. A need has also risen to redefine an ‘attack’. The United
Nations Charter, and The Hague and Geneva Conventions make clear
that an attack involves physical destruction and casualties.
g. Espionage and state-sponsored crime do not qualify as
attacks and do not justify the use of military force in response.
11. Information Operations. Information Operations are defined
as actions taken to affect adversary information and information systems while
defending one’s own information and information systems. Gathering, exploiting and
protecting information have been critical elements in command, control and
intelligence throughout the history. In future, the significance of information will never
14
Sasakawa Peace Foundation Tokyo, Paper presented on 12 September 2011 titled ‘’Rethinking
Cybersecurity – A Comprehensive Approach, [Online] Available http://techploicy@csis.org,
(accessed December 2011)
RESTRICTED
19
RESTRICTED
change. The difference will reside in the increased access to information and
improvements in the speed and accuracy of prioritizing and transferring data brought
about by advances in technology. While the friction and the fog of war can never be
eliminated, new technology promises to mitigate their impact. Information Operations
capitalize on the growing sophistication, connectivity, and reliance on Information
Technology.15 The definition of Information Warfare and Information Operations are
broad and include every tool at the nation’s disposal, including Electronic Warfare,
Command and Control Warfare(C2W), Operational Security (OPSEC), military
deception, Psychological Operations (PSYOPS), Physical attack, Computer Network
Attacks (CNA), Command and Control warfare and Special Information Operations
(SIO), physical security etc. Such an all-inclusive definition makes discussion of
Cyber specific issues impractical if not possible. Importance of Information
Operations can be gauged by the statement of Jamie Shea (NATO Spokesman) in
2000 “Public opinion in modern conflict is much more likely to be critical because it is
presented by the media only with short term side effects and the immediate costs of
military action. It is not presented with the long term benefit.
a. Forms of Information Operations16. Due to paucity of
space, these techniques are only being listed here:
(1) Electronic Warfare Operations.
(2) Electronic attack.
(3) Electronic protection.
(4) Electronic warfare support.
(5) Computer network operations.
(6) Psychological operations.
(7) Military deception.
(8) Counter intelligence.
(9) Counter propaganda operations.
(10) Public affairs operations.
b. Capabilities of Information Operations17
(1) Core Capabilities. Electronic Warfare, Computer
Network Operations, Psychological Operations, Military
15
Joint Doctrine for Information Operations, US Joint Pub 3-13, 9 October 1998.
16
Major General Imtiaz Hussain Sherazi, Information Operations, their scope and impact on Pakistan’s
security, Pakistan Army Green Book, 2010, (Instant Print System, 2010), 81.
17
Ibid, 84.
RESTRICTED
20
RESTRICTED
18
Ibid, 84.
RESTRICTED
21
RESTRICTED
RESTRICTED
22
RESTRICTED
RESTRICTED
23
RESTRICTED
CHAPTER – 3
22
Richard A Clarke and Robert K Knake, Cyber War, (Harper Collins Publications, USA, 2010), 112.
RESTRICTED
24
RESTRICTED
RESTRICTED
25
RESTRICTED
RESTRICTED
26
RESTRICTED
RESTRICTED
27
RESTRICTED
CHAPTER – 4
16. Analysis
a. Possibility of Cyber Wars. Cyber wars are possible due
to following:
(1) Existing design of internet.
(2) Flaws in software and hardware.
(3) Allowing critical machines to be controlled from cyber
space.
b. The world is slowly but surely graduating into the threshold of
overt cyber attacks.
c. There is need to agree on modest accords or ‘informal’ rules
of the road to begin with that would raise the political cost of cyber
attacks. The requirement to establish "norms of acceptable behavior in
cyberspace" has to be given due consideration by all nations.
d. Subsequently, but not delaying inordinately, there is a need to
have cyber weapons treaties to prevent cyber wars.
e. Non kinetic application/ warfare, of which cyber warfare is
perhaps the most lethal tool, may accompany most future wars or be
conducted as a standalone activity.
f. Cyber warfare is a global trend.
g. Unlike nuclear capability, cyber war capabilities cannot be
demonstrated.
h. There is a need to have cyber arms control and cyber
deterrence regimes in place to have a coordinated global approach to
counter cyber threats.
RESTRICTED
28
RESTRICTED
RESTRICTED
29
RESTRICTED
17. Recommendations
a. National Level
(1) National Information Security Policy .
Pakistan does not have a national Information Security Policy
based on common standards across the entire length and
breadth of the country. The Government needs to chalk out, in
consultation with the corporate sector, Information Technology
Division and military authorities, a comprehensive National
Information Security standard.
(2) There is a need to establish an Information Technology
Security Task Force.
(3) The government needs to consider provision of certain
incentives to private sector for both computer hard and software
development and manufacture.
(4) All communication and computers relying setups must
be shielded through cyber and net war security systems as part
of a comprehensive cyber security strategy.
(5) Mandatory Information Technology Literacy.
There is a need to introduce mandatory Information
Technology literacy courses for all levels of civil and military
personnel and to make Information Technology literacy a
prerequisite for induction into a particular position of influence in
both civil/ military domains.
(6) Comprehensive Legislation to Combat Cyber
Crime. A comprehensive legislation to combat cybercrime
RESTRICTED
30
RESTRICTED
RESTRICTED
31
RESTRICTED
RESTRICTED
32
RESTRICTED
RESTRICTED
33
RESTRICTED
20. Bibliography
a. Clarke, Richard A and Knake, Robert K. Cyber War, (Harper
Collins Publications, USA, 2010).
b. Clemmens, Byard Q. “Cyber Warfare: Ways, Warriors and
Weapons of Mass Destruction”, Military Review, September/October
1999.
c. Pakistan Computer Emergency Response Team. “The Future
of Computers & Internet Cyber Warfare”. [Online] Available
http://pakcert.com.pk/cyberwarfare/.
d. RAND. “Strategic War in Cyberspace”. [Online] Available
http://www.rand.org/publications/ RB/RB7106/ 106.html.
e. Gershwin, Lawrence K. “Cyber Threat Trends and U.S.
network Security”. Speech, U.S. Joint Economic Committee: 21 June
2011. [Online] Available http://www.cia.gov/nic/speeches/testimony/.
f. Campen, Alan D, Dearth, Douglas H and Goodden, R.
Thomas. Cyberwar: Security, Strategy and Conflict in information Age.
(New Delhi: Bookmart Publishers, 2000).
RESTRICTED
34
RESTRICTED
RESTRICTED