By Ajay Kapur
New Delhi. 30th October, 2015. Just think what will happen if a large tri-service exercise, that has been underway, is in a crucial phase and a dislocation occurs due to failure of communication and GPS systems , avionics on the latest fourth generation fighter aircraft blanks out, computer-controlled systems in the C-130J and C-17 are not responding, the radar system ANTPQ-37 WLRs goes into seizure and the newly developed tri-service logistic management system is affected by virus and fails.
Modern World has tightly embraced the Internet which is now days indispensable and this irrevocable internet dependency has made cyber space an increasingly attractive target for cyber-attack and other digital catastrophes.
Mostly discussions around ‘National Security’ inexorably gravitate towards defence and intelligence cyber operations and departments such as the Department of Defence and the Attorney-General’s Departments who are deeply engaged in managing National security and sensitive defence industries.
The world has come a long way since nations deployed spy satellites for gathering military intelligence, and developed anti-satellite weapons (ASATs) to destroy each other’s satellites. Though countries heavily rely on satellites for their defense operations, including communications and navigation, they also possess advanced cyber warfare capabilities at present intended to target the critical infrastructure of defence.
India currently ranks 3rd in terms of the highest number of Internet users in the world after USA and China, the number is projected to grow 6-fold between by 2017 with a compound annual growth rate of 44%. India was ranked among the top five countries to be affected by cybercrime, according to report by online security firm “Symantec Corp”.
Cyber-attacks on India increased from about 13,000 in 2011 to 82,000 till mid-2015, with most originating from cyber space of a number of countries including the US, Europe Union, Brazil, Turkey, China, Pakistan, Bangladesh, Algeria and the UAE, as per a report by (CERT-IN) Computer Emergency Response Team-India.
Nearly a third of Indian organizations do not possess the knowledge to prevent cyber-attacks even as the information technology world is turning increasingly vulnerable, according to a recent study by EY’s global information security survey. The criminal ecosystem that has matured to the point which is predominantly not only about stealing intellectual property but typically is associated with state-sponsored espionage. The motives go much beyond financial gain, but possibly to impact the national security. Specialized industries like defense that are at risk for advanced persistent threats.
The high-profile STUXNET worm demonstrated the sophistication of these attacks, this worm was designed to infiltrate critical industrial control systems, but the worm potentially sabotaged the Iranian systems that manage uranium other than hitting the targeted critical infrastructure system.
The trends seen with defense contractors during their announcement to acquire into another company, perpetrators go after their potential acquisition to embed malicious software on their systems of the acquisition target to have access to the parent company’s infrastructure and IT systems.
The situation is exacerbated with the active inclusion of state actor in cyberspace and the development of advanced cyber weapons which have graduated from non-disruptive cyber espionage weapons i.e. utilizing zero day exploits, to highly lethal disruptive weapons targeting SCADA and DCS systems like the STUXNET.
Critical Infrastructure Sabotage is the modern warfare technique. U.S. and Israel allegedly used Stuxnet worm to destroy Iranian nuclear centrifuges, as per the Wall Street Journal. Under these circumstances, protection of information and information infrastructure is now a key factor to our national defense security and Confidentiality, Integrity, Availability and Non-repudiation are the prerequisite for basic pillars to achieve it.
National Security Agency also provides a comprehensive approach to information and electronic security. Some of the measures classically used in Defence includes Biometrics based strong Authentication systems, digital signatures, Hashing passwords, Firewalls and Demilitarized zones, Intrusion Prevention Systems, Network behavior analyzers, advanced malware detector and Anti-virus systems, integrity managers Security logs and Access control systems with strong vulnerability assessment , auditing and Governance.
Few Pillars of Building a National Defence Cyber Security Framework are ability to have accurate early warnings system of cyber security-related events, competence to detect and identify security events, capabilities to prevent cyber incidents at early stage, emergency response capabilities to mitigate any situation, in relation to identified deficiencies or threats and to prevent these events from recurring.
Ideally the goal should be testing out best ways to integrate cyber warfare into its offensive and defensive cyber defence operation to build the capabilities: to deny, destroy, degrade, disrupt and deceive. And to incorporate findings into the service’s Doctrine, Organization, Training, Material, Leadership & Education, Personnel, and Facilities (DOTMILPF) to mitigate the cyber threats by taking advantage of emerging technologies and strategies.