A Kinder, Gentler Cyberwar

Image credit: iStockphoto/Jakarin2521

“All warfare is based on deception.” ― Sun Tzu, The Art of War

Sixth-century military tactician Sun Tzu is credited with many philosophies pertaining to armed combat. And his quote on disinformation resonates, given the ongoing situation in Ukraine.

Deception is integral to cyberattacks. Early computer viruses were labeled “Trojan Horses” after the device “said to have been used by the Greeks, during the Trojan War, to enter the city of Troy and win the war.”

It's not clear where or when the concept, and this term for it, was first used, but by 1971 the first Unix manual assumed its readers knew both,” says Wikipedia of computer Trojan Horses. Another early reference is in a U.S. Air Force report in 1974.

CDOs must not be lulled into complacency and believe such ruses are consigned to history or limited to physical warfare. The cyberdrome sprawls from office to home and back again, with weak links across the spectrum.

Situations are rarely single-vector. Let's look at a classic incident of military deception, which many know only at a superficial level.

Classic deception

Prior to December 1941, the U.S. preferred to stay out of the brewing conflict in Europe and Asia. The attack on the Pearl Harbor fleet changed that in a flash.

Imperial Japan inflicted significant losses on the U.S. sea power in the famous attack. How'd that work out for them? "One can search military history in vain," wrote the naval historian Samuel Eliot Morison, "for an operation more fatal to the aggressor."

The Pearl Harbor operation is often described as a “sneak attack,” although the U.S. cessation of oil exports to Japan in July 1941 made it near-certain that Japan would resort to military action. Conventional wisdom held that U.S. military bases in the Philippines would be targeted — the planners successfully hid this deception.

For CDOs, cybersecurity should be an overriding concern

The pivotal 1942 battle at Midway Island provided the opportunity for deception by the other side. The U.S. believed they'd broken the Japanese code for messages but weren't sure. They sent a (false) message saying the island's water facilities were damaged, which their adversaries relayed (encoded). The resultant battle — initiated by Japan — turned the tide of the Pacific War.

Modern-day spin

Modern battlefields feature exercises in PR as factions attempt to “spin” their successes real or imagined.

The current Ukraine conflict is a high-level chess game of perception management. The early advantage went to the side with the charismatic, handsome leader — who had a career as an actor and comedian prior to his political ascension. Another PR win: the “Ghost of Kyiv,” which — it is claimed — was a Ukrainian jet that flew around shooting down Russian aircraft.

Whether it existed or not is beside the point. The legend exists and boasts a memorable name. So it goes in wartime PR spin.

IT army

As cyberwarfare is now multifaceted, it's fitting that one of the first shots fired in this cyberwar was claims of an “IT army.” In late February, the country's vice prime minister Mykhailo Fedorov claimed via tweet: "We are creating an IT army. There will be tasks for everyone. We continue to fight on the cyber front. The first task is on the channel for cyber specialists."

Deception is integral to cyberattacks

The channel Fedorov referred to was a list of Russian websites: 31 major Russian businesses and state organizations targeted for attack, including energy giant Gazprom, oil producer Lukoil, three banks, and a handful of government websites. It's unclear how much actual damage was inflicted by cyberattacks on said institutions.

Anonymous actions

The amorphous hacktivist collective employed their usual tactic: DDoS attacks against high profile targets. “Hackers identifying with the Anonymous collective announced they had launched cyber operations that briefly took down RT.com [the state-controlled Russia Today news service], as well as the websites of the Kremlin, the Russian government, and the Russian defense ministry websites,” reported the Australian Broadcasting Commission.

Reprisal was swift, reported the ABC. “Earlier this week, Russian cyber forces mounted DDoS attacks on the websites of several Ukrainian banks and government departments,” said the article. Like many such reports, detailed information is sketchy. But, reports continue.

The head of Russia's space program was forced to deny claims that Anonymous had blitzed their control center. According to MSN, “a popular Twitter account dedicated to following the activity of the loose internet collective known as Anonymous tweeted that an Anonymous-affiliated hacking group called NB65 had 'shut down the control center' of Russia's Roscosmos space agency and that the country, therefore 'has no more control over their own spy satellites’.”

Cybernews.com reported that Anonymous had breached the Russian Ministry of Defence database and posted “officials' phone numbers, emails, and passwords” on mega.nz.

“Such actions represent an escalation in cyberwarfare,” said Cybernews. “Cybersecurity analysts are predicting an upsurge in defense spending across Europe for both digital and conventional warfare, while patriotic or idealistic hackers sympathetic to either side are also mobilizing.”

Upsurge in defense spending

For CDOs, cybersecurity should be an overriding concern. It doesn't matter where decentralized attacks originate when the entire Internet is the field of battle.

While hackers may be motivated by idealism during the current maneuvers in Ukraine, the financial incentive remains the main driver in cybercrime. Firms and organizations can and should harden their attack surfaces and examine their practices.

Stefan Hammond is a contributing editor to CDOTrends. Best practices, the IOT, payment gateways, robotics and the ongoing battle against cyberpirates pique his interest. You can reach him at [email protected].

Image credit: iStockphoto/Jakarin2521