Académique Documents
Professionnel Documents
Culture Documents
By
Maurice Yap
Peter Symonds College
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
ABSTRACT
Cyberwarfare, the use of computers and computer programs and infrastructure as weapons in their own
right, has been reported widely in recent years by the media, but it has generally been below the surface of
mass public attention. Not much is known, by the general public at least, about the hazard it poses to people
around the globe. I have used numerous media, academic and other sources to investigate cyberwarfare
techniques uses now and in the past and the potential threat its use poses in the future. The conclusions the
report have reached are that cyberwarfare does not, at the moment, have the potential to cause mass
destruction through manipulating social infrastructure, but will do quite soon in the future; software firms
and governments have a huge role to play in upholding national security; online censorship is
unsustainable; and many battlefields will soon be incorporating a cyberwar-front.
Where the words China or Chinese are used in my report, they refer to the Peoples Republic of China (Mainland
China) as opposed to the Republic of China (Taiwan).
The PLA is the Peoples Liberation Army, the military of the Peoples Republic of China.
All uses of the dollar currency ($) in this report refer to the US Dollar.
NATO is the North Atlantic Treaty Organisation a military alliance comprising of European and North American
nations including the USA, France, Turkey, the UK and Germany.
Islamic State
The Islamic fundamentalist militant group currently (late 2014) fighting in and controlling large parts of Iraq and
Syria, self-titled in Arabic, ad-Dawlah l-Islmiyyah, is referred to in the media and by government officials by
different names. Islamic State, the English translation of this, has been abbreviated to IS, as in the case of the BBC,
ISIS, by the New York Times, the Guardian and Reuters, or ISIL as is done by US and UK government officials and
previously by the Associated Press agency.
This group is referred to in this report using the acronym, QSIS, for "Al-Qaeda Separatists in Iraq and Syria." The
name, Islamic State, suggests that the group's ideology and activities are to some extent, representative of the religion
of Islam. As most Muslims around the world totally disassociate themselves with their ideology and activities, I feel the
use of this name is disrespectful to them.
ii
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
TABLE OF CONTENTS
1. Introduction ........................................................................................1
1.1. What is cyberwarfare? .............................................................................................................................. 1
1.2. Significant incidents ................................................................................................................................ 2
1.3. Purpose and execution............................................................................................................................. 2
1.4. History and development of cyberwarfare .............................................................................................. 3
1.5. Electronic warfare .................................................................................................................................... 3
3. Hacktivism ........................................................................................ 11
3.1. Anonymous ............................................................................................................................................. 11
3.2. 2008 South Ossetia War ........................................................................................................................ 11
3.3. Syrian Civil War (2011- ) ....................................................................................................................... 12
iii
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
6. Stuxnet ............................................................................................. 20
6.1. Activities of Stuxnet ...............................................................................................................................20
6.2. The source of Stuxnet ............................................................................................................................ 22
6.3. Why is Stuxnet so dangerous? .............................................................................................................. 23
TABLE OF FIGURES
Figure 1: slide show images which were used to deface President Saakashvili's website (Danchev, 2008) ... 12
Figure 2: the illegitimate tweet sent out by the Syrian Electronic Army on The Associated Presss Twitter
account (Foster, 2013) ..................................................................................................................................... 12
Figure 3: the office block in Pudong, Shanghai which is alleged to host Unit 61398 (Reuters, 2014a) .......... 14
Figure 4: an example of a private message sent by Koobface through Facebook (Uwang, 2011) ................... 19
Figure 5: a Siemens Simatic industrial controller, identical to the ones affected by Stuxnet (Ulli1105, 2007)
.......................................................................................................................................................................... 21
Figure 6: a carbon fibre rotor tube (Broad, 2008) .......................................................................................... 22
Figure 7: a still shot from a video of the Aurora test (Zetter, 2007) ................................................................ 25
Figure 8: tweets by three Twitter users about the Israel-Hamas war in 2014 ................................................ 29
iv
1. Introduction
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
1.INTRODUCTION
The development of computer science throughout the second half of the 20th century has probably been
one of the greatest and most influential feats of human technological achievement. Its impact on the world,
through being the foundation of space exploration; advancing the medical field; revolutionising
entertainment; aiding engineering and architecture and the creation of the World Wide Web make
computers a cornerstone of modern human society.
In that time, computing technology has also been widely used by the worlds militaries. Its digital
communication capabilities have transformed the way armies operate and computer systems in weapons,
such as guided missiles and fighter jets, have helped to reduce collateral damage in times of war.
Increasingly in the past decade however, computing has itself become a weapon. A completely new domain
of warfare has been created, fought not in the seas, on land, in the sky or even in space; it is being fought in
the realm of cyberspace on computer networks and systems. It is cyberwarfare.
1.1.WHAT IS CYBERWARFARE?
The use of computers or the internet to spread propaganda, access classified information, disrupt
electronic surveillance systems, or attack information technology-dependent infrastructure
targets. (Wither, 2008)
Whilst computers are widely used to assist military operations, this report focuses on pure cyberwarfare
politically motivated conflict fought within computer systems themselves.
There are four main areas of cyberwarfare:
Strategic warfare using computers to directly attack civilian infrastructure systems like power
grids, transport systems and water and gas pipelines to cause chaos in a particular territory;
Cyber-espionage covertly gathering intelligence using computers from networks and databases
which can be used for military or political purposes (Crystal, 2005);
Cyber-disruption disrupting and sabotaging the internet and other information systems;
Cyber-terrorism using the internet and computing technology by terrorist groups to spread fear
and destruction (The Economist, 2012a).
This report also discusses the role of computer-based information warfare cyber-attacks which control
and disrupt the availability of information and propaganda. This includes "hacktivism" actions taken by
civilian groups like Anonymous, hacking computer networks to archive political or social objectives.
Information warfare is also a large part of cyber-terrorism, where the internet is used to spread terrorist
groups propaganda. The true extent as to which cyberwarfare is taking place is difficult to trace because in
many cases, attacks go unnoticed. Also, much of it is undertaken by governments and takes place covertly
so information about these activities may not be made public for reasons of national security reasons.
1. Introduction
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
1.2.SIGNIFICANT INCIDENTS
An early example of a high-impact cyber-attack took place in Japan in July 2000. The countrys
commercial Docomo service was, at the time, providing email access to mobile phones. Emails from an
unknown sender containing malicious code that hijacked users phones, were sent to a very large number of
its users. This contained code which dialled 110 on the phone, Japans emergency number (equivalent to the
UKs 999 or 112). Because this attack became successful on such a massive scale, the entire countrys
emergency phone services became overloaded and unusable.
In September 2007, the Israel Defence Forces (IDF) are alleged to have hacked into Syrian radar
systems to stop them from detecting Israeli fighter jets. This allowed them to carry out a successful series of
airstrikes on Syrian military targets.
The 2008 South Ossetia War between Russian and Georgian forces saw websites of institutions on
both sides taken down through distributed denial-of-service (DDoS) attacks or defaced using a technique
called SQL injection. This incident is explored in chapter 3 of this report.
There was an exchange of cyber-attacks between groups based in Pakistan and India in late 2010. A
group calling itself the Indian Cyber Army attacked Pakistani government websites, in retaliation for the
Mumbai terrorist attacks that happened two years prior. A month later, a group similarly called the
Pakistan Cyber Army attacked India's CBI (Indian equivalent of FBI).
In March 2013, South Korea's three major banks - Shinhan, Woori and NongHyup and broadcasting
stations, KBS, YTN and MBC became victims of a cyber-attack. Over 30,000 computers at these firms were
affected. Public and media speculation suggested that this may have been done by North Korea (DPRK) in
retaliation against US and South Korean military exercises and sanctions imposed on North Korea for
nuclear testing.
Perhaps the most widely known case of cyberwarfare took place in 2010. The Stuxnet computer
virus was discovered on millions of computers around the world and was found to have attacked the Iranian
uranium enrichment facility at Natanz, causing the cessation of nuclear enrichment for several months.
This will be discussed in detail in chapter 6 of this report.
1. Introduction
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
Because of the strong dependence of many modern economies on the internet, performing DDoS attacks
that make websites and data servers inaccessible to users can quickly cause economic damage to individual
firms; however, attacking nameservers which direct web addresses (URLs) to websites can very quickly
cause great economic damage to a country because it effectively renders all the websites registered to that
countrys top-level domain (TLD) (the last label of a URL, for example, in http://www.psc.ac.uk, .uk is
the British TLD) offline, creating a depression in economic confidence and preventing online-conducted
business to take place. Large-scale DDoS attacks also prevent the flow of information, vital in times of war
and conflict.
1.5.ELECTRONIC WARFARE
Whilst not a form of cyberwarfare, electronic warfare (EW) very closely relates to cyberwarfare. EW is the
fight for control of the electromagnetic spectrum, across which radio communications, TV signals, mobile
phones and radar operates. The objective of EW is to make sure friendly forces can use the electromagnetic
spectrum securely and conversely, to stop enemies from using it using techniques like jamming, which
stops radio signals from being broadcast (Miller & De Lia, 2006). The military of the United States has a
very strong focus EW (Association of Old Crows, n.d.).
In 1912, the British Committee of Imperial Defence said that if war were to break out, the military must
quickly destroy German underwater telegraph cables. On 5th August 1914, shortly after the outbreak of
World War 1, HMS Telconia steamed to a position off Emden and cut and reeled in several thousand feet of
German cables under the English Channel. This contributed to the Allied victory because the cables ran to
German allies and agents in Europe and North America. The Germans now only had a single telegraph
cable left, which ran from western Africa to Brazil (the others the previously used were all British owned). It
Extended Project 2014 | Maurice Yap 6946
1. Introduction
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
meant the Germans were forced to use radio instead, which was very easily intercepted. It caused many
diplomatic, naval and other military coded messages to be received by the admiralty.
EW also was successfully used as part of the Gulf War. On 17th January 1991, coalition forces broadcast
noise and jamming signals that interfered with Iraqi communications airwaves. Within an hour of the start
of this assault, the Iraqi IADS (Integrated Air Defence System) radar system completely collapsed. Within
days, most of their radar-supported SAM (surface-to-air missiles) missiles were out of operation. Many
aircraft flying over Iraq carried and utilised radar signal jammers to protect themselves from detection by
Iraqi radar and SAMs.
In the 21st Century, the vast majority of US casualties in Operations Iraqi Freedom and Enduring Freedom
were caused by RCIEDs (radio controlled improvised explosive devices). They were disguised bombs which
were activated by an insurgent when he called a mobile phone attached to the device. US forces were able to
stop these attacks and save many lives using EW techniques.
2. Information warfare
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
2.INFORMATION WARFARE
2.1.PROPAGANDA
In a war, propaganda warfare is fighting for representation of the war. Because of its wide access and use,
the internet has become a key battleground for this as it is near impossible to regulate or officiate. Online
propaganda can therefore move very easily and freely. 2012 data shows that 87% of people were connected
to the internet in the UK, as well as 81% in the USA, 42.3% in China and 39% globally (Buzzle, 2012).
During peacetime, it can be used for morally good purposes, for example public health campaigns, morally
neutral purposes like advertising and political activism and bad purposes, for example terrorist recruitment
and deliberate disinformation (Johnston, 2013). Because of the very popular social media platforms that
have been created over the past decade, like Facebook and Twitter, propaganda-generation is becoming
more widespread meaning that propaganda-generation is accessible to all people.
2. Information warfare
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
Many governments censor the internet in their countries to various different extents. There are many
reasons governments choose to restrict information flow on the internet, including securing intellectual
property rights, ensuring national security, preserving cultural norms and religious values and shielding
children from pornography and sexual exploitation.
Governments generally have four options available to them in order to impose censorship:
The first is blocking websites and web pages using technological means. IP (Internet Protocol)
blocking is where all access to target sites is completely blocked by preventing connections to their
web servers. DNS (Domain Name System) tampering is another technique, where there the servers
which direct a URL domain name to a servers IP address (name servers) are tampered with. This is
a technique currently in use by Chinas government.
The second option is removing search results from internet search engines. This is done either
through a formal (often secret) request from the government to search engines, like Bing, Google
and Baidu, to remove search result entries, or if refused, forcing them to do so through legal actions.
Taking down sites by legal action or threat of it by authorities is the third option, however, this
option only works when the website in question is hosted on a server within that authoritys legal
jurisdiction.
The final option is psychologically coercing people into self-censorship being restrictive about
what websites they visit, the terms they search for and what they post online. This is effective when
people know or highly suspect that they are being monitored by the government, and that they could
face legal action, arrest or imprisonment for illegal online activity.
The highest level is done through the countrys connection to the internet backbone (physical cables
and network routers). Governments can program (or force companies to program) these switches to
block certain websites using IP blocking or DNS tampering, as mentioned above.
The next level is through ISPs (internet service providers), who use IP blocking to prevent their
customers from reaching websites.
After this, individual institutions can enforce censorship and filtering by programming internal
network switches and routers. Businesses and academic institutions frequently do this to stop staff
or students from wasting time or bandwidth, to protect their networks from viruses and malware
and to prevent children in schools from reaching adult content.
The lowest level is device-based filtering filtering software on individual devices. It is frequently
used by parents on the devices used by their children, again, to prevent them from accessing content
intended for more mature audiences.
2.2.1.POLITICAL AGENDA
One of the biggest reasons why governments around the world impose censorship is for political reasons.
An example of this was when conservative Russian politicians in 2008 tried to get rid of the dangerous
teen trend of Emo culture through censorship laws. The Duma (Russian parliament), on the grounds of
spiritual and ethical education, decided to heavily regulate Emo-culture websites and blocked many of
them. This supplemented a ban on Emo and Goth fashion from schools and official buildings (Truthloader,
2014c).
The Arab Spring protests and revolutions of the early 2010s saw many governments, including those of
Bahrain, Egypt and Libya, used various forms of internet filtering and censorship to try to stop the spread
and influence of anti-government protests. This was done for the purpose of trying to preserve existing
administrations (Rashid, 2013). Syria was also accused of destroying three of their four national backbone
routers to significantly reduce internet access to its citizens (Truthloader, 2013a).
2. Information warfare
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
2.2.2.PREVENTION OF TERRORISM
MI6 used aggressive censorship in 2011 to prevent the spread of terrorist ideas through propaganda and
dangerous information to protect the British public from terrorist attacks (Gardham, 2011). It hacked into
an Al-Qaeda-affiliated website and a magazine produced by the radical preacher, Anwar al-Awlaki, was
replaced with cake recipes by Ellen DeGeneres popular American chat show. Al-Awlaki was a leader of AlQaeda in the Arabian Peninsula (AQAP) who previously lived in the UK and USA.
This magazine, Make a bomb in the kitchen of your Mom, was written to recruit "lone-wolf" Englishspeaking terrorists. It included dangerous information like instructions showing how to make pipe bomb
with a timer, match heads, sugar and a miniature light bulb. Articles by Osama bin Laden and Al-Qaedas
second-in-command, Ayman al-Zawahiri were also removed.
In 2014, the Iraqi Ministry of Communications also used censorship to reduce terrorism by completely
blocking Twitter, Facebook and other social media sites which were widely used by QSIS to spread their
influence. At the time, QSIS had occupied large parts of Iraqs territory.
2. Information warfare
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
2. Information warfare
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
North Korea, which is severely disrupted by a very unreliable electrical grid, is almost exclusively used for
military, government or industrial purposes (Billo & Chang, 2004).
The Korea Computer Centre, set up in 1990 by Kim Jong-Nam (Kim Jong-Ils eldest son) at estimated cost
of $530 million, is the institution which dictates the countrys IT strategy is the Korea Computer Centre.
The computer experts that work there received training in China, Russia and India and are regarded as
some of the best in the world (Lintner, 2007).
In 2000, North Korea launched a fibre optic cable-connected nationwide intranet network called
Kwangmyong, which means bright" in Korean, and includes a browser, government-monitored email
programme, news articles and a search engine. Those with access to the world internet find information for
Kwangmyong so that useful technical information and data can be accessed by research institutes, factories
and schools without the government losing control of the information flow in the country (The Economist,
2007).
2.5.CENSORSHIP IN IRAN
Most ISPs in Iran are government owned or controlled (i.e. by universities and think tanks) because
independent ISPs are expensive to set up and run as they must be linked to the internet via Satellite. The
Iranian government, like China, filters out a lot of content using ISP-level blocking for ideological and
political reasons. A report by Charles Billo and Welton Chang (2004) suggested that this has caused Iranian
youths, most of whom are ideologically more liberal, to be disgruntled at the governments control, creating
a hacker mentality. This is supported by the fact that the report found that lots of clandestine hacking takes
place in Iran, mostly done by the younger population.
2.7.OPPOSITION TO CENSORSHIP
In March 2014, Sir Tim-Berners Lee, the creator of the World Wide Web, said there should be a bill of
rights to protect internet users from excessive government surveillance, similar to the Magna Carta. He
said:
"We need to think about the next 25 years and make sure that we establish the principles that
web 's been based on, principles of openness, principles of privacy, principles of not being
censored." (Truthloader, 2014d)
On 5th June 2014, over 200 websites took part in the Reset the Net campaign. They put a splash screen
on their website's front pages, giving users tips on online privacy and software to ensure end-to-end
Extended Project 2014 | Maurice Yap 6946
2. Information warfare
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
encryption. It was done in protest against NSA surveillance, a year after revelations by Edward Snowden
about this.
The US State Department contributes towards the funding and development of technology use to bypass
internet censorship in foreign countries, like highly secure mobile phone networks, internet access points
which can be smuggled into these countries (Rashid, 2013).
Tor Project created OONI-probe (Open Observatory of Network Interference), which is a computer
program which identifies websites which local governments have censored, tampered with or slowed down
access to. Its use by Palestinian news agency, Ma'an, led to a minister resigning three days after it was
shown that certain opposition political websites were blocked.
The UN views disconnecting people from the internet a direct violation of basic human rights (Rashid,
2013).
10
3. Hacktivism
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
3.HACKTIVISM
Hacktivism is a form of political or social activism where hacktivists try to achieve their respective
objectives by hacking and other forms of disruptive cyber-activity. The two most common methods are
distributed denial-of-service (DDoS) attacks and SQL injection. There are also other methods involving
obtaining secure data like passwords and personal details and files. Most methods used by hacktivists are
illegal.
DDoS attacks involve flooding the servers that target websites are hosted on with an enormous number of
requests to overload them so no one can access it. SQL injection exploits security vulnerabilities in software
to insert SQL code which is later executed. This has, on many occasions, been successfully used to deface
websites.
3.1.ANONYMOUS
The most famous operating hacktivist group is Anonymous. It is a decentralised network of anonymous
hacktivists around the world who cooperate in hacktivism against what they perceive as social injustice,
abuse of power and other issues perceived by members to be immoral. It originated from the 4chan internet
imageboard site in the mid-2000s.
Anonymous attacks start with individual members posting desired targets and justification for them on
forums and social networking sites to be seen by other Anonymous members (known as Anons). Some
posts then gain publicity across the network from Anons sharing them with each other. After targets are
decided, the more technically skilled members of the group carry out relevant technical reconnaissance on
the targeted websites and attempt to steal data. After this has been done, coordinated large-scale DDoS
attacks are carried out by regular Anons on the targeted websites.
An example of an Anonymous attack occurred during the 2014 Football World Cup in Brazil. The group
decided to protest in support of the citizens of Brazil against their governments lack of investment in poor
communities compared to the large amount of money spent on the World Cup. Anonymous performed
DDoS and SQL injection attacks against World Cup sponsors' websites and claimed to have carried out 141
attacks during the campaign. During the attacks, the Bank of Brazil website's front page was defaced and
the following message was placed on it:
"Money and corruption are ruining the land, crooked politicians betray the working man,
pocketing the profits and treating us like sheep, and were tired of hearing promises that we know
theyll never keep." (Truthloader, 2014b)
11
3. Hacktivism
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
show showing him as Hitler, by posting images of similar poses by Saakashvili and Hitler, as seen in figure
1.
A test done conducted by ZDNets Dancho Danchev (2008) shows a significant number of servers for two
particular Georgian government websites down. 26 out of 30 servers based around the world for the
Georgian Foreign Ministrys website, http://mfa.gov.ge, were inaccessible and for the Presidents website,
http://president.gov.ge, 16 out of 30 were down. Georgian news sites and popular websites were also
defaced or attacked. The DDoS attacks were conducted using botnets and a custom-made http flooder tool,
freely available for all internet users to download which required no technical knowledge.
As well as government websites, one of the most popular Georgian hacking forums suffered a long-term
DDoS attack, making it difficult for opposing hacktivists to communicate. Email addresses of government
officials were also distributed, which Russian hackers used to spam with targeted malware attacks using
web links. The objective of this cyber-offensive by hacktivists was to stop Georgia from reaching the world
with real-time information on real-life warfare events (Danchev, 2008). Experts from Estonia were later
flown in to help to secure servers from attacks.
LEFT - FIGURE 1: SLIDE SHOW IMAGES WHICH WERE USED TO DEFACE PRESIDENT SAAKASHVILI'S
WEBSITE (DANCHEV, 2008)
RIGHT - FIGURE 2: THE ILLEGITIMATE TWEET SENT OUT BY THE SYRIAN ELECTRONIC ARMY ON THE
ASSOCIATED PRESSS TWITTER ACCOUNT (FOSTER, 2013)
12
13
The Economist (2012a), in the same December 2012 piece, reported that China employs thousands of
software engineers to target technologically advanced Fortune 100 companies.
A suspected hacking group within the Peoples Liberation Army (PLA, the armed forces of China), Unit
61398, operates out of a plain office block on top of a military base in a suburb of Shanghai. The BBC
(2013a) reported that it had stolen hundreds of terabytes of data from at least 141 organisations around the
world. China denied this and questioned the evidence that seemed to support these accusations. BBC
reporters and camera crew filming this report were detained by the Chinese police when they tried to film
the unit's base and their footage was confiscated by them.
FIGURE 3: THE OFFICE BLOCK IN PUDONG, SHANGHAI WHICH IS ALLEGED TO HOST UNIT 61398 (REUTERS,
2014A)
14
The government of the US acknowledges its countrys reliance on cyber-infrastructure and that this makes
the country very vulnerable to attack from adversaries. President Barack Obama called America's digital
infrastructure a "strategic national asset," and his administration created new rules and strategies in its
military doctrine for dealing with cyber threats. The International Strategy for Cyberspace, released by the
US government in 2011, said that the United States "will respond to hostile acts in cyberspace as we would
to any other threat," (Washington Post, 2012). The Pentagon permits neutralizing a foreign server from
where a cyber-attack originates. The Economist newspaper (2012a) speculated that Americas Allies will
probably adopt similar military policy.
Jarno Limnell of Stonesoft, a major American computer security firm, said that the US has good offensive
cyber-attack capabilities but has poor defences against it (The Economist, 2012a). In September 2010, 60
private companies and 12 international partners participated in an exercise called "Cyber Storm III", to
simulate a large-scale cyber-attack. It was used to prepare and evaluate Americas defences against such an
event happening in reality.
4.4.UNITED KINGDOM
In the UK, the Government Communications Headquarters (GCHQ) has an "operation centre" for the same
purpose as America's USCYBERCOM. Jonathan Edwards, the head of MI5, said in June 2012 that there had
been an "astonishing" number of cyber-attacks on UK industry, in particular, by exploiting internet
vulnerabilities (British Broadcasting Corporation, 2012).
In 2010, the British government spent 650m launching the National Cyber Security Programme to vastly
improve the UK's cyber security skills and capabilities.
The Intelligence and Security Committee (a group of MPs) told MI5 and MI6 in July 2012, to start covertly
counter-attacking computer networks who have attacked the countrys industry, government or military
using cyberwarfare methods, as opposed to just defending against them. They suggested interfering with
identified hostile systems to disrupt their activities and capabilities and covertly gain intelligence on them.
Their report said that cyber-attacks posed a significant threat to British national security and so defending
against them must be made a priority (British Broadcasting Corporation, 2012).
In September 2013, the Defence Secretary, Philip Hammond, announced that the MoD would recruit a large
number of cyber-security experts as military reservists for the UK to fight off cyber-attacks. They will work
in the Joint Cyber Reserve Unit (JCRU), which will work to protect the British military's data and digital
resources. Because the development of computer technology is happening so rapidly, the MoD must recruit
innovative civilians at the forefront of industry. The advantage of being employed in a reserve unit is that
these people don't have to commit to a full-time military career and can continue to work in their industry.
A series of competitions set up by the Cyber Security Challenge organisation, running since 2010, have been
used by GCHQ and private companies like BAE Systems and Lockheed Martin to recruit people with the
best skills to defend against cyber-attacks. The competitions consist of a simulated large-scale cyber-attack
on the UK that has infected banking systems (so ATMs don't work), transport systems, critical government
networks and the London Stock Exchange and is made to be as realistic as possible. There is a huge demand
in the UK by both the government and industry for people with these cyber security skills.
15
2010 (explored in the next chapter of this report), the EU boosted their computer defences and improved
cooperation among states to defend against cyber threats.
4.6.NATO
NATO adopted a new cyber defence policy in June 2011 which included coordination between all the states
in its alliance. It said that it needs to improve capabilities to detect, prevent and respond to cyber-attacks
and planned to create a centralised cyber protection department so that it could deal with threats more
quickly and easily. Cyberwarfare was discussed at the 2012 summit in Chicago, where NATO recognised its
growing threat because of quickly advancing sophistication, and so put priority on protecting NATO's
information and communication systems. The members of the Alliance agreed to integrate cyber-defence
into NATO Defence Planning Process.
NATO gives support to member states trying to protect their national infrastructure from attacks by sharing
information and expertise through data and experts. It also strongly cooperates in this area with the EU.
4.6.1.NATO CCDCOE
A centre for training, consultation, research and education in cyber defence and cyber security was created
by NATO in 2008 in a former Soviet Barracks in Tallinn, the Estonian capital. It is called the "Cooperative
Cyber Defence Centre of Excellence" and employs many cyber defence specialists from sponsor nations to
conduct research and to help NATO countries defend against cyber-threats. The sponsor nations are the
Czech Republic, Estonia, France, Germany, Hungary, Italy, Latvia, Lithuania, the Netherlands, Poland,
Slovakia, Spain, the UK and the US, who all provide funding and staff to the centre.
The centre was created after a cyber-attack against Estonia in 2007, which cost the country and other Baltic
states around 20 - 30 million. Web servers of the Estonian government, banks and media were attacked,
forcing the country to briefly disconnect itself from the internet completely. The attacks were triggered by a
decision to move a Soviet-era war memorial in the centre of Tallinn.
4.7.NORTH KOREA
In October 2004, the South Korean Defence ministry said that the North had trained more than 500
computer hackers capable of launching cyber-warfare against its enemies, and that its capability was
estimated to have reached the level of advanced countries (Lintner, 2007). They reported that military
hackers had been put through a five-year course to train them to penetrate and attack the computer systems
of South Korea, the United States and Japan. American observers doubted the DPRKs capabilities and said
that American firewalls could easily block attacks from it. They also said that North Koreas cyber-threat
was not a serious one.
Because of sanctions imposed on the country for various reasons, hi-tech goods for the DPRK have to be
covertly acquired using bogus companies in Hong Kong, Singapore, Taiwan and Thailand.
4.8.CHINA
China has largest conventional military in the world but doesnt have similarly world-leading C4I
(Command, Control, Communications, Computers and Intelligence) capabilities. Because it sees the US and
other NATO countries militaries as computer network-dependent (e.g. intelligence, command-and-control,
guided missiles), it has, from the early 1990s, developed a clear cyberwarfare military doctrine: to defeat the
enemy before even stepping into physical battle by establishing an advantage through information
16
dominance. This can be done by jamming or sabotaging the enemy's information systems to cause bad
judgements or actions, or by creating information blind spots that can be exploited. This would severely
reduce the operational effectiveness of items of equipment that depend heavily on computers and digital
data. The PLA calls this the "informationisation" of war (The Economist, 2012a). It believes that superiority
on the cyberwarfare front is a way to neutralise an otherwise superior enemy.
In terms of defence, China domestically places significant emphasis on the protection of military and
intelligence networks from cyber-attacks, including viruses. For reasons of national security, China is very
secretive about developments in cyberwarfare and their defences from it. There is very little in terms of
unclassified documents.
Because the most cutting-edge and technically advanced products are produced by companies mainly in
North America and Europe, China obtains a lot of IT hardware and software for military use illegally. In
November 2003, Gao Zhan, an ex-researcher at American University, pleaded guilty to exporting
microprocessors for flight control and guided weapons systems to China for their military. US government
permission was needed to export this. Also, in December 2003, Sun Microsystems was fined about
$300,000 for sending a powerful server to a Hong Kong based company in 1997, which was later used by
the PLA for military purposes.
The PLA is known to cooperate with the militaries of North Korea, Russia and Pakistan on cyberwarfarerelated issues and trades and exchanges military equipment with them, but increasingly seeks domestically
produced IT products. It has cyberwarfare training centres in Wuhan, Zhengzhou and Changsha which have
professors and experts in the field. Their curriculum includes computing theory, networks and
communication, cyberwarfare strategy, information gathering and analysis, protection of information
systems and virus attacks. Military exercises simulating cyberwarfare have been conducted by the PLA since
October 1997.
4.9.IRAN
Irans government claims that the country has the second-largest cyber army in the world. In terms of
government funding and human resources for research into IT, the military and defence sector gets priority.
It also collaborates with universities and other academic institutions for research and development of
military-related digital technology. For the past ten years, computing has been included in their Army
Officer training college course.
Because its academic facilities in IT are generally much weaker than those of western countries, Iran has
gained a significant amount of knowledge from its diaspora. In the early 1980s, many Iranians emigrated to
Europe and North America after the revolution to find jobs or escape political persecution. Many of them,
since then, became trained and skilled in engineering or computer science and returned to Iran to open
internet cafes or found other jobs in the technology sector. The military actively targets these skilled people
in its recruiting for cyberwarfare programmes.
Iran has strong technical cooperation links with Russia and India but also is hindered by sanctions, so like
North Korea and China, imports lots of hardware and software from America illegally where domestic firms
or firms in allied countries arent able to produce the equipment they need.
Iran was suspected to be the source of the Shamoon virus which crippled thousands of computers at Saudi
Arabia's Aramco and Qatari's RasGas oil companies in August 2012.
17
18
website (known as click fraud) and performing DDoS attacks simultaneously with a large number of other
bots, amplifying the effect of the attack. Using automated botnets makes this sort of criminal activity much
more efficient and effective. It also protects the identities of the criminals as bots are used as
intermediaries. Botherders also commonly cooperate with each other to conduct their operations, often
using very complex command-and-control structures.
One of the most infamous cases of a botnet infection was the Koobface computer worm, which affected
many social networking platforms between 2009 and 2010, including Facebook, Bebo, Friendster, Hi5,
MySpace and Twitter. It worked by sending malicious links through these social networking sites as posts
by users or direct private messages, which redirected users to a fake YouTube page hosted on a
compromised server. Because of the familiarity of most social network users with YouTube, these pages
created false trust. When users attempted to watch YouTube videos, they were told to update their Flash
video player, but the download button installed malware instead, which added the victims computer to a
botnet. Successfully infected computers then used their users social network accounts to repost or resend
the links. Because these servers had website URLs which were easily identifiable by experienced internet
users as being illegitimate, URL shortening services like bit.ly or Google's goo.gl were used to cover these
up.
FIGURE 4: AN EXAMPLE OF A PRIVATE MESSAGE SENT BY KOOBFACE THROUGH FACEBOOK (UWANG, 2011)
Koobfaces operators earned over $2 million between June 2009 and June 2010 from the conducting of
illegal activities using these botnets. The Information Warfare Monitors investigative report on Koobface
(Villeneuve, 2010) concluded that the operators of Koobface were skilled experts as Koobface had lots of
technical countermeasures against being caught and against attempts to stop their activities.
19
6. Stuxnet
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
6.STUXNET
Stuxnet was an extremely complex computer virus which was first discovered in the middle of 2010 by
computer security experts in computer systems controlling power plants, traffic control systems and
factories around the world. Stuxnet was found to have spread to over 60,000 computers by the time it was
first discovered. It was seen by experts as the world's first cyber super-weapon because of its recognisable
function as a weapon made of computer code. Stuxnet was found to have had a vast array of abilities, like
turning up pressure in nuclear reactors and switching off oil pipelines, while simultaneously giving the
human operators or computer monitors information which suggests that nothing is wrong and everything is
operating normally (reality-blocking).
The BBCs report (2010c) about Stuxnet on 26th September 2010 said that a complex computer worm had
infected the personal computers of staff at Bushehr, Irans first nuclear power station, on the Persian Gulf
coast (Sagar, 2011). Chinese media also reported in September 2010 that Stuxnet had spread to China and
infected millions of computers there.
6.1.ACTIVITIES OF STUXNET
Stuxnet was designed to paralyse and sabotage the carbon rotor tubes and the connected centrifuges which
spun and enriched nuclear material (uranium hexafluoride) at Irans Natanz uranium enrichment facility; it
managed to shut down up to 1000 centrifuges there (roughly 20% of all of those in operation there). It was
initially found by The Langer Group to have targeted computerised control systems made by the German
firm, Siemens, which, as well as nuclear plants, are also used in controlling water supplies, oil rigs,
conventional power plants and other industrial facilities. After a few weeks of research about Stuxnet, it was
concluded that Stuxnet was in fact a specifically directed attack. It would only work if a certain program
code (the Natanz centrifuge control systems) was running on the target computer, but remained dormant
without this (Langer, 2011).
Stuxnet consisted of two different sized warheads of computer code. The larger one was an extremely
complex Windows dropper, which spread itself throughout as many computers as possible to reach the
designated targets. It exploited over 20 zero-day vulnerabilities, which are vulnerabilities in software that
their own creators are unaware of (in this case, Microsofts Windows operating system). They are found by
researchers (who look for them) or amateur hackers who may accidentally come across one. Most people
who find zero-days inform the software company of them so that they can repair the vulnerability and
publish it in the programs next update (known as patching). Zero-days can also be sold on the black
market to criminals for cyber-crime and can fetch up to $10,000; it can be assumed that the creators of
Stuxnet purchased some of these from the black market. All of the zero-days used in Stuxnet have since
been patched by the relevant software companies. The droppers role was to inject the second, smaller
warhead (the weapon part) into the centrifuges real-time controllers (the columns of grey boxes in figure
5) from the maintenance engineers laptop. The Dropper had a stolen digital security certificate from a
Realtek driver, which is a factor in why it was easily able to spread so quickly and easily.
20
6. Stuxnet
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
The Langer Groups research also found that Stuxnet was very professionally coded and engineered and so
was obviously done by very skilled and experienced people who had insider information and high quality
knowledge and intelligence about the targeted centrifuges. The smaller warhead was found to be even more
technically complex than the dropper. Ralph Langer (2011), the co-founder of the Langer Group, said in a
presentation that it was way above everything that we have ever seen before." It contained 15,000 lines of
code in programming language similar to assembly language (a low-level language that is very similar to
what hardware understands directly) and was fully autonomous, meaning that it could operate totally
independently without any form of input control.
The smaller warhead, which was injected into dozens of centrifuge controllers, was programmed to target
the black carbon-fibre rotor tubes linked to each centrifuge (highlighted in figure 6). By manipulating the
drive-speeds of these rotors, for example, rotating at the fundamental frequency of the carbon tubes,
Stuxnet was able to crack them and eventually make them explode. This was done very slowly and subtly to
confuse engineers. Another part of the warhead manipulated valves in order to change gas pressures inside
centrifuges to cause further problems.
21
6. Stuxnet
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
Another feature of Stuxnet, which has already been mentioned, was a reality-blocker that tricked engineers
into believing that everything was okay, while centrifuges were being attacked. Stuxnet did this by
intercepting input values from all the sensors, for example, temperature gauges, pressure gauges and
vibration monitors, and then giving the monitoring and controlling computer programs fake pre-recorded
data. As well as deceiving human engineers, this also meant that digital safety systems received incorrect
data and wouldnt detect any problems. Pressure relief valves, failed to open under dangerously high
pressures when they should have opened in fractions of a second after detecting an unusually high pressure.
Stuxnet had been preceded in Iran by the Duqu and Flame viruses, both used to spy on Iranian scientists
and officials. Flame was discovered to have sent screenshots and audio recordings of secret email exchanges
and sensitive conversations to its creators. Duqu was a reconnaissance virus and was used to find out
vulnerabilities and other information useful for attacking the targeted industrial systems. There were strong
similarities between the program code of these two viruses and Stuxnet, so may have been written by the
same group of people.
22
6. Stuxnet
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
If the speculation about Stuxnet being an American creation is correct, it shows that the West used
cyberwarfare, either instead of, or in conjunction with economic sanctions, to undermine Irans alleged
ambitions of possessing a nuclear weapon.
23
7.2.TRANSPORT INFRASTRUCTURE
On 5th and 10th June 2014, 13 commercial airliners flying over central European airspace disappeared from
air traffic controllers screens in Germany, Austria, the Czech Republic and Slovakia for up to 25 minutes
each. It later emerged that these disappearances had been caused by military activities, suggested by press
reports to have been conducted by NATO (Reuters 2014b; Truthloader, 2014b). Whilst officials claimed that
there was never any threat or danger posed by this particular incident, the trouble this could have caused
shows the potential damage such capabilities could cause. The loss of ATC in a country would ground all
flights and close its airspace, leading to major economic disruption due to the lack of transport for people
(commuting, tourism) and goods into, out of and across the country. It could even cause the catastrophic
loss of multiple passenger aircraft. ATC systems are, very difficult to hijack in a cyber-attack because of the
fact that most of the computers used are locally connected to a network within an airport or ATC centre.
That doesnt, however, mean that ATC computers are not susceptible to sabotage by adversaries using
computer viruses that have been somehow planted on these computers.
Many rail networks around the world use computerised systems to control signals and points; there is a
potential for these to be hacked, although very few of them are linked to the public internet. Most digital
matrix road signs in the UK are controlled using remote computer systems, like SCADA systems.
24
7.3.ENERGY-RELATED INFRASTRUCTURE
During the 20th century, a lot of attention during warfare has been on attacking and destroying parts of the
electrical grid infrastructure, like pylons, power plants and substations through guerrilla tactics or military
airstrikes. However, in the future, cyber-attacks have the potential to achieve this at very low cost and from
long range; they also have the ability to blow up oil refineries and overload power grids. In the Aurora tests,
run by the Idaho National Laboratory in 2007, researchers exploited remote IP access to send commands to
electrical generators so that they would damage or destroy themselves by changing their operating cycle.
They shook rapidly before smoking, then stopping (CSIS, 2010). This was a controlled simulation of a
cyber-attack on an energy facility.
FIGURE 7: A STILL SHOT FROM A VIDEO OF THE AURORA TEST (ZETTER, 2007)
7.4.FINANCIAL SECTOR
Stock exchanges, bank clearing systems and payrolls in many, especially economically developed countries
are heavily connected to the internet. Compromise of these systems could cause widespread economic
damage on a huge scale, however, they are heavily encrypted and banks and financial institutions place a lot
of focus into making sure these systems are secure. In the US, an organisation called FS-ISAC was set up in
1999 to facilitate the sharing of information between banks to protect their critical computer systems from
cyber-attacks. In 2014, about 20 banks and financial institutions in the UK were subjected to a cyberwarfare
simulation overseen by the Bank of England. This was to test their anti-hacking systems and to find out
whether the IT networks of these banks were sufficiently secure.
25
8.2.GOVERNMENT PUBLICITY
In the years before this report was written, cyberwarfare had a semi-secret status by western governments,
who were reluctant to publish information about it. More information is currently emerging, so in the near
future, cyberwarfare is likely to become less secretive and more public. Because of the quick rate of
technological development relating to cyberwarfare, policy relating to it is becoming a higher priority for
government discussion in many countries, and there is increasing public pressure for decisive policy in this
area. However, governments may risk a worldwide cyber-arms race if they are too open about what they are
doing and developing.
26
engagement (and never has been), the line between the two is more blurred in cyberspace because
espionage, in many cases, involves some form of cyber-attack. It is therefore difficult to decide, firstly, on
the threshold on a cyber-attack needed to trigger an offensive response and secondly, the type of response
appropriate. For instance, physical violence would probably be seen as disproportionate force, but a trade
war involving sanctions would be mutually damaging to both parties. Also, cyber-attack retaliations on
infrastructure are problematic in the calculation of their effects whether they would cause any physical
injuries or fatalities. At the time of writing this report, cyber-attacks are yet to cause a single human injury.
It is a widely held view that they dont have the potential to be lethal and therefore will never be a form of
war in itself. Martin Libicki of RAND Corporation, a global policy think tank, suggests that cyberwarfare
doesn't directly harm people or destroy equipment, but only "temporarily confuses and frustrates". It only
plays a support function to other forms of warfare (The Economist, 2012a). This is a view argued by Thomas
Rid, in a debate on The Economists website (2013a); he concluded that the threat of cyberwarfare is
overrated. Conversely, in the same debate, the Chief Security Officer of Mandiant, Richard Bejtlich, said
that cyberwarfare can lead to physical destruction and so it does constitute a form of war. He argues that
Stuxnets effects on Natanz could have been worse (Stuxnet only destroyed 10-20% of centrifuges there and
delayed uranium enrichment for a few months before the vulnerabilities were quickly repaired).
Professor Wolff von Heinegg, the former Stockton Professor of International Law at the United States Naval
War College said the following about Stuxnet
"If it was fed into the system by a state and was done for military purposes, that would amount
to a use of force, that under international law, would only be allowed if it was done in self-defence,
or it had some other legal justification." (Truthloader, 2013c):
He concluded that Stuxnet was not an armed attack and so couldnt have triggered Iran's right of selfdefence.
There are currently no internationally agreed explicit rules of engagement in cyberspace (like the Geneva
Convention) and whether it is acceptable to use a physical military response to a cyber-based provocation is
a legally vague.
If attribution capabilities are improved, as they may do in the future, all cyber espionage and cyber-attack
capabilities would become a much higher risk to the aggressor, because they can be located, identified and
held accountable. Getting caught is actually a huge deterrence to states partaking in cyber espionage. It will,
however, be very difficult as they can originate from literally anywhere in the world with an internet
connection, and governments can do their work through proxy groups in foreign countries. On the other
hand, the improvement of attribution will not discourage terrorist groups who do not care if they are
identified. As technology evolves with time, it may be the case that there is no net effect on the ability to
attribute cyber-attacks. Advances will almost certainly affect both sides as technology improves the ability
to attribute, so will it improve the ability to evade attribution, effectively causing a stalemate.
27
9. Concluding points
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
9.CONCLUDING POINTS
9.1.1.THE FUTURE USE OF COMPUTING TECHNOLOGY IN WAR
Since the First Gulf War in 1990, the importance of integrating computer systems with conventional
equipment and structures has become very apparent. The US-led coalition, with technological supremacy
including micro-technology and advanced computer processors, had a very significant advantage over Iraq,
exemplified by the fact that their jets could outwit air defences, their armoured vehicles could accurately
navigate across the dessert at night and their missile systems had a 90% hit probability on longer range
targets. In the Balkan War of 1999, the 2001 Operation Enduring Freedom in Afghanistan and the 2003
Iraqi Invasion (Operation Iraqi Freedom), the Americans and their allies also used computers to help
conduct large-scale precision-guided missile and bombing strikes. Based on this, it may be expected that
cyberwarfare capabilities may become as important as air superiority has been since beginning of the
Second World War it cannot win a war alone, but it is almost impossible to win if other side has it (The
Economist, 2012a).
As more and more militaries become progressively more dependent on cyber technologies, their computer
systems and networks will become more attractive as targets. Future wars between technologically
advanced militaries will almost certainly have a cyberwar aspect, because dominance here can be used to
gain significant advantages on the battlefield.
Cyberwarfare will significantly change character of war remote-controlled and autonomous robot devices
and drones will have a much larger involvement than they do at the moment, and the emergence and
subsequent importance of the role of a computer hacker will become more and more defined.
My view is that the development and emergence of computer programs as weapons in themselves, is
comparable in terms of magnitude, and maybe even significance, to the creation and development of
nuclear weapons in the mid- 20th Century. Unlike nuclear weapons, cyber-attacks do not carry the
characteristic of (probable) mutually assured destruction (MAD), and so its use carries much less risk to
humanity in general. Maybe the biggest difference between the two is accessibility. The fact that currently, a
teenager in a bedroom with a supermarket laptop could, in theory, literally wipe a large companys presence
off the internet, puts this into perspective.
28
9. Concluding points
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
2013a), but in fact believe that the increasing sophistication of such tactics and its potential impact are
massively underestimated. It is true that now, most infrastructure is not connected to the internet and so
has a low-to-non-existent vulnerability to cyber-attacks, however, internet-connected SCADA systems
allowing remote operation will most become much more widely, because of their ability to improve
efficiency, their ability to cut costs, and their improved convenience.
9.1.3.INFORMATION WARFARE
Now, the most visible use of cyberwarfare tactics is through information warfare. While computers and the
internet will almost undoubtedly support the creation and spread of propaganda, they will simultaneously
work against censorship in the future. The advancement of technology will make the structures in place to
bypass censorship much more accessible (in terms of availability and ease of use) to the population and
also, more effective. This will be dangerous to governments, like Chinas, who heavily use internet
censorship. As people become more and more informed by previously censored information which may
directly contradict official facts, they will become more and more angry and rebellious, increasing the
potential for civil unrest and anti-government sentiment and physical action.
The internet will make the world more open, informed and connected. This will allow the general public to
find out more sides of a conflict than they otherwise could through mainstream media, creating public
opinion that is more informed, more balanced and less polarised. The armed conflict between Hamas and
Israel in mid-2014 showed the importance of the internet in influencing public opinion, as supporters of
both sides took to Facebook and Twitter to present their side of and views about the story, and the
information that was widely distributed online presented a much more balanced picture of the conflict that
mainstream news outlets like the BBC, CNN and the Guardian.
FIGURE 8: TWEETS BY THREE TWITTER USERS ABOUT THE ISRAEL-HAMAS WAR IN 2014
29
9. Concluding points
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
9.2.CONCLUSION
Because of the rising potential of cyberwarfare, governments should do much more to defend against cyberattacks and increase awareness about them. Doing this through legislation may have a detrimental effect on
the economy by slowing down research and development, but it is certainly, in my opinion, needed for the
greater good, though negative effects of this could be offset through tax breaks or government grants. The
government should encourage software engineering firms to do this as well, if their software has a stake in
national security; training and financial funding could be arranged by the government to help them do this.
We, in the UK, like many other similarly developed and connected countries, widely use networked
computers for official, personal and commercial communications, monetary transactions and data and
information transfer. Our increased reliance on computer technology is inevitable and probably
unstoppable.
With current systems, large-scale cyber-attacks by terrorists that cripple an entire country through blocking
road networks, crashing planes, frying power grids and blowing up oil refineries and nuclear power plants
are still the stuff of fiction books and Hollywood, but in the not-too-distant future, our reliance on
technology, in the technologically developed world at least, will dramatically increase, causing our
vulnerability to such attacks to increase with it. The ability of cyber-attacks to cause total chaos within a
whole country may no longer be an imagined fictional threat, even as soon as within a decade from now.
Right now, cyberwarfare does not pose much of a threat to people in general. Its effectiveness at
undermining world security is also currently quite limited. Computing and other digital technology will
advance quickly in the future, following the strong trend that almost all kinds of technology have followed
throughout human history. Unfortunately, this technological advancement that, on the one hand, improves
humans overall quality of life through convenience, reduction of physical labour and assistance in medical
and scientific breakthroughs, will also be the thing which will cause cyberwarfare to not only be a real threat
to us in the future, but a very severe one indeed.
30
10.REFERENCE LIST
Please note that citations in the text referring to BBC and CSIS, are abbreviations for British
Broadcasting Corporation and Center for Strategic and International Studies respectively, and are
hence referenced as such below.
AI, W., 2012. China's censorship can never defeat the internet [Online]. Available at
http://www.theguardian.com/commentisfree/libertycentral/2012/apr/16/china-censorship-internet-freedom
[Accessed 13 March 2014].
ASSOCIATION OF OLD CROWS, n.d. Electronic Warfare: The changing face of combat [Online]. Available at:
http://www.myaoc.org/EWEB/images/aoc_library/Government_Affairs/AOC%20report.pdf [Accessed 13 March
2014].
AUSTRALIAN BROADCASTING CORPORATION. 2011. Stuxnet (HUNGRY BEAST). [Online]. [Accessed 10 February
2014]. Available from: http://www.youtube.com/watch?v=7g0pi4J8auQ
BILLO, C. G. & CHANG, W., 2004. Cyber Warfare: an analysis of the means and motivations of selected nation states,
Hanover, NH, USA: Dartmouth College.
BROAD, W. J., 2008. A Tantalizing Look at Irans Nuclear Program [Online]. Available at:
http://www.nytimes.com/2008/04/29/science/29nuke.html [Accessed 24 September 2014].
BRITISH BROADCASTING CORPORATION (BBC), 2010c. Stuxnet worm hits Iran nuclear plant staff computers
[Online]. Available at: http://www.bbc.co.uk/news/world-middle-east-11414483 [Accessed 18 March 2014].
BRITISH BROADCASTING CORPORATION (BBC), 2012. UK spy agencies urged to wage war on cyber enemies
[Online]. Available at: http://www.bbc.co.uk/news/uk-18867643 [Accessed 18 March 2014].
BRITISH BROADCASTING CORPORATION (BBC), 2013a. China military unit 'behind prolific hacking' [Online].
Available at: http://www.bbc.co.uk/news/world-asia-china-21502088 [Accessed 19 March 2014].
BRITISH BROADCASTING CORPORATION (BBC), 2013b. Q&A: UK filters on legal pornography [Online]. Available
at: http://www.bbc.co.uk/news/technology-23403068 [Accessed 19 March 2014].
BRITISH BROADCASTING CORPORATION (BBC), 2014. How Isis is spreading its message online [Online]. Available
at: http://www.bbc.co.uk/news/world-middle-east-27912569 [Accessed 28 June 2014].
BUZZLE, 2012. Q&A: Internet Facts and Statistics [Online]. Available at: http://www.buzzle.com/articles/internetfacts-internet-statistics.html [Accessed 19 March 2014].
CENTER FOR STRATEGIC AND INTERNATIONAL STUDIES (CSIS), 2010. The Electrical Grid as a Target for Cyber
Attack [Online]. http://csis.org/files/publication/100322_ElectricalGridAsATargetforCyberAttack.pdf [Accessed 28
February 2014].
CRYSTAL, D., 2005. 'Cyberintelligence' in The Crystal Reference Encyclopedia. West Chiltington: Crystal Semantics.
[Accessed 22 February 2014 from Credo Reference]
DANCHEV, D., 2008. Coordinated Russia vs Georgia cyber attack in progress [Online]. Available at:
http://www.zdnet.com/blog/security/coordinated-russia-vs-georgia-cyber-attack-in-progress/1670 [Accessed 18
March 2014].
DEUTSCHE WELLE, 2014. Jihad Made in Kosovo[Online]. Available at: http://www.dw.de/jihad-made-inkosovo/a-17874069 [Accessed 1 September 2014].
31
FOSTER, P., 2013. 'Bogus' AP tweet about explosion at the White House wipes billions off US markets [Online].
Available at: http://www.telegraph.co.uk/finance/markets/10013768/Bogus-AP-tweet-about-explosion-at-the-WhiteHouse-wipes-billions-off-US-markets.html [Accessed 24 September 2014].
GARDHAM, D., 2011. MI6 attacks al-Qaeda in Operation Cupcake [Online]. Available at:
http://www.telegraph.co.uk/news/uknews/terrorism-in-the-uk/8553366/MI6-attacks-al-Qaeda-in-OperationCupcake.html [Accessed 13 March 2014].
GOOGLE VIDEOS. 2012. Observations in mainland China (English) [Online]. [Accessed 3 February 2014]. Available
from: http://www.youtube.com/watch?v=u2GHyVPoVms
INFORMATION WARFARE MONITOR & SHADOWSERVER FOUNDATION, 2010. Shadows In The Cloud:
Investigating Cyber Espionage 2.0 [Online] Available at: http://www.infowar-monitor.net/research [Accessed 4 April
2014].
JOHNSTON, P., 2013. The Internet, Social Media and Propaganda: The Final Frontier? [Online]. Available at:
http://britishlibrary.typepad.co.uk/socialscience/2013/08/the-internet-social-media-and-propaganda-the-finalfrontier.html [Accessed 28 June 2014].
TED - LANGER,R. 2011. Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon. [Online]. [Accessed 13 March
2014]. Available from: http://www.youtube.com/watch?v=CS01Hmjv1pQ
LINTNER, B., 2007. North Korea's IT revolution [Online]. Available at:
http://atimes.com/atimes/Korea/ID24Dg01.html [Accessed 1 March 2014].
MALLET, P., 2010. Stuxnet worm brings cyber warfare out of virtual world [Online]. Available at:
http://phys.org/news205132978.html [Accessed 18 March 2014].
MILLER, B. & DE LIA, P. J., 2006. 'Electronic Warfare' in Mcgraw-Hill Concise Encyclopedia of Science and
Technology. New York: McGraw-Hill. [Accessed 22 February 2014 from Credo Reference]
OPEN RIGHTS GROUP, 2014. Censorship [Online]. Available at:
https://www.openrightsgroup.org/issues/censorship [Accessed 15 March 2014].
RASHID, F. Y., 2013. U.S. Funds Projects to Bypass Internet Censorship, Government Control [Online]. Available at
http://www.eweek.com/c/a/Cloud-Computing/US-Funds-Projects-to-Bypass-Internet-Censorship-GovernmentControl-737141 [Accessed 10 February 2014].
REUTERS, 2014a. Chinese hackers repeatedly attacked U.S. computers of firms involved in movement of American
troops and equipment, Senate probe reveals [Online]. Available at: http://www.dailymail.co.uk/news/article2759753/Chinese-hacked-U-S-military-contractors-Senate-probe-finds.html [Accessed 24 September 2014].
REUTERS, 2014b. Jets vanishing from Europe radar linked to war games [Online]. Available at:
http://uk.reuters.com/article/2014/06/13/uk-europe-airplanes-safety-idUKKBN0EO1CO20140613 [Accessed 1 July
2014].
SAGAR, D., 2011. 'Iran' in D.S. Lewis & Wendy Slater (eds), The 2011 annual register: World events 2010, Ann Arbor,
USA: ProQuest. [Accessed 22 February 2014 from Credo Reference]
SANGER, D. E., 2013. Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power. New York
City, NY, USA: Crown
SHANE, S., 2012. Cyberwarfare Emerges From Shadows for Public Discussion by U.S. Officials [Online]. Available at:
http://www.nytimes.com/2012/09/27/us/us-officials-opening-up-on-cyberwarfare.html [Accessed 30 June 2014].
THE ECONOMIST, 2007. Weird but wired. The Economist, 3 February.
THE ECONOMIST, 2010. War in the fifth domain [Online]. Available at: http://www.economist.com/node/16478792
[Accessed 10 February 2014].
32
33
11. Bibliography
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
11.BIBLIOGRAPHY
AHMED, A., 2014. Cyber Warfare and Information Security for India [Online]. Available at:
http://strategicstudyindia.blogspot.co.uk/2014/02/cyber-warfare-and-information-security.html [Accessed 15 March
2014].
BALL, J., 2013. NSA monitored calls of 35 world leaders after US official handed over contacts [Online]. Available
from: http://www.theguardian.com/world/2013/oct/24/nsa-surveillance-world-leaders-calls [Accessed 26 February
2014].
BAY, A., 2009. Cyber Warfare: The Gray Zone Narrows [Online]. Available at:
http://www.creators.com/conservative/austin-bay/cyber-warfare-the-gray-zone-narrows.html [Accessed 30 June
2014].
BLANE, J. V., 2001. Cyberwarfare: Terror at a Click. Hauppauge, NY, USA: Nova Science.
BRITISH BROADCASTING CORPORATION (BBC), 2010a. BBC - History - Alan Turing [Online]. Available at:
http://www.bbc.co.uk/history/people/alan_turing [Accessed 18 March 2014].
BRITISH BROADCASTING CORPORATION (BBC), 2010b. Sampling North Korea's version of the internet [Online].
Available at: http://news.bbc.co.uk/1/hi/programmes/newsnight/8711951.stm [Accessed 28 June 2014].
CORNWELL, R., 2014. US declares cyber war on China: Chinese military hackers charged with trying to steal secrets
from companies including nuclear energy firm [Online]. Available at: http://www.independent.co.uk/lifestyle/gadgets-and-tech/us-charges-chinese-military-hackers-with-cyber-espionage-bid-to-gain-advantage-in-nuclearpower-metals-and-solar-product-industries-9397661.html [Accessed 29 June 2014].
DELIO, M., 2001. Hello 911, I've Got a Virus [Online]. Available at:
http://archive.wired.com/gadgets/wireless/news/2001/06/44545 [Accessed 29 March 2014].
DICKSON, J., 2014. Me and my job. SC Magazine, 2 January.p. 15.
FITZSIMMONS, E. G., 2013. Alan Turing, Enigma Code-Breaker and Computer Pioneer, Wins Royal Pardon [Online].
Available at: http://www.nytimes.com/2013/12/24/world/europe/alan-turing-enigma-code-breaker-and-computerpioneer-wins-royal-pardon.html [Accessed 18 March 2014].
GREENBERG, A., 2012. The Tor Project's New Tool Aims To Map Out Internet Censorship [Online]. Available at
http://www.forbes.com/sites/andygreenberg/2012/04/30/the-tor-projects-new-tool-aims-to-map-out-internetcensorship [Accessed 10 February 2014].
HIRSCH, E. D., et al., 2002. 'Denial-of-service Attack' in The New Dictionary of Cultural Literacy. Boston, MA, USA:
Houghton Mifflin Harcourt. [Accessed 22 February 2014 from Credo Reference]
HORTEN, M., 2014. UK ISPs & music industry broker 4-strikes copyright anti-piracy deal [Online]. Available at:
http://www.iptegrity.com/index.php/digital-britain/964-uk-isps-a-music-industry-broker-4-strikes-copyright-antipiracy-deal [Accessed 16 May 2014].
IMPERVA, 2012. The Anatomy of an Anonymous Attack [Online]. Available at:
http://www.imperva.com/docs/HII_The_Anatomy_of_an_Anonymous_Attack.pdf [Accessed 13 March 2014].
INTERNATIONAL BUSINESS TIMES, 2014. Cyber Warfare Simulation Launched by UK Banks and Financials
[Online]. Available at: http://www.ibtimes.co.uk/cyber-warfare-simulation-launched-by-uk-banks-financials144.5516 [Accessed 30 June 2014].
34
11. Bibliography
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
KARHULA, P., 2012. What is the effect of WikiLeaks for Freedom of Information? [Online]. Available at:
http://www.ifla.org/publications/what-is-the-effect-of-wikileaks-for-freedom-of-information [Accessed 15 March
2014]
KOPP, C., 2006. Desert Storm - The Electronic Battle [Online]. Available at: http://www.sci.fi/~fta/storm-01.htm
[Accessed 4 April 2014].
LT CDR WESTWOOD USN, J. T., n.d. Electronic Warfare and Signals Intelligence at the Outset of World War I
[Online]. Available at: http://www.nsa.gov/public_info/_files/cryptologic_spectrum/electronic_warfare.pdf
[Accessed 13 March 2014].
NATO COOPERATIVE CYBER DEFENCE CENTRE OF EXCELLENCE (CCDCOE), n.d. [Online]. Available at:
http://www.ccdcoe.org [Accessed 1 July 2014].
NATO, 2014. NATO and cyber defence [Online]. Available at: http://www.nato.int/cps/en/natolive/topics_78170.htm
[Accessed 1 July 2014].
NEW STATESMAN, 2013. The UK is right to build up its cyber-defences [Online]. Available at:
http://www.newstatesman.com/business/2013/10/uk-right-build-its-cyber-defences [Accessed 10 February 2014].
OFFICE OF THE NATIONAL COUNTERINETLLIGENCE EXECUTIVE (NCIX), 2011. Cybersecurity [Online].
Available at: http://www.ncix.gov/issues/cyber/index.php [Accessed 13 March 2014].
OPEN RIGHTS GROUP, 2012. Internet Censorship and Child Protection [Online]. Available at:
https://www.openrightsgroup.org/ourwork/reports/internet-censorship-and-child-protection [Accessed 15 March
2014].
OPENMEDIA, 2013. Leaked documents reveal extreme Internet censorship plan in the Trans-Pacific Partnership
(TPP) - Internet users around the globe outraged [Online]. Available at: https://openmedia.org/news/leakeddocuments-reveal-extreme-internet-censorship-plan-trans-pacific-partnership-tpp-internet [Accessed 15 March
2014].
OPENNET INITIATIVE, 2007. About Filtering [Online]. Available at: https://opennet.net/about-filtering [Accessed
28 June 2014].
SIGMAN, A., 2008. What children need is censorship [Online]. Available at:
http://www.theguardian.com/commentisfree/2008/nov/11/internet-digitalmedia [Accessed 28 March 2014].
SMITH, T., 2001. Hacker jailed for revenge sewage attacks [Online]. Available at:
http://www.theregister.co.uk/2001/10/31/hacker_jailed_for_revenge_sewage [Accessed 19 March 2014].
SPARKES, M., 2014. Fighting a cyber war from deep beneath London [Online]. Available at:
http://www.telegraph.co.uk/technology/internet-security/10698414/Fighting-a-cyber-war-from-deep-beneathLondon.html [Accessed 21 March 2014].
STONE, M., 2014. The Great Firewall Blocking Facebook In China [Online]. Available at
http://news.sky.com/story/1206329/the-great-firewall-blocking-facebook-in-china [Accessed on 13 March 2014].
SWENEY, M., 2012. Ofcom outlines new anti-piracy rules [Online]. Available at:
http://www.theguardian.com/technology/2012/jun/26/ofcom-outlines-anti-piracy-rules [Accessed 28 March 2014].
TAKAHASHI, D., 2009. Hotspot Shield lets users get around web censorship [Online]. Available from:
http://venturebeat.com/2009/10/20/hotspot-shield-lets-users-get-around-web-censorship-anonymously [Accessed 3
August 2014].
THE ECONOMIST, 2012b. Seek and hide [Online]. Available at: http://www.economist.com/node/21556569
[Accessed 10 February 2014].
35
11. Bibliography
What is cyberwarfare and to what extent does it pose a significant threat to world security and the future of humanity?
36