Centuries of territorial wars climaxed in the “War to end all wars, and then it didn’t suffice; there was another war. However, the world has changed, and the subsequent Great War could very well be in the cyber realm. The future of this world is cyber! A comprehensive tech plan can help fight against digital attacks.
Cyberwarfare is using technology to attack and sabotage a nation’s computers or information networks. Cyber-attacks and cyberwars can cause significant damage and lead to catastrophic consequences. Professor John B. Sheldon emphasizes that one should differentiate between cyberwar ” use of cyberspace by terrorist or with cyber-espionage or cybercrime,” despite all four activities using similar tactics.
Computers interconnected with each other in a network are called cyberspace. This network is a virtual dominion of interconnected digital devices such as computers, routers, servers, internet-connected devices.
Any attack on this digital space is a cyber-attack. Cyberattacks are also called digital attacks since they are launched onto the digital area. Cyberdefense advert to safety measures for fending off such cyberattacks.
Demystify the Web: Cyberspace and Its several Layers
Professor Sheldon claims that there are primarily three layers to cyberspace.
- Firstly is the somatic layer. It consists of the “hardware, cables, satellites, and other equipment.”
- Secondly, the syntactic layer. It consists of the “software giving the operating instructions for working the physical equipment.”
- Thirdly, the semantic layer. It signifies human interaction with the computer-generated information and the user’s interaction with the data.
Each layer is vulnerable to cyber-attacks. The concrete infrastructure of cyberspace can be destroyed using traditional weaponry and combat techniques. In this, the attackers access and eliminate the physical asset in the infrastructure system. They physically destroy computers and tamper with the network systems. Furthermore, the attackers can also subjugate or kill the physical end-user of such infrastructure.
For example, attackers can manipulate network systems and damage security cameras sanctioning break-ins to go undetected. An example of physical attacks is the annihilation of communication networks and computing facilities during the operation against Iraq led by the USA.
Malicious Cyberweapons such as malware and hostile codes can disrupt the syntactic layer. Malware or corrupt software such as bombs, trojans, spyware, or worms are adept at preventing normal computer processes. Alternatively, distributed denial-of-service (DDoS) attacks transform computers into “zombie” computers.
For example, during February 2018, an acute DDoS attack had severely affected GitHub. Although GitHub could beat the attack within 30 minutes, the traffic peaked at 1.35 TB per second, enormous.
Semantic attacks are well known for carrying out espionage and covert criminal activity. Cyberwar attacks like phishing and baiting are standard modes for sabotaging the semantic layer. These attacks exploit computer-generated data to obtain valuable (and confidential) information such as financial details or passwords.
To instantiate, sometime in 2010, perpetrators stole the passwords of people amorous of viewing an allegedly exposed photograph of a Bollywood actress.
Cyber-attacks may often be convoluted between the layers and highly complex. Accordingly, it may require seasoned white-hat hackers to counteract the digital attacks. However, it is always difficult to respond within an optimum time, and sometimes it may be too late.
Therefore, people and organizations must be equipped with a robust data protection mechanism. Since cyberwarfare does not obey territorial bounds, it is ideal for applying international law on cyber operations.
Cyber Operations under International Humanitarian Law
International Humanitarian Law, better known as Laws of War, governs armed conflict and occupation situations between two or more states. Based on solely humanitarian grounds, International Humanitarian Law (IHL) seeks “to limit the effects of armed conflict.”
IHL – Cyber Law
Most of the principles of the IHL emerge from the four Geneva Conventions of 1949. The Second World War warranted the adoption of these principles. IHL also applies to infighting or internal armed conflicts, albeit subdued.
An article published by The United Nations, UNIDIR which described “cyberwarfare” as “warfare carried out in cyberspace through cyber means and methods. The paper states that cyber operations under international humanitarian law or jus in Bello are limited to cyberwarfare alone. IHL may exclude “cyber criminality” and “cyberterrorism.”
It is challenging to apply IHL to the virtual domain since cyberspace is artificial and cross-border. Since it knows no boundaries, it is difficult to predict the location of an attacker. Experienced attackers are proficient at masking or spoofing their IP addresses. The only way to combat cyber-attacks is through a dedicated task force.
Article 2(4) of the UN Charter warns States against using “force against the territorial integrity or political independence of any state, or in any other manner incoherent with the Purposes of the United Nations .”Redefining the term “force” would help increase the UN Charter’s ambit to apply to digital attacks as well.
Several states, private/civil-sector entities, and business organizations adopted the Paris Call for Trust and Security in Cyberspace. This declaration is a positive step towards securing “an open, secure, stable, accessible and peaceful cyberspace.”
Nine Principles of the Paris Call for Trust and Security in Cyberspace
The Paris Call for Trust and Security in Cyberspace is a massive step towards making an international law applicable to cyber operations. It is based on the substratum of nine principles which are:
- Protect people and infrastructure (from malevolent cyber activities).
- Safeguard the internet (from activity that intentionally and severely damages the general availability or integrity).
- Safeguard electoral processes (against foreign actors’ malign interference through malicious cyber activities).
- Protect intellectual property (including trade secrets or other confidential business information).
- Non-proliferation (of malified software and practices intended to cause harm).
- Lifecycle security (of digital, products, processes, and services).
- Cyber hygiene (a step that strengthens advanced cyber hygiene for all actors).
- No private hack back (for non-state actors).
- (Promote the widespread acceptance and implementation of) international norms (of responsible behavior).
The Call envisaged following up on the progress at the Paris Peace Forum in 2019 and the (IGF) Internet Governance Forum 2019 in Berlin
The theme of the forum was “One World.”One Net. One Vision” and
- was centered on:
- Digital Inclusion
- Data Governance
- Security, Stability, Safety, and Resilience.
The IGF 2020 was a virtual conference emphasizing ‘Data’ as one of its central themes. Its underlying theme was “Internet for human resilience and solidarity.”The COVID-19 pandemic has glorified the significance of digital technology, and with technology comes the angle of cyber security.
Ten Commandments of secured Cyberspace
While it is challenging to implement uniform international law to govern cyber operations, measures ensure cybersecurity. Program Document by Sandia National Laboratories released a discusses ten questions for enhancing cybersecurity. Though these ten rules do not guarantee cyber-safety, they can help adopt an effective and viable cyber-defense mechanism.
- Firstly, ensure controls (checks and measures) on physical access to critical system components and cyber nodes.
- Additionally, adopt solid passwords and shuffle them regularly.
- Ensure minuscule connectivity between business and control networks.
- Remote access should be given to business networks and control networks only when necessary.
- Moreover, enable two-factor authentication for remote access to applications.
- Furthermore, regularly review user access privileges and instantly revoke the credentials of former employees.
- Constantly audit and test access control and intrusion detection systems like entry systems, alarms, and firewalls.
- Additionally, update operating system patches, virus checkers, and malware removal software.
- Habitually test physical security conditions such as cyber connections.
- Finally, ensure mutual aid agreements, cyber backup procedures, law enforcement contacts, and emergency power or communication systems.
Author –Shrey Madaan – Research Associate, Cyber Peace Foundation