Cybersecurity and Cyberwar: What Everyone Needs To Know

ARPANET: Origins of the Internet

ARPA (Advanced Research Projects Agency) established in 1958 in response to the Soviet Union's launch of Sputnik, was created to spearhead U.S. technological advancements. One of its most groundbreaking achievements was the development of ARPANET, the first computer network and a precursor to the modern internet. In 1972, the Pentagon renamed ARPA to DARPA (Defence Advanced Research Projects Agency) to emphasise its focus on cutting-edge defence technologies and innovation in military applications. DARPA continues to be a leader in technological advancements, playing a critical role in cybersecurity, artificial intelligence, and more.

The Reality of Cybersecurity Threats

• Former President Obama said, "Cybersecurity is the most challenging aspect of the 21st century." This statement reflects the enormous impact cyber threats have on global security, business infrastructure, and everyday life.

• A staggering 97% of Fortune 500 companies have experienced hacks, and the remaining 3% may simply be unaware of breaches that have occurred. The fact is, no organisation, no matter how secure it seems, is immune to cyber threats.

• One of the most notorious cyberattacks occurred in 2008 when a simple mistake—a U.S. soldier plugging a rogue USB drive, found on the ground outside a base, into a military computer—caused a massive security breach. The Agent.BTZ (Autorun) worm infected 300,000 military computers across the Middle East, leading to a 14-month-long operation to clean up the network. That's why cyber expert keep on saying "Humans are the weakest link when it comes to cybersecurity".

• In another notable incident, a Windows security flaw enabled the creation of a botnet of 7 million computers, demonstrating the global scale of potential vulnerabilities. Even the F-35 fighter aircraft was compromised three times, including once mid-air, forcing the pilot to manually navigate and troubleshoot the plane’s systems. These incidents underscore the vulnerabilities present even in the most advanced military technologies."

• Furthermore, social security numbers in America can often be easily guessed using information like date of birth and place of birth, illustrating how personal data is not as secure as many believe.

Hacktivism and Global Cyber Espionage

• Hacktivism, the use of hacking to promote social or political agendas, has risen dramatically in the last two decades. The group Anonymous, one of the most influential hactivist groups, has made headlines by targeting corrupt officials, child predators, and even Mexican drug cartels. Though their origins are murky, they gained prominence in the mid-2000s.

• The Chinese government’s cyber espionage has been another key concern. Unit 61398, known as the Comment Crew, is a Chinese hacker group accused of stealing intellectual property from the U.S. They are notorious for their successful attacks on U.S. companies and government systems. Whenever the U.S. publicly blames China for hacking, China's response often claims that the U.S. remains in a Cold War mentality. The relationship between the U.S. and China is complicated by the fact that both nations are heavily involved in cyber espionage. As the author notes, "The U.S. hesitates to publicly blame China for cyber espionage because they too are guilty of it on a massive scale."

• In 2009, American soldiers in Iraq captured an insurgent who, when questioned, led them to his laptop. Upon examining the device, they made a surprising discovery: the insurgent had been using a program called 'Skygrabber,' developed by college students, to spy on U.S. military operations. This software allowed him to intercept video feeds from unmanned aerial vehicles (UAVs), effectively watching American troops monitor him in real-time. This incident highlighted the vulnerabilities in military technology and the unexpected ways insurgents could exploit readily available tools to gain a tactical advantage, emphasising the importance of cybersecurity in modern warfare.

The Evolution of Cybersecurity

• Cybersecurity as a discipline has evolved dramatically. The CIA triad—Confidentiality, Integrity, and Availability is a foundation of modern cybersecurity, but additional concepts like resilience have emerged as equally important. According to the author, resilience—the ability to recover from an attack must be prioritised in both private and government sectors.

• Julian Assange's WikiLeaks is another example of how fragile confidentiality can be. By leaking sensitive military documents about U.S. operations in Iraq and Afghanistan, Assange changed the global conversation around cybersecurity and government transparency.

• The international nature of cyberspace presents its own set of challenges. In 2007, Australian hackers made headlines for breaching NASA’s systems with a worm they humorously named "WANK" (an Australian slang term). Such incidents highlight the fact that even friendly nations can engage in cyber activities that undermine each other’s security.

• A notable incident involves a BMW car theft in London, where thieves used a radio jammer to block the owner's signal to lock the car, demonstrating how advanced some techniques have become. Additionally, botnets composed of thousands of compromised computers can be used to launch DDoS attacks, crippling entire networks by overwhelming them with traffic.

• In the early days, simpler attacks like buffer overflows (the first of which occurred in 1970) were common, but modern attacks like the Stuxnet malware—a sophisticated worm designed to sabotage Iran's nuclear program show just how advanced hacking has become.

State Cyber Warfare

• Cyber warfare is still a murky concept. The author points out that there is no clear definition of what constitutes a cyberwar. Estonia, one of the most wired countries in Europe, found itself vulnerable to a massive cyberattack in 2007, which it blamed on Russia. However, without an official framework for cyber warfare, NATO was unable to respond in a traditional military sense.

• Hacking North Korea is challenging because most of its computers are isolated from the global internet, making external breaches difficult. In contrast, North Korea can easily target the U.S., where extensive network interconnectivity provides more opportunities for cyber attacks. The more connected a country's systems are, the greater the potential for exploitation. North Korea has showcased its hacking capabilities through high-profile incidents like the Sony Pictures breach and the WannaCry ransomware attack, illustrating that even a country with limited internet access can pose a significant threat.

• The author notes that the U.S. spends more on offensive cyber capabilities than defensive ones, and that this imbalance could be problematic in the long run. The U.S. also faces difficulties in addressing cyber attacks because 98% of its government communications run through the public internet, which is inherently vulnerable.

• The U.S. has established Cyber Command, a military organisation designed to defend against and execute cyber operations, it underscores how important cybersecurity is to modern military strategy.

• As for threats, the assessment of adversaries is extremely difficult, and in most cases, organisations must prepare for the worst-case scenarios due to the inherent uncertainty.

Cybersecurity in Corporation

• Hackers use a wide range of techniques to infiltrate systems. Social engineering remains one of the most effective methods, manipulating individuals into divulging sensitive information like passwords and credentials.

• Companies today must enforce strict cybersecurity policies. Lockheed Martin, for example, has a "Red Team" training program that requires employees to retake courses if they fall victim to phishing attacks. The idea is to make cybersecurity second nature for employees, who often represent the weakest link in any security system.

• Corporations are often more focused on availability—ensuring that their services remain operational than on confidentiality or integrity, which are typically more important to state actors. This difference in priorities can lead to significant vulnerabilities.

• Big data has introduced new challenges for cybersecurity. While it offers incredible opportunities, the vast amount of data collected also makes it easier for hackers to find and exploit weaknesses. The most common passwords, such as “password” and “123456,” exemplify how weak many security measures are.

• One area where companies and governments agree is the need for improved information sharing. Platforms like Information Sharing and Analysis Centres (ISECs) have become critical in the fight against cybercrime, allowing organisations to share insights about emerging threats.

Future of Cybersecurity & Conclusion:

• As technology continues to evolve, so too do the threats faced. The author emphasises the need for a “Cyber CDC” (similar to the U.S. Centers for Disease Control), a centralised organisation focused on preventing and responding to cyber threats.

• As the book points out, being powerful in cyberspace means having more choices, but it also means being more vulnerable. The more connected a country or company is, the easier it is to attack. Additionally, some attacks may not be worth defending against due to the cost being greater than the defence itself.

• Moreover, establishing global cybersecurity policies is crucial, but countries often struggle to reach consensus on effective strategies. Incentives for individuals to report malicious activities in cyberspace could also foster a more secure online environment.

• The book Cybersecurity and Cyberwar: What Everyone Needs to Know offers highlights how interconnected and fragile the digital world has become. As cyber threats grow more sophisticated, individuals, companies, and governments must remain vigilant and continually adapt their defences. Cybersecurity is not just a technological issue; it is a critical aspect of modern life, affecting everything from personal privacy to global security.