Cyberspace: Game-play in the New Security Realm

By Wang Yong

?

Cyberspace: Game-play in the New Security Realm

By Wang Yong

Strategic Research Department，National Defense University

On 20 March 2013, as the Korea-U.S. joint military exercises against the DPRK into the climax, South Korea suddenly suffered massive hacker attacks, more than 32,000 computers and servers were damaged by the attacks, including six hackers from the same organization. Although the hackers source of the attacks is yet to be verified, wide-raging speculations on the peninsula "cyber-war" as a prelude to real war has aroused severe worries. In this connection, the U.S. cyber warfare commander Alexander on 12 March 2013 announced while testifying before the Congress that the United States will build 40 new network task forces, of which 13 will be used to launch intrusion, 27 for full-time training and monitoring. These indicate that security problems generated by competition for cyberspace have become a new real challenge.

Cyberspace Expands Social Needs But Also Changes Traditional Security Boundaries

Cyberspace is an information exchange domain based on interdependent networks of information infrastructure, which consists of Internet, telecommunications networks, computer systems as well as embedded processors and controllers by key industries, and formulates an interdependent digital information processing environment. This unique carrier organically integrates the national public networks, critical infrastructure networks and specialized defense networks onto an "information highway", and provides a variety of convenient services for modern life and safety and security.

Relevant data shows that there are in the world currently at least 12 billion networked computers and devices, number of Internet users more than 2.0 billion , while the number of Internet users in China accounts for 34.6% of the total users, and up to 280 million mobile Internet users. It can be said the networks "nerve endings" have been extended to all areas of society, penetrated into the political, economic, military, cultural aspects, and other aspects of life. Whether it is production or life, is almost inseparable from information networks. Meanwhile, security problems caused by the networks are also increasing. According to the "Computer Manager" monitoring reports, fraud URL blocked off in only 2012 in China reached 4.48 billion, with daily average of 12 million malicious URL blocked. The CNCERT sampling monitoring in 2011 found that about 47,000 foreign IP addresses as the Trojan horse or "zombie" network control servers involved in controlling up to 8.9 million PC controllers. Obviously, we are trapped in a "network storm" shocks.

This also shows that today's security problems will occur not only along the traditional "border lines", and the danger may be just on our side. Cyberspace security problems are not only significantly harmful, but also can exert wide-ranging impacts. Maybe one day when one wakes up and finds that your bank card fails or deposits are cleared, the stock exchange cannot be in normal operation, the national financial order is out of control; gas stations cannot refuel, most or all of the city traffic lights are off with the whole city in traffic chaos; fixed telephones and mobile phones are unable to get through, computers or TVs are Huaping or black, the surveillance equipments and communication systems of the task forces on strategic duty fail, the telecommunication, media and communications systems of a locality or an entire region are in an abnormal state ...... This science that is previously found in fiction movies or espionage films only may emerge at any time in real life. These new security problemsrising from the cyberspace have made the security boundaries become more blurred, and strategic game-play for security extended from the traditional Arms days to electromagnetic fields, state or non-state organizations and individuals. And the cyberspace will have a dual identity of both cyberspace security victims and security interests defenders. Cyberspace is becoming an important aspect affecting social stability and national security, and ensuring cyberspace security is a formidable task.

"Alternative Operations" Based on Cyberspace Are Becoming Routine, and Classic Cases Are Worth Further Studies

If more attention was paid to the "precision operation" by applying high-tech weaponry during the Gulf War in the early 1990s of the 20th century, then, during the Iraq war in the beginning of this century, attention is not only given to the show of the traditional battles operation, but, "alternative operations" based on cyberspace -- "cyberwar" in the new form-- has become increasingly clearer. As early as the year (2002) before launching of the Iraq war, the U.S. Navy established a Cyber Warfare Command, and then the U.S. cyber warfare task forces and the operational concept have also rapidly developed and become an important channel for planning and implementing the "war to overthrow Saddam". Relevant information shows that the then President George W. Bush in July 2002 signed the National Security Presidential Decree No. 16. This Presidential Decree puts forward guiding principles to launch cyber attacks against a "hostile country" such as Iraq. In the following year, the cyber warfare troops under the command of two-star general D. Brian, in line with the "Presidential Decree" requirements and the Department of Defense plans, orchestrated the "cyber warfare" in the "Iraqi Freedom Actions" in 2003. One of the most effective means is to use various "cyber intrusion" to launch long large-scale "soft attacks" against computer networks for major departments of the Iraqi government and military. In addition to blacking out the cyber networks of Iraq (especially command and communication systems), the intrusion also sent bulk emails on exposing the crimes of Saddam Hussein family and inducing Iraqi Government officials and military commanders, and the majority of ordinary people using network mailbox to capitulate, thus, greatly undermined their will to resist and contributed to quick disintegration of Iraqi "Republican Guard" and "resistant forces" under the military strike.

During the 2011 Libyan crisis intervention, the United States again used the "cyberwar" as an effective means in actual operation. After the "Odyssey Dawn" operation, the United States ostensibly handed over the command of military action to NATO, and pushed the "unified force action" of the British and French air and naval forces on to front line, but actually carried out another war in cyberspace. In this online war without gunpowder smoke, the United States operated a large number of professional and non-professional cyber warfare forces for launching a massive "wireless network intrusion" against Libya. In order to easily grasp first-hand information, CEOs of a number of U.S. companies to provide network attack techniques were all in the "front line" in Benghazi and Tripoli. In this "Cyber Dawn" operation, the United States combined the use of conventional fixed cyber attack force and a dynamic cyber attack force composed of the airborne, ship-launched and a variety of electronic warfare platforms carried by special operations forces to intervene and suppress the Libyan government military command and control systems, and even the 32ndand 9thbrigade under the direct command of Gaddafi were also intruded and controlled by American special cyber warfare forces. Through "taking over" Libyan authorities’ computer networks (primarily wireless networks), the U.S. and NATO command systems not only disturbed Gaddafi's position, but also grasped the dynamics of himself and his followers so as to constantly adjust the strategy on targets. So these provide a near real-time "battlefield guide" for NATO to carry out more effective military strikes as well as coordinate with the Libyan "National Transitional Council" and the armed opposition’s "Down with Gaddafi actions". This fully shows a modern version of a strategist winning thousands of miles away.

Following the crisis in Libya, Syria in the Middle East becomes the "storm eye" of another crisis influenced by the "Arab Spring". The crisis has lasted more than two years and "spilled over" to Syria's neighboring countries, then, it is difficult to predict what impacts it will exert on the regional situation and the international pattern. Although there is no systematic reports on this crisis regarding "cyberspace" contest, yet, it is not difficult to sniff "cyber war" clues from the reports on West’s continuously cooking the Syrian chemical weapons issue as well as senior military commanders and officials from the government repeatedly abandoned Syrian Bashar regime. Previously, Natanz nuclear reactor in 2009 suffered virus (Stuxnet) attacks and paralyzed, which raised more awareness of "cyberwar" great destructive power. Following the "Stuxnet", there has appeared more powerful "Flame" virus, which has "patronized" tens of thousands of global industrial data control systems. The code of this virus is extremely complex and has other unique capabilities, which can cover up traces of online fraud, identify targets and destroy hardware (including damages of physically independent network facilities), and which can be hardly manufactured by average countries or non-governmental organizations unless advanced technology and strong professionals teams are available. This will also guide the concerned watch on Iran's main adversaries such as the United States, Israel, etc. In this connection, the "Cyberspace International Strategy" and "Cyberspace Action Strategy" released by the Obama Administration in 2011 not only emphasize the necessity of developing cyber attack facilities and implementing cyber deterrence, but also view cyber attack as an "act of war", and claim to return "a retaliatory strike". This indicates that new military preparations for response to the cyberspace threats have become increasingly real and urgent.

Various Countries Compete for Developing Cyberspace Strategy and Competition for "Cyberspace Control Power" Will Become More Intense

In the year 2010, Assange and "WikiLeaks" constitute open challenges to the Western major powers. The website disclosed 250,000 U.S. diplomatic documents, which set off a cyberspace individuals frenzy against the state, and sent the United States in "Diplomatic 9/11" panic. The desecration of the Islamic Prophet in a movie on the Internet has produced magnificent anti-American sentiment among people in Muslim countries, and ultimately led to American Ambassador in Benghazi, Libya burned dead. Another phenomenon is also reflected: a "cyberwar" will be implemented both ways and the front line is very vague, even if a country with very advanced cyber -network technology also faces an enormous challenge of cyber-network security. An undeniable fact is that with the increasing popularity of cyber-networks, our "security weakness" is also more exposed. Today, not only a country, but smaller "non-governmental actors" and even individuals may become a network security constraint. In view of this, 11 countries in 2011 had developed a "cyber-network security strategy". Having released a new, the Obama Administration also has issued aconsecutively, and paralleled the cyber-network, nuclear and space for the same national security strategic attention, established a unified cyber electromagnetic space command, promoted the "Einstein" projects and implemented the "X- plan" as well as formed 40 "Cyber-network Task Force", etc. Britain, Austria, Germany and some other NATO countries have also released their own "Cyberspace Security Strategy", and actively participated in a series of exercises by the U.S.-led "National Cyber Range" test and the "cyber-network alliance". Neighboring Russia, South Korea, Japan, etc., have also established special cyber warfare forces and strengthened "cyber-network sovereignty" consciousness .

If competition for "controlling air" and "controlling sea" is generally the focus of the war in the last century, then attaining "cyber-network power" will become contending priory for war and non-war actions in the new century. Thus, it is not difficult to explain why the United States, in early 2013 on the pretext of a research report released by Mandy Angte cyber-network security ompany, cooked the so-called "hacking" acts by "China cyber warfare forces" located in Shanghai. In fact, the United States whips up a public opinion and looks for reasons in order to establish its code of conduct for cyberspace (i.e., cyber-network voice). Chinese Defense Ministry spokesman stated that the U.S. company report is neither professional nor based on facts, IP addresses tracking shows that in 2012 cyber-networks of China's Defense Ministry and military cyber-networks monthly suffered intrusions from abroad up to 144,000 times, of which 62.9 percent from the United States. It can be seen that it is China rather than the United States that is threatened by is cyber- networks.

These phenomena remind us that the security alert under the background of informationization has extended all-dimensionally, and preparedness should be related more to technology, intelligence and adaptability to the new security environment. In the face of increasingly fierce competition for cyberspace, to defend the "new defense mobile frontier" sovereignty and security becomes a very difficult task. In view of this, it is necessary to update the traditional concept of security and the new threats from cyberspace, virtual but existing everywhere, and difficult to distinguish but clearly marked, and take it into account for the national security strategy planning, and to develop a relative comprehensive response mechanism by professional organizations and teams under the guidance of national authoritative departments so as to attain the initiative in the competition for cyberspace.