Slashdot Mirror
Pakistan-India Cyberwar
Enoch Root writes "There's been a lot of talk in the past about the possibility of a "cyberwar" complementing a real war. Well, now it's a reality. India and Pakistan engaged in a cyberwar earlier this year." Quote from the story: "Several top Indian and Pakistani computer professionals in America and Europe are 'helping' their respective governments by supplying information on the best way to harm the enemy's computer systems."
I'm sorry, but I don't see cyberwar replacing real war in effectiveness for a long long time. If ever.
Amen brother. this is not warfare, redirection on a web site or email will not influence the outcome of a conflict. real cyberwarfare will involve disruption/faking of communication between command and combat units.
The US touched on this in the gulf when the first targets that were attacked where communication systems and effective blinding Iraq's intel sources. but that doesn't even touch on what a real cyber attack could do. Imagine if, instead of blowing up communication centers, you took over communication centers. you could then direct enemy units to engage each other by telling each them that the hostile target are just over that hill - go kill them! by the time the units realized what had happened they i've taken massive casualities, morale will be decimated, and future intel won't be trusted. next, they call for reenforcements. The captured commo center intercepts that request and forwards it on to higher command, except they change the location that the troops and supplies needs to be sent to and the new location just happens to have an enemy battalion waiting for them.
In a real cyberwar you would defeat your enemy my using his computer system against him. trying to deface a website will not effect combat effectiveness or the outcome of a battle.
anyhow that's my $0.02
"Karma can only be portioned out by the cosmos." -- Homer Simpson
There is a big difference in perception here. The nuclear have-nots see possession of nuclear capability as a currency of political influence rather than something which they expect to blow up their neighbours with. Another issue is the portrayal of the nuclear have-nots(or newly-haves in the case of Pakistan and India) being irresponsible or somehow trigger-happy with nuclear weapons. Why does everyone assume that the US, China and Russia are responsible wielders of nuclear weapons? Or is this an effort to preserve political influence? The US record on non-proliferation is rather spotty. It applies strong pressure on some countries, and often turns a blind eye, say, when North Korea or China provide missile and fissile technology to other countries. Why isn't the deteriorating security situation in Russia a greater concern? It is more likely that a rogue organisation would steal a warhead or fissile material, or that with the deteriorating communication infrastructure, an army general distraught over the decline of the glory days could commandeer use of the Red Button.
Rather than a pro-India slant, it is a case of having access to an Indian source. The author is Indian. I think he did a profile of the Indian army webmaster and tried to give the piece a ``cyberwar'' slant in a lame effort to make it interesting.
A much better example of ``cyberwar'' would have been describing how the Indian intelligence agencies managed to intercept a phone call between the Pakistani army chief, who was visiting China in an effort to garner support for the war, and one of his underlings back home. It is highly unlikely that intelligence agencies on either side would make known their successes, but this specific instance was made public by the Indian government as part of the evidence to prove that the invasion was conducted by the Pakistani army.
Is this an absolutely off-the-cuff remark, or is /. a forum for political discourse? Pakistani armed forces crossed the ``Line of Control''(LoC) that was demarcated in a bilateral treaty in 1972. The Indian army was defending Indian territory. They went out of their way to prevent the conflict from spreading by not targeting supply depots or crossing over to the Pakistani side of the LoC.
The answer to the rhetorical question is that there is no easy way to end conflicts. Responsible influential nations would do well to nudge adversaries towards talks, and back their words with even-handed action. The rise of Islamic militancy in central Asia can be linked almost directly to the US funding and supplying of the Taliban in Afghanistan. With that war over, many of the militants have had to turn elsewhere to continue their way of life. Many have turned back to bite the hand that once fed them. There are moral, military, political and social lessons in the United States' history of foreign policy interventions. Perhaps someone will learn them some day.
What I'm sure you know, but other /. readers may not, is that the stuff on the Air Chronicles site is not official Air Force doctrine. The site is intended for discussions and debate on doctrine, so obviously a good deal of it will not agree with whatever the party line happens to be. I had two articles published in Airpower Journal (which is hosted on the site) and they did not agree with existing AF doctrine -- nor did they change it much ;)
That out of the way, I think some of this "cyberwar" stuff is overblown in the following sense: Lots of things that are support functions of real (i.e., "steel on target") warfare are also performed during peacetime, but that does not make them acts of war.
-- Countries try to break each other's ciphers all the time. Cracking encryption is not a hostile act by itself.
-- A surveillance aircraft is flying up and down my coastline - in international waters. During a war I shoot it down. During peacetime I just have to suck it up.
-- If someone jams your radar it doesn't give you immediate justification to shoot at them, though obviously it's not a very neighborly thing to do. In certain circumstances you might be justified (e.g., maybe the no-fly zone in Iraq). Again, it's not an act of war by itself.
I think cracking falls into the same category. Countries are going to try to break into each other's computer systems from here on out, but I don't think anyone will declare war over it. The exception would be if someone used access to an information system to muck up things in the physical world -- the oft-cited power grid example comes to mind -- but that's an act of sabotage.
I wouldn't call this a cyberwar, it's more like simple vandalism to me. A true cyberwar would
involve massive DOS, financial transactions going awry, key servers being compromised through out industry and government (I'm sorry but a webserver just isn't that important in the grand scheme of things.), maybe even EMP devices.
While a cyberwar is something to prepare for (both defensively and offensively), one shouldn't be losing sleep over webpage defacing. This kind of stuff goes on all the time. I'd expect that during a shooting war (or maybe even during a cold war to a lesser degree) that the script kiddies would be defacing everything they could get their hands on. Afterall, everyone must do his or her part during a time of national crisis. I can't imagine these acts being promoted by a government, but I don't think they'd actually prosecute or even search for who was attack the enemy's webserver.
The spectre of a cyberwar is greater for industrialized (or is it now "post-industrialized"?) countries. The United States for example simply can't function without an interconnected computer system anymore. It's now time for countries to start protecting networks just like other infrastructure. (Can you say "strong crypto"?)
Anyway cyberwars have been going since the beginning of time (remember "cyber-" actually means "information"). Secrets, misinformation, propaganda, it's all the same. It's just that now, governments aren't going to be the sole targets for this kind of war (but then again when was there a war where non-government entities weren't attacked too?).
".. I like pork!"
- Brak
If this is the way wars are going to be fought in the future, at least there will be less blood lost.
--
Both of these nations have recently (was it a year and a half ago?) aquired nuclear weapons capability. Not to sound paranoid or anything, but if there were ANY two nations I'd rather not see fooling around, it'd be these two.
This "cyberwar" reads like mild propoganda and cracking. No biggie. We're not talking major industry and government servers hit with DOS attacks or anything. But rather this is a prelude. Let's hope we DON'T see anything more serious than this . . . I don't want to be around when push comes to shove comes to pushing red buttons.
Bad things often happen to good people,
It is up to them to see that they remain good.
India, Pakistan both suffer from 'brain drain', as their techies move to the U.S. for better job prospects. Is the reverse now true? Are all of our script k1dd13z moving overseas to wreak havoc with webpages?
;)
Not a bad trade, if you ask me
Actually, this is more of the same website-vandalism crap that we always hear about in the media. It's kind of funny that the Indian and Pakistani militaries are doing the same 31337 h4X0Ring that fourteen year olds are doing here. Far from a _REAL_ cyberwar though. We won't read about that one, when it happens...
----
We all take pink lemonade for granted.
There is no K5 cabal.
I am not the real rusty.
Surely with all the technology that is a part of military systems today, war is cyberwar. If the systems onboard an aircraft can be hacked (somehow), and the aircraft is brought down, is that cyberwar? or just plain war?
if cyberwar is merely hacking and 'eavesdropping'.. bringing down your enemies' government's web pages is hardly likely to ensure a victory :-)
In fact, if you hack someone's machine, are you declaring cyberwar on them?
Consider this: who's the sole country that used nuclear weapons on another? US. Which two countries came the closest to all-out nuclear armageddon? US and the USSR. Yet these two were the superpowers of the time, and the most "civilised".
We're quick to judge other countries as more dangerous than the Western World because of, say, religious fundamentalism. I think there's nothing saying that they can't be as (ir)responsible as us.
"There is no surer way to ruin a good discussion than to contaminate it with the facts."
(Excerpted from the Air Force's "Air Chronicles")
And from a different "Air Chronicles" article:
So where is it all going to end up? Will we need soldiers in the future? Of course! Will our government begin Computer warfare as well? Chances are very high that it will. As it all becomes more prevalent the DoD will respond, and you can bet some of the script kiddies in Federal lockup right now will get some special offers.
Somewhat frightenedly yours,
-efisher
---
this
Come on. This stuff goes on every day on commercial websites here by the k1dd13s. I'm personally relatively unconcerned about this insofar as it being a "cyberwar".
:)
I am concerned, however, about two neighboring nuclear powers involved in essentially a religious war. And things like this may only serve to incense the people more -- not something we want to see.
That's why this is a little more important than one Quake clan hacking another's website -- they typically don't have control over medium-range nuclear missiles.
BTW, did anyone else notice the severe pro-India slant? I personally have no real feelings for or against either government, but that writer sure seemed to favor India. Who actually believes that either one of these countries is somehow acting more 'mature' than the other?
"You can never have too many elephants on your team."
Seriously, people tend to contribute to OSS depending on their specific needs and resources. Having military forces investigate and contribute to the security of OSS would be an...interesting...development.
Cheers,
Ben
My usual seat in the cluetrain is at A HREF="http://pub4.ezboard.com/biwethey.ht
Real cyberwar occurred during Desert Storm when the Iranian governement found that their networks systems had been compromised on several levels.
Cyberwar of the future will include everything from intelligence operations to subtle data modifications that result in supply snafus and bad descision making. In World War II one of the most important 'data' tools available was not encryptionm -- but good maps. And both sides attempted to degrade the other's maps through disinformation and spies. Think how much more powerful it would be to throw off an attacking force by a few miles by messing with their navigation systems?
For real cyberwar look for attacks on databases, inventory control, truck routing, payroll, navigation and targeting systems. Not web pages...
Jack
- -
Are you an SF Fan? Are you a Tru-Fan?
Right, so at the moment were dealing with progaganda type hacking attacks mainly seeming to be some sort of denial of service (rerouting email, blocking site access, etc).
What happens when these guys, or someone else, really starts to go at it?
The good cracker is much cheaper to outfit than a professional soldier.
What does a cracker need? A fast computer (around ~4000 for top of the line), a reasonably fast net connection, a bag of doritos, and storage in a cool dry place. What does a single foot soldier need? Weapons and Equipment, barracks, transportation, a support staff (cooks, medics, pot scrubbers...), artillary, aircraft...
Say the military has 20 good crackers. What would they do? Sit them all in a room and make sure they share all their secrets and skills, making each one of them that much more dangerous. I don't know much about network security. But I do know firewalls will not stop a military cracker. They will know all the tips and tricks by heart. If there is a security hole, these guys would be able to find it and abuse it with some serious Ninja-Like-Tactics.
Then toss in the whole concept of Nationalism. Remember that lecture back in World History? Possibly the most powerful force in history. A single soldier will look a man in the face and then pump him full of lead for his country, knowing that he may die in the process. Call it the Military Mindset if you will.
What would a cracker do, when he/she has the same Mindset and desire to serve his/her country, but all he/she sees is a digital world, and doesn't have to look that other soldier in the face? Doesn't have to worry about dying in battle? Would they have an issue to shuting down a power grid? Taking out communications? What if that power grid ran the ICU of a children's hospital? What if they hacked into a nuke plant and caused a melt down? Would they care? My point is that these would not be same type of cracker we all know and love. We're talkin' some serious Neuromancer type wackos.
NOTE: Despite the user name, I am not currently, nor have I been, in the armed forces. So I could be completely wrong.
Sig:
Barbeque is a noun. Not a verb.