How to react

If a country’s grid were taken down by an attack for any length of time, the ensuing
chaos would potentially be enough to win a war outright. If instead its online
infrastructure were substantially compromised by a DDoS attack, the response would
probably go like this:

Phase one: Takeover of network: the country’s security operations centre would
need to take control of internet traffic to stop its citizens from crashing the internal
infrastructure. We possibly saw this in the failed Turkish coup a few weeks ago, where
YouTube and social media went completely offline inside the country.

Phase two: Analysis of attack: security analysts would be trying to figure out how to
cope with the attack without affecting the internal operation of the network.

Phase three: Observation and large-scale control: the authorities would be faced
with countless alerts about system crashes and problems. The challenge would be to
ensure only key alerts reached the analysts trying to overcome the problems before the
infrastructure collapsed. A key focus would be ensuring military, transport, energy,
health and law enforcement systems were given the highest priority, along with financial
systems.

Phase four: Observation and fine control: by this stage there would be some
stability and the attention could turn to lesser but important alerts regarding things like
financial and commercial interests.

Phase five: Coping and restoring: this would be about restoring normality and
trying to recover damaged systems. The challenge would be to reach this phase as
quickly as possible with the least sustained damage.

WHAT ARE THE CYBER SECURITY TIPS

 You have never experienced a virus or malware attack. Most

malware conceals itself and its presence while stealing
information or controlling your computer.
 Pornographic sites are where the danger lies. The majority of
infected sites are bogus copies of trusted and ordinary websites
that have been created by malware hosts.
 An attachment needs to be downloaded to spread an
infection. Hackers now inject malicious code into web page
 content that downloads automatically when viewing the page.
These tools are available in kits that are sold commercially.
 A lock icon in the browser means it is secure. This icon
represents an SSL-encrypted connection to protect the
interception of personal information but does not prevent
against malware. That’s why hackers emulate bank and credit
card sites complete with spoofed SSL certificates.

DISADVANTAGES OF CYBER WARFARE

Cyber warfare is a very large threat that creates many problems for nations. The

United States is one of the most vulnerable targets in the world because it is so

advanced and wired in that there are many more susceptible targets than any other

country.  

                 One of the major problems that governments come into contact with in

Cyber warfare is who exactly the terrorist group is, that is trying to get into their

database. Larry Greenemeier said in his article in the Scientific American “Wars

have traditionally been waged between nations or clearly defined groups that

officially declare themselves in a conflict” This statement brings up a clear point

that if it is very difficult to pinpoint a hacker and exactly who he’s working for you

can’t wage war. Which then brings up the question why is it considered cyber

warfare?
            The United State faces many problems through cyber warfare. Public

utilities in the U.S such as hydroelectric plants and nuclear power plants are

steering away from proprietary systems and moving toward open based systems

that use common protocols such as TCT/IP to connect with one another (McMillan

1). This type of connection makes it much easier to get inside and gain control of.

Richard Clarke, former White House aide, wrote a book called “Cyber War” In this

book he made it clear that hackers can tap into our networks and transfer money,

displace oil, vent gas, blow up generators, derail trains, crash airplanes, launch

missiles, and destroy large amounts of financial and supply data (Zuckerman 1).

The scariest point that all of these examples have in common is all of this can be

done in milliseconds. This is faster than a blink of any eye. Not many people

realize that our nations land, air, and sea forces are commanded by network

technologies that are susceptible to cyber weapons (Zuckerman 2).   

ADVANTAGES OF CYBER WAR

Whether or not society, politicians, or the military agree that true cyber warfare will take place in
the future, or cyber terrorism, undoubtedly there are key advantages that will entice the forces of
criminals, governments, hackers, activities, and terrorist to continue to pursue cyber attack tools
as part of their agenda, leaving many vulnerable to exploitation or worse.

Aviram Jenik, the chief executive officer of Beyond Security names several distinct criteria as to
why cyber attacks hold unique  advantages in an article entitled “Cyberwar in Estonia and the
Middle East.” The first reason is that a cyber attack can be selective and the ramifications
controlled. A cyber attack could target a nations entire economy without necessarily destroying
the critical underlying infrastructure or be used to target the nation’s infrastructure along with its
economy. An economic attack may paralyze civilian life, weaken the state through loss of
economic productivity and create public panic.
The second advantage, is that a cyber attack can executed in an “completely painless form” for
the terrorist because an attack can be launched at the press of a button, and does not need the
deployment of several operatives, which would heighten the risk of being caught by security
forces.  This tactic has distinct advantages in terms of cost and visibility. The attack can be
theoretically lethal with little warning and requires less effort to get past security barriers at
places like airports, which may derail an operation. In addition, the operative that triggers the
attack has the ease of a global expanse, able to launch  the attack  from a number of places not
constrained to borders, essentially  gaining the flexibility to attack from any place in the world. 
An attack at “ a click of a button” may be programmed to occur at a certain time or only if a
certain logical condition is met. This enhances both the flexibility and the opportunity of the
attack while increasing the likely hood of success.

Low cost is the third advantage, since “a 21 000-machine  botnet can be acquired for  just a few
thousand dollars, and yet cause damage and disruption easily worth hundred of times that,.” This
eliminates the cost of conventional weapons and operational risk. The fourth reason is that law
enforcement and cyber security is not adequate to protect a nation’s cyber borders from these
type of attacks.  A DDoS attack may be thwarted by upgrading fire walls yet no nation, save a
highly totalitarian regime, currently has the legal authority to order its ISPs, telecommunications
companies and other online businesses to take protective measures like installing firewalls,
leaving a country vulnerable to cyber terrorism.

These advantages are concrete, real and vital attractions to cyber perpetrators, along with state
and non state actors alike, being especially solidified by the fact that governments cannot
effectively coordinate amongst each other or often, even internally on the nature of cyberspace
security. With exponential rise  in technology, it is likely more and more actors will see the
benefits of cyber attacks in the new cyber world to come.

TYPES OF HACKERS

1. Organized attackers: include organizations of terrorists, hacktivists, nation

states, and criminal actors. Terrorists are those who seek to make a political
statement or attempt to inflict psychological and physical damage on their
targets, in order to achieve their political gain or create fear in opponents or
the public (Howard, 1997; Lewis, 2002; Cohen et al., 1998). Hacktivists
seek to make a political statement, and damage may be involved, but the
motivation is primarily to raise awareness, not encourage change through
fear. Nation-state attackers gather information and commit sabotage on
behalf of governments (Cohen et al., 1998), and are generally highly trained,
highly funded, tightly organized, and are often backed by substantial
scientific capabilities. In many cases, their highly sophisticated attacks are
 directed toward specific goals, but their specific motives may be mixed
(Cohen et al., 1998). Criminal actors are usually "organized groups of
professional criminals" (Cohen, et. al, 1998), and they may act within
complex criminal ecosystems in cyberspace that are both "stratified and
service oriented" (Grau & Kennedy, 2014). Perpetrators of organized crime
are typically focused on control, power, and wealth (Gragido et al, 2012).

2. Hackers: may be perceived as benign explorers, malicious intruders, or

computer trespassers (Hafner & Markoff, 1991; Lachow, 2009). This group
includes individuals who break into computers primarily for the challenge
and peer status attained from obtaining access (Howard, 1997). In some
cases, hacking is not a malicious activity; a "white hat" hacker is someone
who uncovers weaknesses in computer systems or networks in order to
improve them, often with permission or as part of a contract with the
owners. In contrast, "black hat" hacking refers to malicious exploitation of a
target system for conducting illegal activities. In most cases, black hat
hackers could be hired by or be sponsored by criminal organization or
governments for financial gain or political purpose. Thus, hacking can
involve espionage (i.e., to obtain secrets without the permission of the holder
of the information, primarily for personal, political, or criminal purposes),
extortion (i.e., to extract money, property, or other concessions by
threatening harm), theft (i.e., to steal valuable data, information, intellectual
property, etc.), vandalism (i.e., to cause damage) (Shakarian et. al, 2013;
Cohen et. al, 1998; Howard, 1997).

3. Amateurs: less-skilled hackers, also known as "script kiddies" or "noobs"

often use existing tools and instructions that can be found on the Internet.
Their motivations vary: some may simply be curious or enjoy the challenge,
others may be seeking to build up and demonstrate their skills to fulfill the
entry criteria of a hacker group (Andress & Winterfeld, 2011). However
benign their intentions may be, the tools used by amateurs can be very basic
but powerful. Despite their lower skill skills, they can cause a lot of damage
or, after gaining enough experience, may eventually "graduate" to
professional hacking.
 4. TYPES OF CYBER WARFARE.

 Strategic or Tactical Resources: This is a bit of military mumbo-jumbo

that basically means "things that help countries express their political will
and/or wage war." This can be a lot of stuff: guns, ammunition, and fuel for
jets and planes. It can also be less obvious stuff: the morale of the troops, the
political will of the civilian public, and the economic well-being of the
country as a whole.

It's worth noting the difference between strategic and tactical scale. In military
terms, tactical scale means stuff that's directly used in combat (lit: focused on the
ordered arrangement and maneuver of combat elements in relation to each other
and to the enemy to achieve combat objectives" - DoD Dictionary of Military and
Assorted Terms).

Strategic scale is the scale higher than this: what it takes to win warsand not just
single engagements and battles. This includes the resources at home necessary to
supply and wage a war: supplies, guns, ammunition, factories, able-bodied men
and women to man the lines, and a public willing to continue to fight.

 Espionage: Espionage is basically taking information that wasn't meant for

you. In the case of cyber warfare, you're going to be stealing tactical and
strategic information: information about troop movements, the strengths and
weaknesses of weapon systems, the dispositions of various and anything else
about sensitive (read: necessary to wage war) resources that might be
important to know.

 Sabotage :Also called "direct action," this is when we take an active role
and go out there and do something. In cyber warfare sabotage can be
something as benign as dropping a government's website to causing a
nuclear meltdown at a nuclear plant.It's a pretty broad phrase, but just
remember it means "do something" whereas espionage here means "learn
something."

CAUSES FOR CYBER WARFARE

Military
In the U.S., General Keith B. Alexander, first head of USCYBERCOM, told the
Senate Armed Services Committee that computer network warfare is evolving so
rapidly that there is a "mismatch between our technical capabilities to conduct
operations and the governing laws and policies. Cyber Command is the newest
global combatant and its sole mission is cyberspace, outside the traditional
battlefields of land, sea, air and space." It will attempt to find and, when necessary,
neutralize cyberattacks and to defend military computer networks.[38]

Alexander sketched out the broad battlefield envisioned for the computer warfare
command, listing the kind of targets that his new headquarters could be ordered to
attack, including "traditional battlefield prizes – command-and-control systems at
military headquarters, air defense networks and weapons systems that require
computers to operate."[38]

One cyber warfare scenario, Cyber ShockWave, which was wargamed on the
cabinet level by former administration officials, raised issues ranging from the
National Guard to the power grid to the limits of statutory authority.[39][40][41][42]

The distributed nature of internet based attacks means that it is difficult to

determine motivation and attacking party, meaning that it is unclear when a
specific act should be considered an act of war.[43]

Examples of cyberwarfare driven by political motivations can be found worldwide.

In 2008, Russia began a cyber attack on the Georgian government website, which
was carried out along with Georgian military operations in South Ossetia. In 2008,
Chinese 'nationalist hackers' attacked CNN as it reported on Chinese repression on
Tibet.[44]

Jobs in cyberwarfare have become increasingly popular in the military. All four
branches of the United States military actively recruit for cyber warfare positions.
[45]

Civil

Potential targets in internet sabotage include all aspects of the Internet from the
backbones of the web, to the internet service providers, to the varying types of data
communication mediums and network equipment. This would include: web
servers, enterprise information systems, client server systems, communication
links, network equipment, and the desktops and laptops in businesses and homes.
Electrical grids, financial networks, and telecommunication systems are also
deemed vulnerable, especially due to current trends in computerization and
automation.[46]

Hacktivism

Politically motivated hacktivism involves the subversive use of computers and

computer networks to promote an agenda, and can potentially extend to attacks,
theft and virtual sabotage that could be seen as cyberwarfare – or mistaken for it.[47]

Private sector

Further information: Cyber-arms industry and Market for zero-day exploits

Computer hacking represents a modern threat in ongoing global conflicts and

industrial espionage and as such is presumed to widely occur.[48] It is typical that
this type of crime is underreported to the extent they are known. According to
McAfee's George Kurtz, corporations around the world face millions of
cyberattacks a day. "Most of these attacks don't gain any media attention or lead to
strong political statements by victims."[49] This type of crime is usually financially
motivated.

Non-profit research

But not all examinations with the issue of cyberwarfare are achieving profit or
personal gain. There are still institutes and companies.

Kaspersky Security Lab which are trying to increase the sensibility of this topic by
researching and publishing of new security threats.