Technological revolution – the global megatrend of the twenty first century

One of the biggest trends is the transformation acceleration in different scientific and technological areas. The global spread of new technologies and the relative ease and pervasive access to it, not only represents a huge power opportunity but a substantial risk as well. Rapid evolution has involved dramatic growth in the speed of information circulation, so that the processing and acceleration of information transmission has fundamentally changed our entire life.

The first web site was designed in 1991.1 In 1993 there was almost 50 and in 2000 it surpassed 5 million.2 The first electronic email was sent in 1971 and since 2013 more than 40 trillion emails are sent yearly from one user to another.3

We are now surrounded by a significant number of computers and devices. They play a major role in our life. It is almost impossible to imagine our life without access to this instrument, starting with reading electronic newspapers every morning, writing and replying to different emails/messages etc which are now daily routine. The advanced technologies make us feel dependent on them.

The Internet is not only about sending and receiving emails. Entire critical infrastructure networks used by power plants, energy companies, transport or communications are manipulated through computers. These computers are not isolated. They are connected into a huge network. As a result, global interconnection is one of defining characteristics of “technological revolution”.

As a result: the central part of our life is directly dependent on devices connected through the Internet. So that, we could say a major component of our life As a result: the central part of our life is directly dependent on devices connected through the Internet. So that, we could say a major component of our life does not live in the physical space but in the “virtual environment”.

A similar transformation is felt in the global power (political) sphere too, from an international relations perspective. The new reality has a fundamental effect upon the nature of power. Its distribution is wider and its diffusion global, reaching unimaginable levels (anonymous people could get significant informational resources which transformed into effective power, could create problems for the biggest state nations).

Cyberpower – definition and characteristics

The emergence of a new virtual reality has a major influence over the changing of power characteristics, causing the emergence of a new power type, called cyber power. One of the most complete definitions of the cyber power concept, is Daniel Kuehl’s who states “cyber power is the ability to use cyber space to create advantages and influence in all operational environments and across all instruments of power”.4

A few stipulations are needed.
1. Cyberpower is an expression of evolved physical geography, a new power domain. 200 years ago power was almost exclusively about land. Big armies, infantries, heavy cavalry etc fought for many years in crucial land battles. At the start of the 20th century naval technologies and the emergence of big maritime fleets exploited the sea space. At the beginning of 1900, Alfred Mahan, the US War Academy general, displayed a large military fleet, drawing attention that a new power was going to emerge: the USA.5 Later, due to air technologies, air space was used as a power resource. It is said the Second World War was largely won as a direct consequence of a decisive contribution of the allies’ air fleet. Eventually, in the sixties, seventies, eighties and during the Reagan administration, once the Star War had been started and the unprecedented arms race took place, the battlefield looked to have moved into outer space. Recently, in the context of Internet boom, cyber space resources have been handled in order to be transformed adequately.
2.Cyberpower has no value without projection capabilities. This means any power must have the capacity to impose itself in front of others, to make an impact to model and influence different behaviour types.6 To achieve this the power needs projection capabilities. Cyber power projection is equal to naval fleets helping troop transportation and mobility, with improved logistical military capabilities. But in the cyber case the projection is almost instantaneous. As a US military strategist emphasised, through cyber power we could damage critical infrastructures many miles away, with a click of mouse.7 Even though cyberpower seems to look very similar to the other power types (naval, air, space) it is different and more superior. Cyberpower has at least five dimensions, expressed in all five space types just talked about: land, sea, air, outer space and cyber space.
3 Cyberpower is also a sum of resources that include economic, military, social and organizational. Being a resource that could fundamentally influence other types of power, it has a significant weight in the general index of power.

These distinctive qualities open a new power horizon. Cyber power means more than naval power in times of maritime developments or space power in the years of Star War. At that time, none of those power types comprised all other power types, they usually tended to control just military or economic power. It is our view that power, both present and future, will fundamentally depend on cyber resources and especially on those who will mobilise as many resources as possible.

The resources of cyberpower

Power depends on resources. Cyberpower depends first on cyber resources and second on the capacity to transform those resources into real dividends of power.

Paul Kennedy, in his study about the rise and fall of great powers, shows changing dynamics usually involved technological and economical evolutions.8 These evolutions depend on a large variety of resources. Structures changed from one historical period to another, which often brought value directly to the economy and technology. The scientific innovation process made the difference in those times. After 1500, the expansion of fighting ships supplied with long range cannons and the trade and commerce development in the Atlantic brought considerable advantage to those European states with the knowledge. Development of steam engines with coal and iron resources massively increased the relative power of some nations.9 In other words, welfare and economic power was necessary to sustain military power and vice versa.

But none of these resources ever exerted such a multilateral influence over the others as cyber power resources can, where globalisation, information revolution, network control and technical interconnections have just become an important additional source of power.

Cyber power leverages the efficiency in the way it can combine all resource types.10 At a high level it could be said “cyberspace is a virtual reality, completely immersive, in which computer users from the entire world can communicate each other and have mutual interactions”.11 This space is easily accessed by a large number of actors, and cheap resources, which expose it opportunities, as well as many risks.

Ever since early 1990, network centric war strategy has started to replace platform wars, having at its’ “historic” centre military capabilities. The idea was expressed 20 years ago by Jay Johnson, former US Navy head of naval operations.12 The mechanism of directing a rocket in its way to the target depends on the position of a certain satellite, which is dependent as well on the infrastructure and commands received through cyberspace. Moreover, the expert opinion is that the transformation of doctrines and operational mechanisms of modern armies depends on the efficient exploitation of cyberspace capabilities.
The most important resource categories used and applied in cyberspace, are13:
1. Physical resources: man made devices, plus infrastructure allows information circulation (computers, mobile cells, fibre optics, space systems of communications, critical infrastructures, and industrial systems of networks). Control of physical resources from cyberspace is highly important. The euro Atlantic community is deeply worried about the invasion of Chinese devices on western markets. The low price paid for the products of these companies is almost impossible to be counter balanced in a global economy. As a result the situation is thought to generate many vulnerabilities, if there is a supposition the devices might be used secretly by the maker exploiting unknown product vulnerabilities. The “Equation group”, associated by reverse engineering experts with TAO ( Tailored Access Operation), the NSA electronic espionage team, designed its attack strategy based on infecting hard drive firmware of the most important companies producing those types of devices and selling it on the entire world.14 For that objective to be reached it was absolutely necessary to get access to the basic documentation of every series of those hard drives. In reality, to be able to do that, needed a huge category of resources, which very few can afford !
2. Knowhow: is highly important too. Neither Stuxnetnor Duqu would have caused so much damage in the Iranian industrial systems, if not the result of extremely advanced, highly sophisticated technological knowhow. For many years the IAAE experts ( The International Agency for Atomic Energy) and Iranian state had no success finding a plausible explanation for the systemic failure of Natanz nuclear power plant centrifuges. Even though, the failure rate of those centrifuges, in normal use conditions, was approximately 10% per year, in just a few months 2,000 were replaced.15 A few years later a small reverse engineering company from Ukraine found the cause: Stuxnet one of the most sophisticated cyber weapon ever created, hidden in 500 KB of memory installed in a legitimate data package on the servers, which controlled the nuclear power plant. This huge scandal proves cyber power might be a very effective tool, more efficient than an economic blockade and more effective where traditional intrusive methods cannot be used.
3. Human factor: Cyber power needs an efficient and qualitative human factor. The more qualified the human factor, the bigger the chance for an effective cyber power mechanism. It is well known Chinese hacking teams, which make up a large number of the total amount of “hackivists” worldwide, usually succeed in making trouble in the international landscape, both attacking national critical infrastructures and using intrusive tools usually associated with the espionage to steal international secrets. These “special hacking teams” consist of a huge number of human beings, very well prepared technologically. Human factor is a big vulnerability as well. Eduard Snowden made dramatic damage to the NSA once he released the agency’s secret operations. Moreover, his close relationship with Russian power and Kremlin would have offered to the later some opportunities it could not get otherwise.

To these resources we can add, the information itself as a power resource, cyberspace itself is an informational environment, where information is created, stocked, and shared. The further knowledge, resulting from this process help in decision making processes.16

Joseph Nye emphasises cyber power is both hard and soft, effective inside and outside cyberspace.17 Cyber- attacks targeting a computer or a critical infrastructure represent a hard resource, whilst a public diplomacy campaign run through the Internet to influence public opinion is a soft cyber resource. In this process, the credibility of those who disseminate the message is also a power resource.18 But credibility takes time to build and could be lost in a second so it might be possible for wars to be won by those who have the best credible story to share.19

Hacking and reverse engineering – the two faces of cyber power

As with other power types cyberpower relies not just on its projection capabilities but also the capacity of defence, this being mainly a task for the nation states, especially when big national infrastructures are attacked. In the past, protection and defence capability were fortifications strategically placed and armies extremely mobile ready to defend a certain territory or a placement. Later, the sea and air fleets were used to defend. Today, an advanced protection system can be seen as a threat to the adversary such as the US ABM (Antiballistic Missile System) deployed in some European countries, which is seen by Russia as a direct threat to its national security, even though the system was meant to protect the territory, rather than attack the adversary. After the Second World War the biggest actors in the system preferred to keep conflict far away from their national territory. As a result, this sent war to other countries, Korea, Vietnam or Afghanistan being just a few examples. Now with cyber, the situation has seriously changed, as the most powerful actors in the system might be hit in the interior by the adversary capabilities.

In conclusion cyber power has two critical components in its structure: a defensive part (also called cybersecurity) and an offensive part (linked to what is called “projection”).

The biggest problem is that the two resource types (offensive and defensive) act very different. The damages resulted from an inefficient system of attack cannot be balanced by the attack capabilities.

It is generally accepted an efficient cybersecurity system has to accomplish three main objectives20: confidentiality, integrity, availability.

Confidentiality means the protection of data. This is done by technical mechanisms of encrypting and access control.

Integrity is supposed to consolidate the mechanisms within the system so that it cannot be affected without authorisation. In the case of Stuxnet, the threat and damage appeared because of an illegitimate authorisation of the system and its resources, even though the intrusion seemed to be legitimate. As a result, the intrusion appeared to be normal. Not only saw the firewall and antivirus programme the intrusion as an illegitimate, but as a normal one.

Availability means the capacity of the system to maintain the resources and the general functioning for a while. The principle established is that the system must be created so that the malfunctioning vulnerabilities do not have to be used by the attacker. Disruption of an entire critical infrastructure network by DDoS attacks could express the best this characteristic.
Singer – Fridman added to this a fourth feature: resilience.21 The main premise being the inevitable cannot be avoided, as a result the system must be maintained even though it is attacked. To do this needs a huge amount of resources, which only a few can afford.
The two faces of cyber power act differently. The strategies and resources are different. Paradoxically, reverse engineering is less complicated than hacking. By analogy, like espionage and counterespionage. The first method is supposed to collect intelligence and the second one protect the system by the attacker spies. The problem occurs when the adversaries are not visible.
Solutions for an advanced cybersecurity system are few. Some antivirus programmes (software) could be developed to protect the system. But those can be inefficient. In other cases public private partnerships are seen as a supplementary variant, but not every state is ready to protect their own systems by outsourcing protecting services to private entities. In the end, security awareness or early learning programmes for governmental agencies is important. But cyber weapons are highly technologized and use a highly sophisticated know how that often make security sensors inefficient.

Cyber power actors

With cyber power actors an important barrier occurs: the imperceptibility. This feature comes from the very nature of cyberspace which is more and more permissive and allows both state and non-state actors to spread.

Historically, the international system was created around the concept of state. Whatever the system was (unipolar, bipolar or multipolar) once the Westphalia treaty peace was ratified, nation states become the cornerstone of the international system. Power was distributed only between them. State power and their resources were visible, sometimes measurable and expressed through powerful armies, considerable natural resources, advanced technologies, or efficient economies. Power was perceptible.

Now the distributed nature means not only could non-state actors achieve relative power capability, but even individuals can pose threats in cyberspace against states and their assets.

Making an analogy with traditional forms of power, the entities that could really mobilize considerable power resources were states. The use of a certain resource type (a strategic bombing air fleet) not only was extremely expensive, but it was the state responsibility, almost exclusively. The bombing fleet was owned neither by different groups nor by individuals spread all over the world. For cyber power “the landscape” is different.

In terms of intent a hacker from Singapore could want to obtain the clients credit card credentials in order to steal their money. An organized hacking group might try to attack a company to sell its secret to their competitors. It is unlikely that these types of actions could have major effect in the system. But if a hackivist group succeed in neutralizing the banking system in a certain country in time of flux for example, it is something else. If the attack implies considerable access to resources than it is reasonable to say a state actor might be the handler.

The conclusion is that even though power is more distributed, the most important holders of critical cyber resources remain with states.22 Experience shows cyber espionage and cyber sabotage are state tools, and at least for now they are the only actors having intentions, motivations and resources to make those types of activities.

But how could we say if a cyberweapon is used by a state or by a hacking group? If an army is visible and countable it could be easily linked to a power that could be pointed out. Cyberweapons are difficult to see and perceive. It remains a task of cyber intelligence specialists who could only deliver a “plausible assessment”23.

Three levels of cyberpower concentration exist:24
1 states and governments,
2 highly structured organizations (companies, NGOs, hackivist groups), and
3 non-structured organizations, including individuals.

These three layers are not stable. Individuals can offer support to highly structured organizations who in turn interact with their governments, both on the strength of public – private partnerships or, like in Russia or China,
as a consequence of local culture, where state control is very effective. Knowhow circulates in both directions too. But, sooner or later a state actor would try to control them and to make them act on its behalf.

In recent years the biggest cyber-attacks appear to be linked with a nation state. Stuxnet, Duqu, Animal Farm, APT 28, Red October are
only a few examples of cyber weapons used by both countries from NATO block and states
from the other side. Probably for the next few decades traditional power resources will still count but the way they combine with cyber ones could make a major difference.

Cyberberkut a hackivist group fighting in Ukrainian cyber war

In early 2014, after long-standing anti-governmental protests of the Ukrainian pro European movements, supporting the EU association agreement, the former pro Russian President Viktor Yanukovich left the country for Russia. Shortly after the Ukrainian Rada ratified a law which transformed the Russian language into a regional one, the Russian Army mobilized significant military forces at the Russian-Ukrainian border.

A few weeks later, Russian President Vladimir Putin received an almost unanimous Duma vote for a military intervention in Ukraine. Later, calling for an need for protection of Russian citizens living abroad, Vladimir Putin had military intervene in Crimea, taking control over a territory which was ”de jure” under Ukrainian jurisdiction. Despite the international pressures against Russia from both, the West and the USA, Russian military forces have been maintained and a general conflict has occurred. The geopolitical role of Ukraine and its critical importance for Russia cannot be called into question. But the conflict that has arisen has a significant part fought in cyberspace, where “hackivist” teams are extremely active. Cyberberkut is one of the most.

Cyberberkut is a pro-Russian group which emerged immediately after Putin invaded Crimea. The name of the group is derived from the former name of the Police Special Forces – Berkut, created in 1992.

Their short history has already delivered intensive cyber activity, from DDoS attacks against Ukraine and its government agencies to hacking activities against very high level targets from the EU and NATO.

According to their website the group started the fight in March, 2014, when they launched an attack against the pro-European websites supporting the revolution.25 This was followed by attacks, resulting in obstruction of more than 800 mobile phones used by right activists in Ukraine26.

The following examples are just a few frames of their cyber struggle:
– 15.03.2015 – a DDoS attack against multiple NATO websites, including the Cyberdefence Centre of Excellence from Tallin, Estonia. The attack was confirmed by NATO;27
– 22.05.2014 a few days before presidential elections in Ukraine, Cyberberkut released another attack against the Central Electoral Committee from Ukraine;28
– 26.07.2014 a hack against a high ranking official’s email from Ukrainian Ministry of Defence;29
– 14.08.2014 Cyberberkut officially claims the shutdown of both official websites of the Polish Presidency and Warsaw Stock Exchange;30
– 22.11.2014 the group broke the news regarding the military cooperation between the USA and Ukraine, during US vice-president Joseph Biden’s official visit to Kiev ;31
– 07.01.2015 the breakdown of both Angela Merkel’s and German Parliament Facebook and Twitter accounts32
– 11.07.2015 the group pretends in access Senator John McCain’s personal computer, publishing a fake video made in a US movie studio, reflecting a so called terrorist assassin. The movie was especially made in order to justify extreme retorting measures taken against some Middle East countries.33 with one of the most spectacular interventions 05 March 2014, when
the group posted a phone call discussion between Umas Paet ( The Estonian Ministry of Foreign Affairs) and Catherine Ashton (former High Representative of the EU foreign relations), immediately after they just had met regarding the situation from Ukraine. Estonian officials confirmed later, the authenticity of discussion. More interesting was that the Estonian official was on the Estonian territory and Catherine Ashton was in Brussels!34

A few observations should be made.

  • the victims reflect a wide area of targets: Ukraine, the EU, Germany, Poland, the USA, NATO etc. The group fights against countries hostile to Russian military intervention in Crimea;
  • the attacks are diverse and point out:
    • blocking or destroying websites, systems of communications, sometimes critical infrastructures;
    • data filtration from targeted emails or high rank officials personal computers;
    • cyber espionage, where documents relate to Western military plans in Ukraine;
    • an intensive pro-Russian propaganda, deeply against pro-European forces from Ukraine. The last seems to be one of the main objectives of the group.
  • the cyber group activity reflects a high versatility and rapidity.
  • their technical capabilities and knowhow seem extremely advanced, as they were able to intercept and tap phones from Ukrainian and European mobile phone networks.
  • their human resources must be considerable and substantial, as long as the group is capable to react almost immediately to every major event from Ukraine.
  • the analysis of the group activity reveals an evolution of the attacks, from DDoS to hacking tools. It is obvious the group reports fast to physical events and succeeded in doing damage where traditional tools cannot.

In conclusion, based on victims’ analysis, resources, intentions, and behaviour we have a plausible and reasonable attribution which point out a state actor with major interests in Ukraine being hostile to NATO as well! Nevertheless, there are no technical certainties.

Conclusions

Cyber power emerged from both the Internet and modern technical communication systems. It is fundamentally different from the other power types in terms of internal ingredients and influence exerted. Its diffusion, its force of projection and its imperceptibility make cyber power almost impossible to be counteracted. It is the main reason why big actors could be hit without any previous deterrence. For as long as physical resources are still important, cyber power cannot replace traditional power assets. But, these can be amplified by cyber resources and the new combination could make the difference. It is the main reason why cyber power is a pillar of general power and its weight is rising significantly in the general power index.

Similar with traditional power, cyber power is contextual, cumulative and renewable. The actors that will succeed in maximizing these features will eventually have the biggest chances to go to the top of the power ranking. Although its resources are more accessible for a broader group of actors, the reality shows that only states could really access those assets which could make real and significant differences. In conclusion, cyber power as a pillar of general power is a smart feature of smart states. The way in which the actors would both combine all types of resources and transform it in effective power will influence the way the power will be exerted and how it will be distributed within the system.

Arthur Lazar | Cyberint
SHARE

Other Magazines