Cyber war in simple term means the use of computer technology to disrupt the activities of a state or organization by disabling financial and organizational systems through stealing or altering classified data to undermine networks, websites and services via the Internet through computer viruses, Denial-of-Service attacks, etc. Cyber war is a virtual conflict initiated as a political attack on the enemy's computer and information system and also known as 'Cyber Warfare'.
Cyber war is often confused with the term "Cyber Crime". There is no doubt indeed that all acts of cyber war are cyber crimes, but not all acts of cyber crime can be termed as cyber war. In order to understand what Cyber War exactly means, let's take an example, when a person from country A conducts a targeted attack against several companies in country B, does it count as cyber war, or cybercrime? The answer depends on "intent". If the attack is politically motivated, an act that may destroy data or even cause physical damage to infrastructure of a specific country, it may be considered an act of cyber war.
For a cyber attack to be called Cyber War there must be a use of force and disruption to physical life and when a person perform these activities with "political aims" then they are popularly known as "hacktivists"
Methods of attacks
There a various methods to attack a computer or network of computers. The method depends upon the attacker's goal, i.e. what he wants to target. Methods of attacks are classified on the basis of the intent. Various methods of attack are as follows:
1. Espionage and National Security Breaches
Espionage is the act of obtaining secrets, sensitive or classified information from rival groups, competitors, government or enemies for military, political or economic advantages by illegal methods of exploitation on internet, software and network of computers. In simple terms it is a method of spying on other nations and their organizations in order to gather data and information about the enemy.
Malwares are malicious software which refers to viruses, spywares, worms etc. It is software designed to disrupt the system, gather sensitive information or gain access to private computer systems.
3. Denial of Service Attacks (DoS)
Denial of Service Attacks or Distributed Denial of service attacks are the type of activities that makes the network unavailable to its intended users. The main targets of DoS are sites or services hosted on high profile servers like, banks, credit card payment gateways, and even root name servers. DoS attacks makes it difficult for the user to use the machine or network resource and consume up all the resources and it no longer provide its intended service or obstructs the communication media between the intended users and the victim so that they can no longer communicate adequately.
Legal framework to check the Cyber Attack:
With an expansion in the growth of technology and increase in the crimes in the cyber space, there was an urgent need of strict statutory laws to regulate the criminal activities in the cyber world and to protect technological advancement system. In the virtual world known as Cyberspace, the criminal activities are not easy identified and require specific skill with state of the art technology. In addition to specific skill of the law enforcement agencies, an up to date law is also required to deal with the cases related to cyber attack. We now look into the law of different countries related to cyber attack:
In India the IT Act 2000, as amended by the IT(Amendment) Act 2008 is known as the Cyber Law. The IT (Amendment) Act 2008 has a separate chapter entitled as "Offences". Though there are many shortcomings and it is not a very effective law to monitor cyber war, various cyber crimes have been mentioned as penal offences with punishment in the said chapter. Some of the offences as per the IT (Amendment) Act 2008 are as follows-
Hacking may refer to computer hacking, including the following types of activity:
- An activity within the computer programmer Subculture
- an act to gain access to computer networks, legally or otherwise
- Computer crime
Section 43(a) read with section 66 of the Act3 is applicable and Section 379 & 406 of Indian Penal Code, 1860 are also applicable under the Information Technology (Amendment) Act 2008. Whoever commits hacking shall be punished with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both.
2. Spreading Virus or Worms
Viruses or worms are the kind of cyber weapon that can do any amount of damage the creator intends them to do. It can send data to a third party and then delete the data from the computer. It can also ruin/ mess up the system and render it unusable without a re-installation of the operating system. The viruses usually install files on the system and then change the system so that virus program is run every time the system is started. It will then attempt to replicate itself by sending itself to other potential victims.
Under Information Technology (Amendment) Act, 2008, Section 43(c) & 43(e) read with Section 66 is applicable and under Section 268 of Indian Penal Code, 1860 is also applicable. Spreading of Virus offence is cognizable and bailable.
On July 23rd, 2013 a new and deadly variant of computer virus called 'Beebone'4was detected in Indian cyberspace. 'Beebone' belongs to the notorious family of Trojan malwares which get a "privileged access" into a user's computer by faking its identity and deploying smart and corrupt techniques to attack vulnerable computers.
3. Email Spoofing
E-mail spoofing is an e-mail activity in which the address of the sender and other parts of the e-mail appear as though the e-mail originated from a different source. In this an e-mail is sent to another person in such a way that it appears that the e-mail was sent by someone else. It appears to originate from one source but actually has been sent from another source. Spoofing is the act of electronically disguising one computer as another for gaining as the password system.
Under Information Technology (Amendment) Act, 2008, Section 66-D and Section417, 419 & 465 of Indian Penal Code, 1860 are also applicable. Email spoofing offence is cognizable, bailable, compoundable with permission of the court before which the prosecution of such offence is pending and triable by any magistrate.
Cyber crime losses vary depending on the nature of threat and attack. Unlike India, UK has different sets of rules and laws which govern Cyber attacks. Steps have been taken in the UK to help combat with the problem of Cyber War. The UK government has revealed new plans to enhance its National Cyber Security Strategy, announcing a new British Computer Emergency Response Team (CERT), National Cyber Crime Unit (NCCU) and a Cyber Reserves Force. These teams will help to monitor and report on instances of cyber attacks leading to cyber war.
In addition to 'traditional' criminal legislation against theft and fraud, which can apply to cybercrime, legislation specifically targeted at cyber attacks includes-
1. Computer Misuse Act 1990
The Computer Misuse Act 1990 was established in the aftermath of "R v Gold & Schifreen"5. Robert Schifreen and Stephen Gold, gained unauthorized access to British Telecom's Prestel interactive view data service using conventional home computers and modems in late 1984 and early 1985. The pair was charged under section 1 of the Forgery and Counterfeiting Act 1981 with defrauding BT by manufacturing a "false instrument", namely the internal condition of BT's equipment after it had processed Gold's eavesdropped password. Tried at Southwark Crown Court, they were convicted on specimen charges (five against Schifreen, four against Gold) and fined, respectively, ￡750 and ￡600.
2. The Data Protection Act 1998
It includes basic rules of registration for users of data and rights to access that data. It controls how the personal information of an individual or an organization is used by other organization, businesses and government.
The act contains eight "Data Protection Principles"6. These specify that personal data must be:
1.Processed fairly and lawfully.
2.Obtained for specified and lawful purposes.
3.Adequate, relevant and not excessive.
4.Accurate and up to date.
5.Not kept any longer than necessary.
6. Processed in accordance with the "data subject's" (the individual's) rights.
8. Not transferred to any other country without adequate protection in situ.
Offences under these acts can result in fines or imprisonment for up to 10 years. There are also sections related to cybercrime in the Regulatory and Investigatory Powers Act 2000 and the Terrorism Act 2000.
Law enforcement agencies who deal with cyber attacks include:
- e-crime divisions of local police
- the National Crime Agency
- GCHQ/the intelligence services (depending on the nature of the offence).
THE UNITED STATES
The United States is one of the biggest perpetrators as well as the victim of cyber war. With the US being one of the biggest economies it is one of the targets of being a victim of a cyber attack. The United States federal government has invested heavily in the development of the cyber regime and also for technologies to protect them from being a victim of cyber attack.
In 2011, The White House published an "International Strategy for Cyberspace" that reserved the right to use military force in response to a cyber attack7. The strategy of US is based on jus ad bellum, which means a set of criteria needs to be consulted before engaging in war. If the cyber war results into death and significant loss to property then a country has a right to engage into conventional means of war.
The US government created United States Cyber Command (USCYBERCOM), a division of United States Strategic Command (USSTRATCOM)8to prevent and counter attacks on military network. According to the US government the Law of armed conflict applies to cyber warfare. The United States and many other nations are adopting advanced cyber capabilities to respond to the threats of the emerging cyberspace warfare. The International Committee of the Red Cross (ICRC) has steadfastly argued that many of the same principles that regulate battlefield combat also apply in cyberspace9.
TALLINN MANUAL ON CYBERWAR
Tallinn manual, originally known as "Tallinn Manual on the International Law Applicable to Cyber Warfare"10The manual is not an official NATO document. It was drawn up by NATO's Co-Operative Cyber Defence Centre of Excellence. It was launched in 2008 after hackers from Russia caused damage to infrastructure of Estonia11. It is an academic, non- binding study on how international law is applicable to cyber conflicts. The book includes 95 "black letter rules" detailing how states can carry out and responds to cyber attacks within the boundaries of international law.
It is based on jus ad bellum and international humanitarian law. The Tallinn manual advises that cyber attacks must not be targeted at hospitals, dams and nuclear power stations. It includes a provision that allows states to respond with conventional weapons to cyber attack by another state that causes death or significant damage to property.
It defines the term "Hacktivist" as:
"A private citizen who on his or her own initiative engages in hacking for, inter alia, ideological, political, religious, or patriotic reasons"
Stuxnet was the computer worm which disrupted Iranian nuclear enrichment in 2010. It came to be known as the first instance of cyber attack to cause physical damage across international boundaries. Unlike a typical worm which is used to steal credit card details and personal and sensitive information, Stuxnet was aimed to cause physical destruction against the industrial systems. It was created to sabotage Iran's nuclear industry.
2. SONY HACK
On November 24th 2014, Sony Pictures faced an unauthorized security breach. The hackers which go by the name of #GOP aka the Guardians of Peace downloaded copies of data from Sony Pictures computers which included personal data of the employees including executive salaries, performance reviews screenplays, and have leaked some unreleased movies.
The malware used to harm Sony Pictures, known as "Destover", acts as a backdoor and is capable of wiping disk drives and any Master Boot Record disk -- in other words, it can sneak into a system, completely take over and give access to the data saved within. It is believed that North Korea is behind this cyber attack as the security was breached right before the release of "The Interview", an upcoming comedy about two journalists who attempt to assassinate the Supreme Leader of North Korea, Kim Jong Un.
As a result of this attack a large amount of confidential Sony Pictures Entertainment data has been stolen by the cyber attackers, including personnel information and business documents and also all the system of Sony Pictures are still shut down.
On December 15, 2014, lawyers filed a class action complaint against Sony in federal court in California. The complaint puts companies on notice as to the types of claims that they might face if their systems are hacked, and steps they can take now to protect themselves. Possible legal claims could include: negligence; violation of medical privacy laws; violations of regulatory rules, if applicable; and failure to comply with post-breach laws.
3. ATTACK ON ESTONIA
On April 26, 2007 cyber warfare attack began to appear in Estonia. Estonia is an extremely wired country, and its people are addicted to the Internet for all the administrative workings of government, like, economic life, communications, financial transactions, bill paying, etc. The denial of service (DoS) attack swamped websites of Estonian organizations, including Estonian parliament, banks, ministries, newspapers and broadcasters.
On 2 May 2007, a criminal investigation was opened into the attacks under a section of the Estonian Penal Code criminalizing computer sabotage and interference with the working of a computer network, felonies punishable by imprisonment of up to three years.
On 24 January 2008, Dmitri Galushkevich, a student living in Tallinn, was found guilty of participating in the attacks12. He was fined 17,500 kroons (approximately US$1,640) for attacking the website of the Estonian Reform Party.
With the massive expansion of the use of technology in the world there is an urgent need to come up with better provisions to protect a country from cyber war. USA tops the chart in being the most attacked countries in the cyber space. Even though US is a super power, it is also most vulnerable to a cyber attack and is not well prepared for a cyber warfare as shown by the recent Sony hacking case. India being a upcoming cyber market is also vulnerable to the cyber attack hence require a better law and trained personnel to deal with the crime related to cyber world.
The problem with cyber attack is that the threat can be found but the individual remains invisible which makes it difficult to stop the attack from further disrupting the systems. A cyber attack can't be stopped completely, but with efficient technology and software the damage can be minimized. Cyber threats are more far dangerous than what we imagine as most of the basic amenities these days are run through internet and any attack on these basic necessities can lead to a complete disaster. It can completely bring a system or a government down resulting into huge financial as well as physical loss in some cases. There is an urgent need to reinforce the security systems and better training and funding for the counterintelligence.
1.IVth Year BA. LLb student from New Law College, Bharti Vidyapeeth University, Pune] 2. http://en.wikipedia.org/wiki/Hacking
3. Act here stands for "Information Technology (Amendment) Act 2008
4. Source: The Economic Times, http://articles.economictimes. indiatimes.com/2013-07-23/news/40749343_1_computervirus- computer-security-security-features
7. "International Strategy for Cyberspace" (PDF). The White House. 2011
8. United States Strategic Command, US Cyber Command, Dec. 2011, available at http://www.stratcom.mil/fCyber_ Command.
9. See International Committee of the Red Cross, Cyber Warfare, Oct. 10, 2010 available at http://www.icrc.org/eng/war-and-law/conduct-hostilities/information-warfare/overview-information-warfare.htm ; See also International Committee of the Red Cross, No Legal Vacuum in Cyber Space, Aug. 16, 2011 available at http://www.icrc.org/eng/resources/documents/interview/2011/cyber-warfareinterview-2011-08-16.htm .
10. Tallinn Manual on the International Law Applicable to Cyber Warfare http://www.knowledgecommons.in/wp-content/uploads/2014/03/Tallinn-Manual-on-the-International-Law-Applicable-to-Cyber-Warfare-Draft-.pdf
11. Source: New Atlanticist. http://www.atlanticcouncil.org/ blogs/new-atlanticist/reason-finally-gets-a-voice-thetallinn-manual-on-cyber-war-and-international-law
12. Postimees, supra note 70.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.