The first major international example of cyber warfare occurred in 2007, involving the USA and Israel. The two countries allegedly collaborated to write one of the most damaging worms (a malicious program similar to a virus, except that it is programmed to spread without outside help) to date, called Stuxnet. This worm infiltrated Iran’s nuclear facilities, commanded expensive centrifuges to overwork and destroy themselves, and deceived staff with false readings to prevent them from finding out until the damage was done. This powerful program, much smaller than an average MP3 song file, was only discovered by anti-malware companies in Europe and Russia in 2010, three years after its release. Because it was able to copy itself onto any flash drive plugged into an infected computer, the worm inevitably spread into the rest of the world. Chevron was the first US company to report being infected by it. While the virus was geared to attack Iran’s nuclear facilities only, it could easily have been modified to attack an assortment of industrial infrastructure and possibly cause billions in damage to a country. Today, Stuxnet’s insides have been analysed thoroughly and most computers are protected against worms of its kind. In a nutshell, Stuxnet was the catalyst which brought the world to the realisation that entire countries could potentially be ruined without a single bullet fired, and that some countries were actively developing programs to do exactly that, but Stuxnet was by no means the first incidence of cyber warfare.
The story now shifts its focus to North Korea (officially the People’s Republic of North Korea), the rogue state that is perpetually at war with its southern counterpart and constantly featured in Western news as something either to be ridiculed or feared. According to a 2014 Hewlett-Packard report, North Korea has a cyber warfare programme where the best students in the state are hand-picked for their skills in mathematics and logical thinking and sent to the country’s top universities to be trained as hackers for the government. Their families are allowed to move to the city and effectively become members of the upper class overnight.
These newly trained cyber soldiers are sent to different countries where they learn their way around that country’s networks and security habits. They move to headquarters situated predominantly in China, among other places. From there they wreak digital havoc on the targets given to them, usually banking and communications networks in South Korea. For a state with such a small economy, North Korea boasts the third largest cyber wing in the world with over 1800 hackers, according to the Hewlett-Packard report. It is considered an immense honour to be selected for this training programme, according to Jang Se-yul, who was among those chosen for the programme before defecting to South Korea.
Statements by USA President Barack Obama claim the cyber wing of the North Korean military, known most commonly as Unit 121, was allegedly behind the attacks against Sony on 24 November last year. Obama based his accusations on reports from hidden spyware that the US government secretly planted in Chinese, Malaysian and North Korean networks, through which the North Korean hackers regularly send attacks, according to a recently leaked NSA document. If the accusations are true, this could be considered their most sophisticated attack yet. Although the attacks were traced back to the North Korean government, US officials admit that there is a small possibility that hackers could have framed Unit 121 for the attack. However, that did not stop the FBI from issuing an official statement linking the North Korean government to the attack. A subsequent attack on Sony’s PlayStation Network and Microsoft’s XBox Live servers on Christmas Eve were in fact carried out by an entirely different group called Lizard Squad, which was later revealed to be a group of teenagers with no serious political agenda.
The responsibility for the initial attack on Sony was claimed by a group going by the name “Guardians of Peace”, who threatened “9/11 style attacks” if the infamous film The Interview was allowed to be screened at theatres. While North Korea denied responsibility, they also praised the attack and had previously issued a statement saying that releasing the film would be considered an act of war. The group obtained the authentication details of a senior Sony official and spent months exploring the company’s systems, finding key files. A Distributed Denial of Service (DDOS) attack was finally executed, which functions by flooding the system with millions of requests and overloading it, preventing players from accessing servers and allowing the hackers to gain access to information.
The group claimed to have stolen over 100 terabytes (equivalent to 200 typical hard drives) of information, including unreleased movies, the social security numbers of Sony’s staff, and email conversations from top Sony executives, much of which has been released for the public to see. This devastating attack is projected to cost Sony more than $100 million.
Only seven years since the civilian world recognised the existence of international cyber warfare, nation states all over the world are eagerly developing their cyber warfare capabilities. Internet attacks can affect any country, wreak havoc on its infrastructure and cripple its economy. Considering that building a cyber wing is far cheaper and more discreet than developing an arsenal of nuclear warheads, the world can expect to see a long list of involved nation states which would otherwise have no chance against the larger military powers in the world (a prime example being North Korea) whose nuclear weapons programme is most likely less dangerous than their current hacking capabilities, if the recent allegations by the FBI are true. Where cyber warfare will go from here is anyone’s guess, but its trajectory suggests that there will be far more Sony fiascos in the future, on a scale several magnitudes greater.
Photo: Charlotte Bastiaanse