Lieutenant General Jagath Jayasuriya, Commander of the Army during a Conference on Cyber Warfare - 2011 at Colombo Galadari hotel on Tuesday (22) opined that the whole world is now faced with an emerging threat of a ‘Cyber War’ as cyberspace is the information superhighway across the entire world having made the concept of a ‘global village’ a reality.
The keynote address for the ‘Cyber Warfare Workshop - 2011,’ organized by the department of Computer Science and Engineering, University of Moratuwa and the Information Technology and Communications Engineering Sectional Committee of the Institution of Engineers, Sri Lanka, was delivered by the Commander of the Army Lieutenant General Jagath Jayasuriya on “Strategic Dimensions of Cyber Warfare”.
Prof. Ananda Jayawardena, President of the Institution of Engineers, Sri Lanka, Dr. Shantha Fernando, University of Moratuwa, Lieutenant Colonel Dr. Chandana Gamage, University of Moratuwa, Dr. Prathiba Mahanamahewa, Mrs Vishaka Nanayakkara, Head of the Computer Science and Engineering Department, University of Moratuwa, Ms. Umashanthi Pavalanathan, University of Moratuwa, Mr. Johann nallathambi, University of Moratuwa, Lieutenant Colonel (Retd) Athula Samarasinghe, University of Moratuwa, Mr Malinda Seneviratne, Freelance Journalist and Ms Piumi Nanayakkara, University of Moratuwa were among other contributing speakers at the workshop. Mr. Nimal Athukorala, Secretary Ministry of Telecommunication and Information Technology also graced the opening ceremony as Guest of Honour.
Presentations during the sessions covered related areas of interest such as ‘Self Financed Private Armies of the Internet’, ‘Network Centric Warfare’, ‘Asymmetric Power on the Cyber Front’, The Cyber Sun Tzu’, ‘Stuxnet: The First purpose Built Cyber Weapon’, ‘Lawless on the Cyber Frontier’ and a few other demonstrations.
Here is the full text of the Army Commander’s keynote address;
Distinguished Guests, Ladies and Gentlemen.
We can define a conflict as a struggle carried on with the use of arms between nations or parties who are having contending wishes by land, sea, or air. This is the physical space which we talk about and we have won the 30 years of physical war in Sri Lanka. But warfare has not come to an end by eliminating terrorists from this country. We and the whole world whether there is any physical war or not are faced with another war which is known as “Cyber War”.
You know that after the World War II there was something called Cold War among the nations. The aim of the involved nations was to develop their technology and reach milestones before the opposing nations, having the fear of another World War. This was prominent between US and USSR at that time.
Traditionally to win a war the essential components are the Fire Power of the army, Maneuver capability, Protection of men and equipment, Standard of leadership, Status of morale, last but not the least Information and Intelligence where you know about yourself and the enemy. Efforts are made to keep your information as secret as possible while obtaining enemy information as much as possible.
As you know, Information is the resource, target and the weapon in Information Warfare. The field of Information and Communication Technology facilitates processing and transferring of information better than any traditional medium. Cyberspace is the Information Superhighway across the entire world. This has given rise to Cyber Warfare which is an emerging threat to the entire world.
Cyberspace has made the popular concept of Global Village a reality. There is no need for me to define what cyberspace is as you all are aware of it. In general cyber warfare can be defined as “actions by nations or groups to penetrate another nation's or group’s computers, networks or websites through the Cyberspace for the purposes of causing damage or disruption”. To make it simple it is “a war combated in the medium of Cyberspace other than the traditional mediums of land, water or air”.
I do not intend to talk much on theoretical aspects of cyber warfare. You already know that there are several types of cyber attacks such as Virus and worm attacks, Denial of Service attacks (DoS), Web defacements of informational sites and unauthorized intrusions into systems.
You must also know that unsolicited emails, bogus websites, chat programs, remote controlling software, web applications, software updates, free software with malicious codes, Trojans and etc. etc. are the main vulnerabilities we have.
But when it comes to practical aspects there are many strategic issues which we have to deal with.
It is not a secret that 9/11 attack was the eye opener for United States and whole world on Terrorism. United States of America’s image as the “World Superpower” was tarnished with this attack. Since most of you are with some technical background you understand the gravity of cyber warfare. But an ordinary person would never think that a cyber attack can cause more or less a similar sort of damage as of 9/11. Of course a cyber attack might not kill people as in a physical attack. But who knows what future technology is capable of? Let us draw our attention on some case studies to understand this better.
WikiLeaks is the most popular name which is talked these days with respect to cyber warfare of 21st-century. WikiLeaks leaked some 250,000 classified State Department information and became a popular rebellion amongst hundreds or thousands of tech-savvy activists. You must have read a lot about WikiLeaks, so I would not talk much about that.
Do you know what happened to Estonia in 2007?
A number of government and corporate sites in Estonia, including Estonian parliament, banks, ministries, newspapers and broadcasters were hacked and entire Estonian network came to a point that it was useless. Estonian authorities traced those attacks to Russia, and suggested they had been orchestrated by the Kremlin and that charge was denied by Moscow. Some refer to this attack as Cyber War 1.
Another good example is Stuxnet computer worm which targeted mainly the industrial equipment. This was first discovered in July 2010 by Virus Blok Ada, a security firm based in Belarus. This worm had the ability to reprogram industrial systems and probable target is said to have been high valued Siemens controlled infrastructures in Iran. You might be surprised to hear that the infestation by this worm said to have damaged Iran's nuclear facilities in Natanz and eventually delayed the start up of Iran's Bushehr Nuclear Power Plant. Siemens initially stated that the worm had not caused any damage, but on November 29, Iran confirmed that its nuclear program had indeed been damaged by Stuxnet.
So far I did not mention any physical disasters caused by a cyber attack. In 1982, the CIA showed how a piece of code that changes the workings of a system could cause a physical damage. The agency exploded a Soviet gas pipeline in Siberia without using a missile or bomb, but a string of computer code. This is a classic example to show that even assassinations are possible with cyber attacks in near future.
Those are few of the examples from around the world. But don’t forget that during the humanitarian operation our web site also encountered a web defacement attack. Even at present there are continuous efforts been made to hack into our network which we have successfully defended up to now.
Ladies and Gentlemen,
There is nothing you can name which does not have some connection to the cyberspace. You name anything, all the information is available in the cyberspace. Every organization depends at least to some extent from the cyberspace and sooner or later the dependency would reach to a compelled state. More you depend more you become vulnerable.
If we talk about the Sri Lankan context during the civil war, main targets were the three forces, even though civilians and economic institutions were also bombed and attacked. If Sri Lanka is going to be attacked through cyberspace who would be the targets?
It would not only be the armed forces or state leaders, it would be you all as well. There are anti-Sri Lankan forces and pro- LTTE activists around the world. The number of pro-LTTE websites launching false propaganda are thousands in numbers and even at this moment there may be hundreds of thousands of people reading them and looking at this country with an awful eye.
At this moment I guarantee that no one can launch any physical attack on Sri Lanka. Though they do not have any room in the physical space, they have plenty of room to launch attacks on the cyberspace.
We know LTTE as our enemy since they have been our enemy in the physical space for almost 30 years. But the number of enemies who are looking forward to declare war on Sri Lanka through cyberspace may be much more than LTTE. We might never be able to know who they are and what their targets going to be.
To damage or destroy a nation it is not compulsory to attack the government and the armed forces of that country. There are various representatives here who are connected to the cyberspace including bank officials. Just assume what would happen if your Servers are attacked and financial information is compromised? Can you recover from such a disaster? How long would it take to recover? How long can your bank be kept closed? If your financial information is manipulated then what would you tell your customers? Are you ready for such situation? If one of your bank goes down for 8 hours then that will affect many other organizations and ultimately the entire country will be in a chaotic situation just like what happened in Estonia.
Of course you may be having Firewalls, Intrusion Detection and Prevention Systems and all sorts of security systems. But do you maintain them properly? Do you do enough amount of monitoring and do you have sufficient amount of logs. It is easy to have IT Security systems implemented. But you have to make sure that you have the correct configuration in your security systems. You must also continuously monitor those systems internally and externally to ensure that there are no loopholes or vulnerabilities.
Think of it like this. When you have guarded all your ports of entries against external threats you may feel that no intruders could come into your systems from outside. But some internal person in your organization, who has some degree of authority, could open a window to outside in a secretive manner. How would you tackle such a situation? If it is a passive attack you may never know that your system has been compromised. Therefore, apart from external attacks you need to prepare yourself against internal attacks as well. Make sure that you have the best user authentication and authorization process implemented in your Information System.
In case of an attack, after defusing you should do a postmortem analysis first and identify the loophole which triggered that attack. Secondly, action should be taken to prevent such attack happening in future. Proper documentation should be maintained to record all incidents with respect to cyber security and cyber attacks. Other than an IT Policy, you should have an IT Security Policy as well and it should be a part of the Organization Policy which is enforced on all the employees of your organization. Frequent Internal and External IT Audits, Penetrations tests are compulsory to guarantee that your system is not vulnerable in the cyberspace.
The main responsibility of countering the civil war was the responsibility of armed forces. But countering a possible cyber war which would definitely become a true threat for this country very soon is not the responsibility of armed forces alone. It is a responsibility of yours as well.
In combating this, all of us, service providers, banking sector, manufacturing sector, government sector together with armed forces must become soldiers and warriors before been victims of it.
Cyber or Digital forensic is a very difficult activity. But having high level forensic mechanisms is compulsory in national and organizational level. For this purpose and to ensure cyber security and face cyber wars, this country and your organizations require cyber warriors. On top of all the technological aspects, development of our human resources as cyber soldiers should be the first step towards making a peaceful cyberspace for Sri Lanka.
Ladies and Gentlemen,
I know that you are very much aware about the technical aspects of cyber warfare. But battling a cyber war is not just a battle of bits and bytes. It is going to be a collective effort of yours and ours. We all should be in the same big picture and we all must be prepared for cyber threats which are imminent in the near future. I hope you understood the strategic points which I tried to emphasize and wish you all be the pioneers of cyber security force in Sri Lanka.