Create Powerpoint presentation For Technical Writing Paper

Outline

· Abstract

· Today, the world's dependence on computers and technology is increasing. That has resulted in the emergence of cyber warfare. Cyber warfare is the use of computer technology to disrupt an organization's activities or state. It is deliberate attacking information systems for strategic or military purposes. In this paper, various methods of cyber warfare will be discussed.

· Keywords

· Malware

· Denial of service

· Cyber warfare

· Introduction

· Advances in technology have changed our way of life today. Most things can be done online, ranging from banking to collaborating on projects. The advances in technology have changed the cyber world into a weapon. Thus, most governments have started research and preparing cyber defenses.

· Thesis Statement - Malware and denial of service are the most common methods of cyber warfare.

· Body

· Malware

· Malware is a collective name given to malicious software variants, including viruses, spyware, and ransomware. It causes extensive damage to systems and data. It is also used to gain unauthorized access to a network.

· Denial of Service

· Denial of Service is cyber warfare used to deny legitimate users’ access to a system. A denial-of-service attack floods a server with messages, thus disabling the server or the network. A server or system may respond by crashing or rebooting, thus making it impossible for legitimate users to use the system.

· Conclusion

· In a nutshell, the most common cyber warfare methods are malware and denial of service attacks. Malware is used to cause damage to data or systems and gain unauthorized access to a network. On the other hand, a denial-of-service attack is used to prevent legitimate users of a system from accessing it.

Methods Used in Cyber Warfare Comment by Daniel Creider: Remove the header from each page First page does not meet the requirements Paper does not meet the page requirement

Bhaskar Bharati

Department of Computer Science and Information System

A&M-Commerce

Abstract

The invention and the constant development in the field of technology have made us dependent on computers more than ever. And that in turn has led to Cyber Warfare. Cyber warfare is completely different from the conventional kind of war involving the military or any such sort of physical confrontation. It is the use of computer/network systems and technologies to disrupt an organization or a country’s state through a digital attack. Sometimes these attacks are politically motivated and are targeted at a nation-state. The most common intent of cyber warfare is the disruption of a nation’s state and is performed for strategic or military purposes including cyber espionage. Unlike traditional warlike world war 1 or 2, modern wars are not fought with weapons, it is fought with information, the country who has the latest information would win. For example, military planning, enemy country’s planning and intent, their attack strategy, if a country could collect all this information, they would always be in the front of the war. In this paper, we will be going through various methods used in cyber warfare.

Keywords

Cyber warfare, Espionage, Sabotage, Propaganda, Malware, Stuxnet, Cyber Attack, Denial of Service, DDoS, Distributed DOS

Introduction

This is the century of technology and with the advancement in resources and technological innovation; cyber warfare has been constantly rising. Information Technology has changed the way we get things done unlike before 1990 where if one has t get information, they had to be present in the physical space. Now with all the internet and technology, things can be done with the click of a button. This has been referred to as ‘Digital Migration’. The internet has changed the way business is commenced, how the institutions run, how we connect, how a nation deals with an enemy nation, and so forth. It has also changed the way of war, earlier in World War 1 and war 2, it was all about the military. The country with better military and strategic resources will have a better likelihood but now it is all about information. Collection of information through planning, investigation, and technological resources is referred to as Cyber Warfare; Use of modern technologies to launch a deliberate attack on a government or nation. These attacks can cause comparable harm as to actual warfare carried out via the use of ammunitions and weaponry (Kostyuk & Zhukov. 2019). Usually, the term ‘war’ or ‘warfare’ is associated with violence, killing, murder, but that may not be the actual case with cyber warfare. Even though there is no direct killing or violence, but cyber warfare can disrupt an entire organization or a nation, or a government, and the extreme repercussions can be easily felt. Almost every country in the past has been known to be associated with at least 1 cyber-attack. However, it has not necessarily worked for everyone, for a few it has been successful as expected, for a few it did not pan out. And, in this paper, we will comprehensively discuss the various aspects, purposes, intent, and methods used in cyber warfare. We will also see how it has been so relevant for countries like the US to gather Intel on enemy countries and improve their strategic and military planning.

Change is inevitable and we have entered the technological era replacing the conventional war of manpower and weaponry with deliberately planned cyber-attacks. Now there is no other way but to adapt to the changes in this era where almost everything is on the internet, every piece of information one can ask for is somewhere readily available and it has completely changed the way we used to do things. This is a change that has taken the world by storm and no single government or private institutions can perform without adapting to these changes (Collins & McCombie. 2016). In fact, with the growing fierce competition, everyone wants to be ahead in the race, be it the race of financial status, military status, or social status and there is no other way but to adapt to modern systems and technologies to do so. Many countries are relying on the use of the internet and modern system to keep their influence over the world. One such is the US, a superpower nation, and the country’s defence sector relies on Cyber warfare to not just protect their borders but also to ensure peace and harmony in the world. Comment by Daniel Creider: One blank line between paragraphs is permitted.

Cyber warfare is not necessarily to harm someone, it could be used as a tool for reconnaissance to gather Intel on enemy states. That is what the US does and there are many similar scenarios where it can be of paramount importance. One such scenario is the case where a rogue state or an enemy country is planning to launch an attack, could be a terrorist attack, in the United States or in any nation where the country has a political interest. The United States as a nation has ties with many other countries, it could be because the country has heavily invested in that nation, or has the government has some political interest or invested in some way that makes them a close interest for the U.S. Now if a terrorist attack were to happen, United States would suffer losses terribly either in political investment or its reputation. To protect the nation, its citizens, and the country’s investment in the nation, United States government will be forced to intervene to ensure harmony and avoid any form of terror attacks in a foreign nation (Aucsmith. 2015). But being ahead in this game to protect itself or a foreign nation is not easy and requires a lot of information and gathering Intel to know any of such malicious plan being planned anywhere in the world. That, in turn, requires very deliberately planned and launched cyber nets as a reconnaissance tool on enemy’s system to collect information and work on a mitigation plan. Also, there are several nations with the capability of a nuclear weapon, or some countries has already a fully functional nuclear weapon. And, if a nuclear weapon were to be launched, it would not just be the next world war, but it would be the end of the world. So, to keep a check on the nation’s nuclear capability, cyberattacks became a vital tool to finding a way into an enemy state’s system and gather information on nuclear weapons.

What makes cyber warfare most dangerous is not the violence but the power of anonymity. Most of the cyber-attacks are launched remotely and, in some cases, anonymously. We do not even where the attack came from until it is claimed by a party/organization/country. To date, there have been many cyber-attacks that remain a mystery on where they came from or who launched them. Anonymously launched cyber-attacks are very difficult to be tracked of its source until it is claimed by an attacker (Green. 2015). There is not much way to track the source of a cyber-attack for a country, but speculation based on history, enemy states, geographic factors, etc. If one thing we have learned about cyber warfare is that very few of them comes from the private organization and they even, make a claim later but many attacks are state-sponsored and often remain a mystery on where these attacks came from.

Government agencies and institutions are always different strategies and tactics to combat cyber-attacks. Some countries like U.S, Russia, China, they deploy heavy secretive organization and institutions to be ahead of attacks and keep the country prepared for one. Combating with cybercrime requires a mitigation plan in place, infiltration of cyber vulnerabilities, and strong digital infrastructure among many others.

Different methods can damage the computer or network system of a nation/organization. The paper will discuss a few of the methods used by attackers to infiltrate the enemy’s system and computer networks. Later, the paper will also discuss in brief the motivation behind the launch of a cyber-attack.

Types of Cyber Attacks Comment by Daniel Creider: One blank line before and after a major heading is permitted.

Cyber warfare can bring a different kind of threats to a computer system or network. It could be a simple identity theft of a person to tampering with a nation’s air defenses. And, as strange as it may sound, it is possible for a very deliberate series of cyber-attacks to tamper with a country’s air defenses and use it to get control of air attack; one can imagine the disaster it would cause. Aside from these violence-based threats, some attacks are intended to cause espionage, support/contradict propaganda, sabotage a nation’s government or an organization’s operation, and economic disruption, among others.

a. Espionage

State-sponsored and Industry sponsored espionage is the modern tool. Be it a large corporation or a nation, today everyone has spies to keep track of their enemy or competitor in case of a corporation. In this era of information, the government deploys spies all over the world to obtain military and strategic information which in turn helps them prepare a mitigation plan for an event where such attacks were to happen. And cyber espionage has been on the rise constantly. It is an almost everyday event when an unidentified anonymous hacker breaks into a system and discloses an illegally obtained cluster of documents and computer data (Lewis. 2010). According to Messener (2008), Espionage is the process of obtaining information secretly or gathering intelligence through spying or the use of spies on a foreign government or a competition corporation. Cyber Espionage has become the thing to steal an abundance of information, classified, sensitive information to gain an upper hand over a government entity or a competitor firm. Simply put, espionage is the process of gathering sensitive information over a government’s body, military, and strategic intelligence with the intent to get aid during the time of political negotiation or war. Espionage is carried out by infiltrating an enemy’s computer system using proxy servers and malicious software. One such software used is Spyware.

b. Sabotage

In this technological era, everything is connected via the internet. From our water supply, fuel supply, power stations, communication network, transportation, state infrastructure to our satellite system, everything is connected to the computer and network. Thus, it makes them susceptible to vulnerabilities in case of a cyber-attack. Sabotage is nothing but disruption of equipment commenced via the vulnerability of computer network and system.

For example, consider a DOS attack which involves sending a chain of digital service requests to a web server in a way that it overloads the server and breaks it into dysfunctional. This would be a very simple example of sabotage. Other examples include breaking of a country’s transport infrastructure or water infrastructure, think of the disaster it would cause.

Another good example would be Iran’s nuclear plant destruction using a cyber weapon called the Stuxnet worm. No claim has been made to-date of this destruction but there was a strong suspicion of it being a sting operation of the U.S and Israel military (Samaan. 2017).

Sabotage often involves hacking into a large group of a computer system called botnets to perform an extensive infiltration by the system of another system’s network.

There are several instances where Sabotage can have a severe impact. Sabotage often targets military communications to break through the communication and collect strategic planning information and that is C4ISTAR (Command, Control, Communications, Computer, Intelligence, Surveillance, Acquisition, and Reconnaissance) is very critical when it comes to establishing communication between military personnel of any institution. Another classic example of where sabotage would have the highest disruption is the Power Grid of nation/state or the stock market.

c. Propaganda

Fake news and hate speech are widespread over the internet and it is a simple yet impenetrable issue with the internet. Once something is on the internet, we cannot just stop it, it is out there and it is bound to spread. Often targeting political figures and influencers, cyber propaganda is a simple, effective, and inexpensive way to manipulate and control information/news with the intent to influence public opinion (Carter. 2018). It is more of physiological warfare, the one that deploys social media, fake portals, websites, fake news, and other digital techniques to create/bend news in a way to distort public perception of the event.

According to Wikipedia, propaganda is communication with the prime intent to influence a group of public and aid an agenda with news and speeches presented selectively and irrespectively of the facts to gain public opinion or to motivate public perception. These communications are targeted in such a way that they would trigger the emotional sense of an individual instead of a rational response. A very simple but classic example would be a religious organization. Other examples may include political groups, activist groups, media, government, etc. Some terrorist groups also use propaganda to support their cause by spreading their message to their potential followers and brainwash them via the internet. Government and Private organizations are always trying to find a way to curb fake news and propaganda over the internet.

d. Economic disruption

There have been several attacks in large corporations with the intent to get ransomware (a sum of money) in exchange for releasing hostage of their computer network/systems. In some cases, the government has also been a target of economic disruption, for example, the WannaCry cyber-attack targeted United Kingdom’s national health service for ransomware.

Economic disruption could be the worst kind of cyber-attack costing data, fraud, financial data, and disruption of normal business operations.

e. Surprise cyber attacks

Cyber Pearl Harbour is one very good example of surprise cyber-attacks. The term coined in 2012 by the U.S defense secretary, referred to a potential cyber-attack that will target United States IT infrastructure. The intensity of the attack and potential devastation of such a surprise attack would be severe and can cause the damage as the surprise military attack on U. S’s Pearl Harbor in 1941 Japanese navy; that is where the term coined from.

There are many ways to attack a computer network or system. The methods usually rely on the end goal of the attack. For example, if a nation were to infiltrate a nation’s banking system to check for its economic instability, it would plant malware in the computer network to create a backdoor to their system. And, if they want to crash this banking system, a DOS attack can be helpful to overload the server and crash the system. Though there are several methods used in cyber warfare, malware, and DOS (denial of service) are the most common.

Methods Used in Cyber Warfare

1. Malware

Malware or Malicious software are programs (small or large) is developed with the sole intent to harm and damage computer network and systems. Transferred to a computer without the knowledge of its owner, malware has always been a threat. Although, with the advancement in computer technology, the impact of malware these days is much severe than it used to be. There has been the development of several malware detectors that can detect these malicious programs in a computer or a network, but their effectiveness is dependent on the malware type and malware creators often find a way to pass through these malware detectors.

Malware, short for ‘malicious software’, are small pieces of programs transferred into the target’s computer without the knowledge of the owner. Intended to harm the system or steal information or corrupt data files, malware is often very tricky to spot and can go on hindering a target’s computer for days until it can be found and mitigated. There is one kind of malware that can propagate itself all over the target’s computer network/system, once widespread, it is very difficult to back up the impacts of such malware. Studies have suggested that malware is one of the most significant methods used in cyber warfare. The malware creators are malicious individual/organization who develops malware in such a way that it could change and replicate from time to time to become completely undetectable from Malware detectors and Anti-Virus software.

Known malware with their signatures can be detected by Malware detectors but detecting unknown and polymorphic malware are the limitation of these detectors. Similarly, a new malware will not have any signature and cannot be detected by malware detectors.

Types of Malware

Malware can exist in different forms. However, sometimes one malware can exist in more than one class.

1. Virus

A virus has the property of replicating itself within the target’s computer. Since they cannot be executed on their own or they cannot exist independently, they are often attacked with other files, most often an executable file and application. And, when these executable files are executed, the virus spread itself throughout the computer and network due to its replicating features. Viruses can cause system performance degradation and in some cases denial of service.

1. Worms

Unlike viruses, worms are a small piece of a program that can exist independently. They also have the feature like a virus to replicate itself through the entire storage device and eventually consume the system’s resource and network causing degradation of the system’s performance. Worm replicating creates multiple copies in a computer and hence is susceptible to be detected by an anti-virus program (Spafford. 1989).

1. Trojan Horse

Trojan Horse is often transferred to a target’s computer from the internet, like downloading appears as an important program but has a harmful effect. It can monitor the user’s activity, steal sensitive data, or can alter/corrupt the files in the computer system.

1. Rootkit

A rootkit is a masking technique that aids to malware residing in the system and takes control of the operating system to create a mask that can hide malware or itself from being detected by a malware detector.

1. Spyware

Installed without the knowledge of the owner, Spywares are small software which when installed on a target’s system monitors and logs user activity, collects information, and finally sending it to the target source. It has been proven in the past that even giant internet corporations like Google uses Spyware to track their users.

1. Adware

Adware are small malicious programs that run in the background of a computer system and run ads without the permission of an owner. Adware is very annoying for a user and is as harmful as any other malware.

1. Cookies

Cookies are small packets of information withheld by a browser for faster browsing through the web pages. Cookies are not malicious at all, but it becomes when it is misused by a Spyware to gather information on a user’s browsing activity and logging details.

1. Sniffers

Sniffers are a small piece of software that only monitors the traffic and network on a computer system which further aids the preparation and attack of malware.

1. Botnet

A hacker does not do illegal malicious activities by their computer, but they keep a string of hacked or infected computers which they can access anytime to do malicious activities including stealing information, sending spam message, or launching a DOS attack. The network of these infected computers is called Botnets.

1. Keyloggers

Keylogger is also a spyware kind of malware that only records keystrokes entered a system which can further help to steal passwords, credit card details, and such data. Often installed while visiting an infected site, keyloggers can release all our keystrokes data to individuals/organizations with malicious intent.

1. Ransomware

In the modern era, ransomware is the thing for a large group of hackers with the sole intent to make money. This malware would take hold of the pc and operating system by encrypting data and applications until demand is fulfilled (often it is money). Although, even after paying the ransom, there is no guarantee that one would get the access back or one wouldn’t know how infected the recovered system would be.

Malwares are the biggest threat of the internet world responsible for stealing data, disabling network, corrupting data, and much more. We have seen several of the malware types above and how they can infect a computer system. With the development of malware detectors, there are constant improvements in malware as well, with each being more and more complex and having better camouflage techniques to be detected by malware detectors.

Due to a limited technique in malware detection, security experts are integrating machine learning and data mining methods with the current malware detection methods to increase the efficiency and accuracy of detectors.

1. Denial of Service

Denial of Service (DOS) attacks are the biggest threat to computer security. Earlier, DOS attacks were more of a reputation thing for underground hackers where they would take down a website and gain a reputation in the community. With easy-to-use DOS tools like Trinoo (Dittrich. 1999) which can be downloaded from the internet, any computer user with basic knowledge of computer can perform a DOS attack. DOS attacks involve overloading a target’s resource, it would require many distributed attacking hosts to launch the attack, called a Distributed Denial of Service (DDoS) attack. Since the incoming traffic would be tremendous compared to the target’s resource, it would eventually force the victim to shut down the operations. Conventional DOS attacks can be prevented simply by prohibiting remote/local access or using a better-secured service system. While, in the case of a DDoS attack, it is extremely difficult to distinguish from the unwitting and attacking hosts. As computer vulnerabilities increases, so increase the severity and likelihood of DDoS attacks which enables attackers to break in and install several attacking tools in the host system (CERT. 2006).

Denial of Service attacks has always been a constant threat for websites. There will be great losses in revenue for the website owners if the website goes down for a tragic amount of time.

Common types of DOS attacks:

1. Ping of Death

In this kind of DOS attack, the attack host sends hundreds or even thousands of requests with a large packet size called ICMP Echo request. The frequency and size of these pings knock off the target host or intent to keep it so bust that the server or ICMP Echo replies that it cannot service clients anymore.

1. TCP SYN Flood Attack

This kind of DOS attack sends a request of connection with an invalid return address to the target host and utilizes the perk of a standard TCP’s 3-way handshake.

DOS Attack Techniques

There are several attacking techniques used in DOS, all with the same intent to downgrade service performance by consuming the system’s resources or disabling service at all by crashing it with overloaded traffic. According to Handley (2005), there two major techniques in DOS attack: Network-based and host-based DOS attacks.

1. Network-based attacks

A network-based DOS attack is a TCP SYN Flood attack that exploits stateful network protocols (Jian. 2000).

Whenever a client wants to interact or establish a TCP connection with a server, it involves:

· A client sending an SYN message to the server

· Server acknowledging by sending SYN-ACK message to the client

· Establishment completes by client responding with ACK message

And that is how the connection between the server and the client is established, and data can be exchanged. The exploit here happens at the half-open state when the server is waiting for the client to respond with an ACK message after it sends the SYN-ACK message as an acknowledgment to the client’s SYN message to the server (CERT. 1996).

The server needs to allocate some memory to store information of the half-open connection with the client which is not released until the half-connection expires or the server receives the ACK message from the client. Now, these memories can be easily created by creating a half-open connection with the help of spoofed IPs and sending SYN messages to a server. Or, by ignoring the SYN-ACK message, the server can be tricked into allocating memory for information of half-connection. Since there are limited memory spaces allocated to a server for storing information of half-connections, creating too many of these connections at a very high frequency will allocate all the spaces. Though, half-connection information expires, creating lots and lots of it with the server’s limited spaces will fill up all space and the server would be unable to accept any new connection request.

1. Host-Based Attacks

Unlike network-based attack, host-based DOS attacks exploit vulnerabilities in target’s computer and system They are application-specific, can be exploiting algorithms (Crosby. 2003), memory structures, authentication protocols, implementation and so forth. In host-based attacks, DOS attacks can be conventional using one system or Distributed (coming from several hosts).

An example of a host-based attack can involve attacking secure servers processing credit card payments of an e-commerce website. A DOS attacker finds and exploits flaws in systems and application protocols with the intent to deny service requests. Securing servers is not the way to safeguard the server in case of an attack because, in the case of DDoS attacks, distributed hosts are complicated and unable to be identified and classified from unwitting hosts.

Conclusion

Cyber-attacks are going to happen; no one can stop them. They are almost-anonymous, cheap, and have been proven to be very effective. And, when it is used in the interest of military or propaganda, the effect is severe. We are currently living in a world where things have changed a lot in the last couple of years, and the changes could be seen in almost every industry, be it for military, government, large corporations, small start-ups, technology has its impact everywhere. Even the most conventional of institutions are going online and have migrated to computers and modern systems. Every data is available online, from a simple child’s browsing material to academic information to military and weaponry information. That in turn increases the risk of misuse of technology to alter/corrupt data to support propaganda or aid a terrorism activity. Despite the lists of consequences of technology and the internet including cyber warfare, we can never stop using it. What we can do is be prepared for what may come. For an individual, it is to protect personal data, for corporations, it is to prevent data theft like financial data, prevent its assets and resources from cyber-attacks, and for the government, it is to protect from propaganda, enemy state’s terror planning, counter-terrorism activities among many others.

References Comment by Daniel Creider: Every reference must have a URL which is a hyperlink Put one blank line between references

Acton, J. M. (2020). Cyber warfare & inadvertent escalation. Dedalus, 149(2), 133-149.

https://cdn.ymaws.com/www.iafie.org/resource/resmgr/intelligence_studies_digest_.pdf

AucSmith. (2015). Implications of Cyber warfare.

https://www.researchgate.net/publication/300578764_Implications_of_Cyber_Warfare

Broad. (2011). Israeli Test on Worm Called Crucial in Iran Nuclear Delay. P.1-4.

https://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html

Carter. (2018). Dynamic Security Threat and the British Army.

https://rusi.org/event/dynamic-security-threats-and-british-army

Collins, S., & Mccombie, S. (2012). Stuxnet: The emergence of a new cyber weapon and its implications. Journal of Policing, Intelligence and Counter Terrorism, 7(1), 80-91. doi:10.1080/18335330.2012.653198

https://www.semanticscholar.org/paper/Stuxnet%3A-the-emergence-of-a-new-cyber-weapon-and-Collins-McCombie/d8c2f54080c89f509281a6ff7621c278ecb641e8

Duddu, V. (2018). A survey of adversarial machine learning in cyber warfare. Defence Science Journal, 68(4), 356.

https://pdfs.semanticscholar.org/57c5/2c98730c26290b2044ad45924e58cb2fb5cf.pdf

Green, James A. (2015). Cyber Warfare. Routledge.

https://www.routledge.com/Cyber-Warfare-A-Multidisciplinary-Analysis/Green/p/book/9780415787079

Kostyuk, N., &Zhukov, Y.M. (2019). Invisible digital Front: Can Cyber Attacks Shape Battlefield EVENTS? Journal of Conflict Resolution, (2), 317-347. https://journals.sagepub.com/doi/abs/10.1177/0022002717737138

Lucas, G. R. (2017). Ethics and cyber warfare: the quest for responsible security in the age of digital warfare. Oxford university press.

https://global.oup.com/academic/product/ethics-and-cyber-warfare-9780190276522

McDowell. (2009). Understanding Denial-of-service Attacks.

http://www.us-cert.gov/cas/tips/ST04-015.html

Messmer. (2008). Cyber Espionage: A growing threat to Business.

https://www.firstpost.com/business/cyber-espionage-a-growing-threat-to-national-security-1863477.html

Porter. (2018). Military Implications of Cyber Warfare: What’s in store for the Cyber Threat Landscape.

https://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html

Lewis. (2010). The Cyber war has not begun

http://csis-website-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/publication/100311_TheCyberWarHasNotBegun.pdf

Spafford. (1989). The internet worm incident

https://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=1792&context=cstech

Whyte, C., & Mazanec, B. (2018). Understanding cyber warfare: Politics, policy and strategy. Routledge.

https://www.routledge.com/Understanding-Cyber-Warfare-Politics-Policy-and-Strategy/Whyte-Mazanec/p/book/9781138640627