||This article's lead section may not adequately summarize key points of its contents. (January 2015)|
|This article is part of a series on|
|Related security categories|
|Part of a series about|
Cyberwarfare has been defined as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption,":6 but other definitions also include non-state actors, such as terrorist groups, companies, political or ideological extremist groups, hacktivists, and transnational criminal organizations.
- 1 Types of threat
- 2 Motivations
- 3 Cyberwarfare by country
- 4 Cyber counterintelligence
- 5 Controversy over terms
- 6 Incidents
- 7 Legality, rules
- 8 See also
- 9 Further reading
- 10 References
- 11 External links
Types of threat
Cyber espionage, which can provide the information needed to launch a successful attack.
Traditional espionage is not an act of war, nor is cyber-espionage, and both are generally assumed to be ongoing between major powers.
Despite this assumption, some incidents can cause serious tensions between nations, and are often described as "attacks". For example:
- Massive spying by the US on many countries, revealed by Edward Snowden.
- After the NSA's spying on Germany's Chancellor Angela Merkel was revealed the Chancellor compared the NSA with the Stasi.
- NSA recording nearly every cell phone conversation in the Bahamas without the Bahamian government's permission, and similar programes in Kenya, the Philippines, Mexico and Afghanistan.
- The "Titan Rain" probes of American defence contractors computer systems since 2003.
- The Office of Personnel Management data breach, in the US, widely attributed to China.
Computers and satellites that coordinate other activities are vulnerable components of a system and could lead to the disruption of equipment. Compromise of military systems, such as C4ISTAR components that are responsible for orders and communications could lead to their interception or malicious replacement. Power, water, fuel, communications, and transportation infrastructure all may be vulnerable to disruption. According to Clarke, the civilian realm is also at risk, noting that the security breaches have already gone beyond stolen credit card numbers, and that potential targets can also include the electric power grid, trains, or the stock market.
In mid July 2010, security experts discovered a malicious software program called Stuxnet that had infiltrated factory computers and had spread to plants around the world. It is considered "the first attack on critical industrial infrastructure that sits at the foundation of modern economies," notes The New York Times.
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks may not be limited to computer-based methods, as strategic physical attacks against infrastructure can be just as devastating. For example, cutting undersea communication cables may severely cripple some regions and countries with regards to their information warfare ability.
Electrical power grid
The federal government of the United States admits that the electric power grid is susceptible to cyberwarfare. The United States Department of Homeland Security works with industry to identify vulnerabilities and to help industry enhance the security of control system networks, the federal government is also working to ensure that security is built in as the next generation of "smart grid" networks are developed. In April 2009, reports surfaced that China and Russia had infiltrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national security officials. The North American Electric Reliability Corporation (NERC) has issued a public notice that warns that the electrical grid is not adequately protected from cyber attack. China denies intruding into the U.S. electrical grid. One countermeasure would be to disconnect the power grid from the Internet and run the net with droop speed control only. Massive power outages caused by a cyber attack could disrupt the economy, distract from a simultaneous military attack, or create a national trauma.
It's possible that hackers have gotten into administrative computer systems of utility companies, but says those aren't linked to the equipment controlling the grid, at least not in developed countries. [Schmidt] has never heard that the grid itself has been hacked.
In the U.S., General Keith B. Alexander, first head of the recently formed USCYBERCOM, told the Senate Armed Services Committee that computer network warfare is evolving so rapidly that there is a "mismatch between our technical capabilities to conduct operations and the governing laws and policies. Cyber Command is the newest global combatant and its sole mission is cyberspace, outside the traditional battlefields of land, sea, air and space." It will attempt to find and, when necessary, neutralize cyberattacks and to defend military computer networks.
Alexander sketched out the broad battlefield envisioned for the computer warfare command, listing the kind of targets that his new headquarters could be ordered to attack, including "traditional battlefield prizes – command-and-control systems at military headquarters, air defense networks and weapons systems that require computers to operate."
One cyber warfare scenario, Cyber ShockWave, which was wargamed on the cabinet level by former administration officials, raised issues ranging from the National Guard to the power grid to the limits of statutory authority.
The distributed nature of internet based attacks means that it is difficult to determine motivation and attacking party, meaning that it is unclear when a specific act should be considered an act of war.
Examples of cyberwarfare driven by political motivations can be found worldwide. In 2008, Russia began a cyber attack on the Georgian government website, which was carried out along with Georgian military operations in South Ossetia. In 2008, Chinese 'nationalist hackers' attacked CNN as it reported on Chinese repression on Tibet.
Jobs in cyberwarfare have become increasingly popular in the military. The United States Navy actively recruits for cyber warfare engineers. The US Army has their Cyber Command where they actively recruit for cryptologic network warfare specialists.
Potential targets in internet sabotage include all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. This would include: web servers, enterprise information systems, client server systems, communication links, network equipment, and the desktops and laptops in businesses and homes. Electrical grids and telecommunication systems are also deemed vulnerable, especially due to current trends in automation.
Politically motivated hacktivism, involves the subversive use of computers and computer networks to promote an agenda, and can potential extend to attacks, theft and virtual sabotage that could be seen as cyberwarfare - or mistaken for it.
Computer hacking represents a modern threat in ongoing industrial espionage and as such is presumed to widely occur. It is typical that this type of crime is underreported. According to McAfee's George Kurtz, corporations around the world face millions of cyberattacks a day. "Most of these attacks don't gain any media attention or lead to strong political statements by victims." This type of crime is usually financially motivated.
But not all examinations with the issue of cyberwarfare are achieving profit or personal gain. There are still institutes and companies like the University of Cincinnati or the Kaspersky Security Lab which are trying to increase the sensibility of this topic by researching and publishing of new security threats.
Cyberwarfare by country
The Internet security company McAfee stated in their 2007 annual report that approximately 120 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities.
Cyberwarfare in China
A 2008 article in the Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies by Jason Fritz alleges that the Chinese government from 1995 to 2008 was involved in a number of high-profile cases of espionage, primarily through the use of a "decentralized network of students, business people, scientists, diplomats, and engineers from within the Chinese Diaspora". A defector in Belgium, purportedly an agent, claimed that there were hundreds of spies in industries throughout Europe, and on his defection to Australia Chinese diplomat Chen Yonglin said there were over 1,000 such in that country. In 2007, a Russian executive was sentenced to 11 years for passing information about the rocket and space technology organization to China. Targets in the United States have included ‘aerospace engineering programs, space shuttle design, C4ISR data, high-performance computers, Nuclear weapon design, cruise missile data, semiconductors, integrated circuit design, and details of US arms sales to Taiwan'.
While China continues to be held responsible for a string of cyber-attacks on a number of public and private institutions in the United States, India, Russia, Canada, and France, the Chinese government denies any involvement in cyber-spying campaigns. The administration maintains the position that China is not the threat but rather the victim of an increasing number of cyber-attacks. Most reports about China's cyber warfare capabilities have yet to be confirmed by the Chinese government.
According to Fritz, China has expanded its cyber capabilities and military technology by acquiring foreign military technology. Fritz states that the Chinese government uses "new space-based surveillance and intelligence gathering systems, Anti-satellite weapon, anti-radar, infrared decoys, and false target generators" to assist in this quest, and that they support their "informationization" of the their military through "increased education of soldiers in cyber warfare; improving the information network for military training, and has built more virtual laboratories, digital libraries and digital campuses.' Through this informationization, they hope to prepare their forces to engage in a different kind of warfare, against technically capable adversaries. Many recent news reports link China's technological capabilities to the beginning of a new 'cyber cold war.'
In response to reports of cyberattacks by China against the United States, Amitai Etzioni of the Institute for Communitarian Policy Studies has suggested that China and the United States agree to a policy of mutually assured restraint with respect to cyberspace. This would involve allowing both states to take the measures they deem necessary for their self-defense while simultaneously agreeing to refrain from taking offensive steps; it would also entail vetting these commitments.
Cyberwarfare in Germany
In 2013, Germany revealed the existence of their 60-person Computer Network Operation unit. The German intelligence agency, BND, announced it was seeking to hire 130 "hackers" for a new "cyber defence station" unit. In March 2013, BND president Gerhard Schindler announced that his agency had observed up to five attacks a day on government authorities, thought mainly to originate in China. He confirmed the attackers had so far only accessed data and expressed concern that the stolen information could be used as the basis of future sabotage attacks against arms manufacturers, telecommunications companies and government and military agencies. Shortly after Edward Snowden leaked details of the U.S. National Security Agency's cyber surveillance system, German Interior Minister Hans-Peter Friedrich announced that the BND would be given an additional budget of 100 million Euros to increase their cyber surveillance capability from 5% of total internet traffic in Germany to 20% of total traffic, the maximum amount allowed by German law.
Cyberwarfare in India
The Department of Information Technology created the Indian Computer Emergency Response Team (CERT-In) in 2004 to thwart cyber attacks in India. That year, there were 23 reported cyber security breaches. In 2011, there were 13,301. That year, the government created a new subdivision, the National Critical Information Infrastructure Protection Centre (NCIIPC) to thwart attacks against energy, transport, banking, telecom, defence, space and other sensitive areas.
The Executive Director of the Nuclear Power Corporation of India (NPCIL) stated in February 2013 that his company alone was forced to block up to ten targeted attacks a day. CERT-In was left to protect less critical sectors.
A high-profile cyber attack on 12 July 2012 breached the email accounts of about 12,000 people, including those of officials from the Ministry of External Affairs, Ministry of Home Affairs, Defence Research and Development Organisation (DRDO), and the Indo-Tibetan Border Police (ITBP). A government-private sector plan being overseen by National Security Advisor (NSA) Shivshankar Menon began in October 2012, and intends to beef up India's cyber security capabilities in the light of a group of experts findings that India faces a 470,000 shortfall of such experts despite the country's reputation of being an IT and software powerhouse.
In February 2013, Information Technology Secretary J. Satyanarayana stated that the NCIIPC[page needed] was finalizing policies related to national cyber security that would focus on domestic security solutions, reducing exposure through foreign technology. Other steps include the isolation of various security agencies to ensure that a synchronised attack could not succeed on all fronts and the planned appointment of a National Cyber Security Coordinator. As of that month, there had been no significant economic or physical damage to India related to cyber attacks.
Cyberwarfare in Iran
Cyberwarfare in South Korea
With ongoing tensions on the Korean Peninsula, South Korea's defense ministry stated that South Korea was going to improve cyber-defense strategies in hopes of preparing itself from possible cyber attacks. In March 2013, South Korea's major banks – Shinhan Bank, Woori Bank and NongHyup Bank – as well as many broadcasting stations – KBS, YTN and MBC – were hacked and more than 30,000 computers were affected; it is one of the biggest attacks South Korea has faced in years. Although it remains uncertain as to who was involved in this incident, there has been immediate assertions that North Korea is connected, as it threatened to attack South Korea's government institutions, major national banks and traditional newspapers numerous times – in reaction to the sanctions it received from nuclear testing and to the continuation of Foal Eagle, South Korea's annual joint military exercise with the United States. North Korea's cyber warfare capabilities raise the alarm for South Korea, as North Korea is increasing its manpower through military academies specializing in hacking. Current figures state that South Korea only has 400 units of specialized personnel, while North Korea has more than 3,000 highly trained hackers; this portrays a huge gap in cyber warfare capabilities and sends a message to South Korea that it has to step up and strengthen its Cyber Warfare Command forces. Therefore, in order to be prepared from future attacks, South Korea and the United States will discuss further about deterrence plans at the Security Consultative Meeting (SCM). At SCM, they plan on developing strategies that focuses on accelerating the deployment of ballistic missiles as well as fostering its defense shield program, known as the Korean Air and Missile Defense.
Cyberwarfare in the Netherlands
In the Netherlands Cyber Defense is nationally coordinated by the National Cyber Security Center (NCSC). The Dutch Ministry of Defense laid out a cyber strategy in 2011. The first focus is to improve the cyber defense handled by the Joint IT branch (JIVC). To improve intel operations the intel community in the Netherlands (including the military intel organization MIVD) has set up the Joint Sigint Cyber Unit (JSCU). The ministry of Defense is furthermore setting up an offensive cyber force, called Defensie Cyber Command (DCC), which will be operational in the end of 2014.
Cyberwarfare in Russia
Cyberwarfare in the UK
On 12 November 2013, financial organisations in London conducted cyber war games dubbed 'Waking Shark 2' to simulate massive internet-based attacks against bank and other financial organisations. The Waking Shark 2 cyber war games followed a similar exercise in Wall Street.
Cyberwarfare in the United States
Cyberwarfare in the United States is a part of the American military strategy of proactive cyber defence and the use of cyberwarfare as a platform for attack. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war.
In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. Representative Mike Rogers, chairman of the U.S. House Permanent Select Committee on Intelligence, for instance, said in late July 2013, that "most Americans" do not realize that the United States is currently in the middle of a "cyber war."
U.S. government security expert Richard A. Clarke, in his book Cyber War (May 2010), defines "cyberwarfare" as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption.":6 The Economist describes cyberspace as "the fifth domain of warfare," and William J. Lynn, U.S. Deputy Secretary of Defense, states that "as a doctrinal matter, the Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space."
In 2009, President Barack Obama declared America's digital infrastructure to be a "strategic national asset," and in May 2010 the Pentagon set up its new U.S. Cyber Command (USCYBERCOM), headed by General Keith B. Alexander, director of the National Security Agency (NSA), to defend American military networks and attack other countries' systems. The EU has set up ENISA (European Union Agency for Network and Information Security) which is headed by Prof. Udo Helmbrecht and there are now further plans to significantly expand ENISA's capabilities. The United Kingdom has also set up a cyber-security and "operations centre" based in Government Communications Headquarters (GCHQ), the British equivalent of the NSA. In the U.S. however, Cyber Command is only set up to protect the military, whereas the government and corporate infrastructures are primarily the responsibility respectively of the Department of Homeland Security and private companies.
In February 2010, top American lawmakers warned that the "threat of a crippling attack on telecommunications and computer networks was sharply on the rise." According to The Lipman Report, numerous key sectors of the U.S. economy along with that of other nations, are currently at risk, including cyber threats to public and private facilities, banking and finance, transportation, manufacturing, medical, education and government, all of which are now dependent on computers for daily operations. In 2009, President Obama stated that "cyber intruders have probed our electrical grids."
The Economist writes that China has plans of "winning informationised wars by the mid-21st century". They note that other countries are likewise organizing for cyberwar, among them Russia, Israel and North Korea. Iran boasts of having the world's second-largest cyber-army. James Gosler, a government cybersecurity specialist, worries that the U.S. has a severe shortage of computer security specialists, estimating that there are only about 1,000 qualified people in the country today, but needs a force of 20,000 to 30,000 skilled experts. At the July 2010 Black Hat computer security conference, Michael Hayden, former deputy director of national intelligence, challenged thousands of attendees to help devise ways to "reshape the Internet's security architecture", explaining, "You guys made the cyberworld look like the north German plain."
In January 2012, Mike McConnell, the former director of national intelligence at the National Security Agency under President George W. Bush told the Reuters news agency that the U.S. has already launched attacks on computer networks in other countries. McConnell did not name the country that the U.S. attacked but according to other sources it may have been Iran. In June 2012 the New York Times reported that President Obama had ordered the cyber attack on Iranian nuclear enrichment facilities.
In August 2010, the U.S. for the first time warned publicly about the Chinese military's use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. The Pentagon also pointed to an alleged China-based computer spying network dubbed GhostNet that was revealed in a research report last year. The Pentagon stated:
- "The People's Liberation Army is using "information warfare units" to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. Commander Bob Mehal, will monitor the PLA's buildup of its cyberwarfare capabilities and will continue to develop capabilities to counter any potential threat."
The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security. The United States Joint Forces Command describes some of its attributes:
- Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Furthermore, the globe-spanning range of cyberspace and its disregard for national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies.
- With very little investment, and cloaked in a veil of anonymity, our adversaries will inevitably attempt to harm our national interests. Cyberspace will become a main front in both irregular and traditional conflicts. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. Through cyberspace, enemies will target industry, academia, government, as well as the military in the air, land, maritime, and space domains. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Indeed, adversaries have already taken advantage of computer networks and the power of information technology not only to plan and execute savage acts of terrorism, but also to influence directly the perceptions and will of the U.S. Government and the American population.
On 24 November 2014. The Sony hack was a release of confidential data belonging to Sony Pictures Entertainment (SPE)
- American "Kill switch bill"
On 19 June 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010", which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the President emergency powers over parts of the Internet. However, all three co-authors of the bill issued a statement that instead, the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks".
The United States has used cyberattacks for tactical advantage in Afghanistan.
Cyber counter-intelligence are measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions.
- On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.
- On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.
- On 9 February 2009, the White House announced that it will conduct a review of the nation's cyber security to ensure that the Federal government of the United States cyber security initiatives are appropriately integrated, resourced and coordinated with the United States Congress and the private sector.
- In the wake of the 2007 cyberwar waged against Estonia, NATO established the Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, in order to enhance the organization's cyber defence capability. The center was formally established on 14 May 2008, and it received full accreditation by NATO and attained the status of International Military Organization on 28 October 2008. Since Estonia has led international efforts to fight cybercrime, the United States Federal Bureau of Investigation says it will permanently base a computer crime expert in Estonia in 2009 to help fight international threats against computer systems.
One of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult. However Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable".
In 2015, the Department of Defense released an updated cyber strategy memorandum detailing the present and future tactics deployed in the service of defense against cyberwarfare. In this memorandum, three cybermissions are laid out. The first cybermission seeks to arm and maintain existing capabilities in the area of cyberspace, the second cybermission focuses on prevention of cyberwarfare, and the third cybermission includes strategies for retaliation and preemption (as distinguished from prevention).
Controversy over terms
There is debate on whether the term "cyberwarfare" is accurate.
Eugene Kaspersky, founder of Kaspersky Lab, concludes that "cyberterrorism" is a more accurate term than "cyberwar." He states that "with today's attacks, you are clueless about who did it or when they will strike again. It's not cyber-war, but cyberterrorism." He also equates large-scale cyber weapons, such as Flame and NetTraveler which his company discovered, to biological weapons, claiming that in an interconnected world, they have the potential to be equally destructive.
In October 2011 the Journal of Strategic Studies, a leading journal in that field, published an article by Thomas Rid, "Cyber War Will Not Take Place" which argued that all politically motivated cyber attacks are merely sophisticated versions of sabotage, espionage, or subversion - and that it is unlikely that cyber war will occur in the future.
Howard Schmidt, an American cybersecurity expert, argued in March 2010 that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment."
Other experts, however, believe that this type of activity already constitutes a war. The warfare analogy is often seen intended to motivate a militaristic response when that is not necessarily appropriate. Ron Deibert, of Canada's Citizen Lab, has warned of a "militarization of cyberspace."
The European cybersecurity expert Sandro Gaycken argued for a middle position. He considers cyberwar from a legal perspective an unlikely scenario, due to the reasons lined out by Rid (and, before him, Sommer), but the situation looks different from a strategic point of view. States have to consider military-led cyber operations an attractive activity, within and without war, as they offer a large variety of cheap and risk-free options to weaken other countries and strengthen their own positions. Considered from a long-term, geostrategic perspective, cyber offensive operations can cripple whole economies, change political views, agitate conflicts within or among states, reduce their military efficiency and equalize the capacities of high-tech nations to that of low-tech nations, and use access to their critical infrastructures to blackmail them.
- On 21 November 2011, it was widely reported in the U.S. media that a hacker had destroyed a water pump at the Curran-Gardner Township Public Water District in Illinois. However, it later turned out that this information was not only false, but had been inappropriately leaked from the Illinois Statewide Terrorism and Intelligence Center.
- On 6 October 2011, it was announced that Creech AFB's drone and Predator fleet's command and control data stream had been keylogged, resisting all attempts to reverse the exploit, for the past two weeks. The Air Force issued a statement that the virus had "posed no threat to our operational mission".
- In July 2011, the South Korean company SK Communications was hacked, resulting in the theft of the personal details (including names, phone numbers, home and email addresses and resident registration numbers) of up to 35 million people. A trojaned software update was used to gain access to the SK Communications network. Links exist between this hack and other malicious activity and it is believed to be part of a broader, concerted hacking effort.
- Operation Shady RAT is an ongoing series of cyber attacks starting mid-2006, reported by Internet security company McAfee in August 2011. The attacks have hit at least 72 organizations including governments and defense contractors.
- On 4 December 2010, a group calling itself the Pakistan Cyber Army hacked the website of India's top investigating agency, the Central Bureau of Investigation (CBI). The National Informatics Center (NIC) has begun an inquiry.
- On 26 November 2010, a group calling itself the Indian Cyber Army hacked the websites belonging to the Pakistan Army and the others belong to different ministries, including the Ministry of Foreign Affairs, Ministry of Education, Ministry of Finance, Pakistan Computer Bureau, Council of Islamic Ideology, etc. The attack was done as a revenge for the Mumbai terrorist attacks.
- In October 2010, Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said Britain faces a "real and credible" threat from cyber attacks by hostile states and criminals and government systems are targeted 1,000 times each month, such attacks threatened Britain's economic future, and some countries were already using cyber assaults to put pressure on other nations.
- In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. The worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare.
- In July 2009, there were a series of coordinated denial of service attacks against major government, news media, and financial websites in South Korea and the United States. While many thought the attack was directed by North Korea, one researcher traced the attacks to the United Kingdom.
- Russian, South Ossetian, Georgian and Azerbaijani sites were attacked by hackers during the 2008 South Ossetia War.
- In 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian organization". During the election campaigns and riots preceding the election, there were cases of Denial-of-service attacks against the Kyrgyz ISPs.
- In September 2007, Israel carried out an airstrike on Syria dubbed Operation Orchard. U.S. industry and military sources speculated that the Israelis may have used cyberwarfare to allow their planes to pass undetected by radar into Syria.
- In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. The largest part of the attacks were coming from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted. This attack on Estonia, a seemingly small Baltic nation, was so effective because of how most of the nation is run online. Estonia has implemented an e-government, where bank services, political elections and taxes are all done online.This attack really hurt Estonia's economy and the people of Estonia. At least 150 people were injured on the first day due to riots in the streets.
- In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Forces (IDF) intelligence estimates several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel attached growing importance to cyber-tactics, and became, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development operations in Israel, where local hires are often veterans of the IDF's elite computer units. Richard A. Clarke adds that "our Israeli friends have learned a thing or two from the programs we have been working on for more than two decades.":8
It should also be worthy to note that a Spy Drone was shot down by a team Egyptian White/Grey Hat Hackers near the Libyan borders,which was later delivered to the Egyptian government.
Various parties have attempted to come up with international legal frameworks to clarify what is and is not acceptable, but none have yet to be widely accepted.
The Tallinn Manual, published in 2013, is an academic, non-binding study on how international law, in particular the jus ad bellum and international humanitarian law, apply to cyber conflicts and cyber warfare. It was written at the invitation of the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence by an international group of approximately twenty experts between 2009 and 2012.
The Shanghai Cooperation Organisation (members of which include China and Russia) defines cyberwar to include dissemination of information "harmful to the spiritual, moral and cultural spheres of other states". In September 2011, these countries proposed to the UN Secretary General a document called "International code of conduct for information security".
In contrast, the United States' approach focuses on physical and economic damage and injury, putting political concerns under freedom of speech. This difference of opinion has led to reluctance in the West to pursue global cyber arms control agreements. However, American General Keith B. Alexander did endorse talks with Russia over a proposal to limit military attacks in cyberspace. In June 2013, Barack Obama and Vladimir Putin agreed to install a secure Cyberwar-Hotline providing "a direct secure voice communications line between the US cybersecurity coordinator and the Russian deputy secretary of the security council, should there be a need to directly manage a crisis situation arising from an ICT security incident." (White House quote)
A Ukrainian professor of International Law, Alexander Merezhko, has developed a project called the International Convention on Prohibition of Cyberwar in Internet. According to this project, cyberwar is defined as the use of Internet and related technological means by one state against political, economic, technological and information sovereignty and independence of any other state. Professor Merezhko's project suggests that the Internet ought to remain free from warfare tactics and be treated as an international landmark. He states that the Internet (cyberspace) is a "common heritage of mankind."
- Air Force Cyber Command (Provisional)
- Automated teller machine#Device operation integrity
- Cyber-arms industry
- Cyber spying
- IT risk
- List of cyber-attacks
- List of cyber attack threat trends
- Penetration test
- Signals intelligence
- United States Cyber Command
- Andress, Jason. Winterfeld, Steve. (2011). Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners. Syngress. ISBN 1-59749-637-5
- Brenner, S. (2009). Cyber Threats: The Emerging Fault Lines of the Nation State. Oxford University Press. ISBN 0-19-538501-2
- Carr, Jeffrey. (2010). Inside Cyber Warfare: Mapping the Cyber Underworld. O'Reilly. ISBN 978-0-596-80215-8
- Cordesman, Anthony H., Cordesman, Justin G. Cyber-threats, Information Warfare, and Critical Infrastructure Protection, Greenwood Publ. (2002)
- Costigan, Sean S.; Perry, Jake (2012). Cyberspaces and global affairs. Farnham, Surrey: Ashgate. ISBN 9781409427544.
- Gaycken, Sandro. (2012). Cyberwar – Das Wettrüsten hat längst begonnen. Goldmann/Randomhouse. ISBN 978-3442157105
- Geers, Kenneth. (2011). Strategic Cyber Security. NATO Cyber Centre. Strategic Cyber Security, ISBN 978-9949-9040-7-5, 169 pages
- Shane Harris (2014). @War: The Rise of the Military-Internet Complex. Eamon Dolan/Houghton Mifflin Harcourt. ISBN 978-0544251793.
- Hunt, Edward (2012). "US Government Computer Penetration Programs and the Implications for Cyberwar". IEEE Annals of the History of Computing. 34 (3): 4–21. doi:10.1109/mahc.2011.82.
- Janczewski, Lech; Colarik, Andrew M. Cyber Warfare and Cyber Terrorism IGI Global (2008)
- Rid, Thomas (2011) "Cyber War Will Not Take Place," Journal of Strategic Studies, doi:10.1080/01402390.2011.608939
- Ventre, D. (2007). La guerre de l'information. Hermes-Lavoisier. 300 pages
- Ventre, D. (2009). Information Warfare. Wiley – ISTE. ISBN 978-1-84821-094-3
- Ventre, D. (Edit.) (2010). Cyberguerre et guerre de l'information. Stratégies, règles, enjeux. Hermes-Lavoisier. ISBN 978-2-7462-3004-0
- Ventre, D. (2011). Cyberespace et acteurs du cyberconflit. Hermes-Lavoisier. 288 pages
- Ventre, D. (Edit.) (2011). Cyberwar and Information Warfare. Wiley. 460 pages
- Ventre, D. (2011). Cyberattaque et Cyberdéfense. Hermes-Lavoisier. 336 pages
- Ventre, D. (Edit.) (2012). Cyber Conflict. Competing National Perspectives. Wiley-ISTE. 330 pages
- Woltag, Johann-Christoph: 'Cyber Warfare' in Rüdiger Wolfrum (Ed.) Max Planck Encyclopedia of Public International Law (Oxford University Press 2012).
- Clarke, Richard A. Cyber War, HarperCollins (2010) ISBN 9780061962233
- Blitz, James (1 November 2011). "Security: A huge challenge from China, Russia and organised crime". Financial Times. Retrieved 6 June 2015.
- Arquilla, John (1999). "Can information warfare ever be just?". Ethics and Information Technology. 1 (3): 203–212. doi:10.1023/A:1010066528521.
- Collins, Sean (April 2012). "Stuxnet: the emergence of a new cyber weapon and its implications". Journal of Policing, Intelligence and Counter Terrorism. 7 (1). Retrieved 6 June 2015.
- "Critical infrastructure vulnerable to attack, warns cyber security expert". gsnmagazine.com. Government Security News. 2014. Retrieved 6 June 2015.
- Maniscalchi, Jago (4 September 2011). "What is Cyberwar?". Retrieved 6 June 2015.
- Lynn, William J. III. "Defending a New Domain: The Pentagon's Cyberstrategy", Foreign Affairs, Sept/Oct. 2010, pp. 97–108
- Clapper, James R. "Worldwide Threat Assessment of the US Intelligence Community ", Senate Armed Services Committee, Feb. 26, 2015 p. 1
- Lisa Lucile Owens, Justice and Warfare in Cyberspace, The Boston Review (2015), available at 
- Poole-Robb, Stuart. "Turkish blackout sparks fears of cyber attack on the West", ITProPortal.com, May 19, 2015
- "Cyberattacks, Terrorism Top U.S. Security Threat Report". NPR.org. 12 March 2013.
- "A Note on the Laws of War in Cyberspace", James A. Lewis, April 2010
- Rayman, Noah (December 18, 2013). "Merkel Compared NSA To Stasi in Complaint To Obama". Time. Retrieved February 1, 2014.
- Devereaux, Ryan; Greenwald, Glenn; Poitras, Laura (May 19, 2014). "Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas". The Intercept. First Look Media. Retrieved May 21, 2014.
- Schonfeld, Zach (May 23, 2014). "The Intercept Wouldn’t Reveal a Country the U.S. Is Spying On, So WikiLeaks Did Instead". Newsweek. Retrieved May 26, 2014.
- Bodmer, Kilger, Carpenter, & Jones (2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. New York: McGraw-Hill Osborne Media. ISBN 0071772499, ISBN 978-0071772495
- Sanders, Sam (4 June 2015). "Massive Data Breach Puts 4 Million Federal Employees' Records At Risk". NPR. Retrieved 5 June 2015.
- Liptak, Kevin (4 June 2015). "U.S. government hacked; feds think China is the culprit". CNN. Retrieved 5 June 2015.
- "Clarke: More defense needed in cyberspace" HometownAnnapolis.com, 24 September 2010
- "Malware Hits Computerized Industrial Equipment". The New York Times, 24 September 2010
- Shiels, Maggie. (9 April 2009) BBC: Spies 'infiltrate US power grid'. BBC News. Retrieved 8 November 2011.
- Meserve, Jeanne (8 April 2009). "Hackers reportedly have embedded code in power grid". CNN. Retrieved 8 November 2011.
- "US concerned power grid vulnerable to cyber-attack". In.reuters.com (9 April 2009). Retrieved 8 November 2011.
- Gorman, Siobhan. (8 April 2009) Electricity Grid in U.S. Penetrated By Spies. The Wall Street Journal. Retrieved 8 November 2011.
- NERC Public Notice. (PDF). Retrieved 8 November 2011.
- Xinhua: China denies intruding into the U.S. electrical grid. 9 April 2009
- 'China threat' theory rejected. China Daily (9 April 2009). Retrieved 8 November 2011.
- ABC News: Video. ABC News. (20 April 2009). Retrieved 8 November 2011.
- Disconnect electrical grid from Internet, former terror czar Clarke warns. The Raw Story (8 April 2009). Retrieved 8 November 2011.
- "White House Cyber Czar: ‘There Is No Cyberwar’". Wired, 4 March 2010
- "Cyber-War Nominee Sees Gaps in Law", The New York Times, 14 April 2010
- Cyber ShockWave Shows U.S. Unprepared For Cyber Threats. Bipartisanpolicy.org. Retrieved 8 November 2011.
- Drogin, Bob (17 February 2010). "In a doomsday cyber attack scenario, answers are unsettling". Los Angeles Times.
- Ali, Sarmad (16 February 2010). "Washington Group Tests Security in 'Cyber ShockWave'". The Wall Street Journal.
- Cyber ShockWave CNN/BPC wargame: was it a failure?. Computerworld (17 February 2010). Retrieved 8 November 2011.
- Steve Ragan Report: The Cyber ShockWave event and its aftermath. The Tech Herald. 16 February 2010
- Lee, Andy (1 May 2012). "International Cyber Warfare: Limitations and Possibilities". Jeju Peace Institute.
- U.S. Navy Recruiting - Cyber Warfare Engineer.
- Denning, D. E. (2008). The ethics of cyber conflict. The Handbook of Information and Computer Ethics. 407–429.
- "Google Attack Is Tip Of Iceberg", McAfee Security Insights, 13 January 2010
- Government-sponsored cyberattacks on the rise, McAfee says. Network World (29 November 2007). Retrieved 8 November 2011.
- "US embassy cables: China uses access to Microsoft source code to help plot cyber warfare, US fears". The Guardian. London. 4 December 2010. Retrieved 31 December 2010.
- "How China will use cyber warfare to leapfrog in military competitiveness". Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies. 8 (1 [October 2008]). p. 37. Retrieved January 2013. Check date values in:
- "China to make mastering cyber warfare A priority (2011)". Washington, D.C.: NPR. Retrieved January 2013. Check date values in:
- "How China will use cyber warfare to leapfrog in military competitiveness". Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies. 8 (1 [October 2008]). p. 42. Retrieved January 2013. Check date values in:
- "How China will use cyber warfare to leapfrog in military competitiveness". Culture Mandala: The Bulletin of the Centre for East-West Cultural and Economic Studies. 8 (1 [October 2008]). p. 43. Retrieved January 2013. Check date values in:
- "Washington, Beijing In Cyber-War Standoff". Yahoo! News. 12 February 2013. Retrieved January 2013. Check date values in:
- Etzioni, Amitai (20 September 2013). "MAR: A Model for US-China Relations", The Diplomat.
- "Germany's 60-person Computer Network Operation (CNO) unit has been practicing for cyber war for years."
- "Hackers wanted to man front line in cyber war", The Local, 24 March 2013
- "Germany to invest 100 million euros on internet surveillance: report", Kazinform, 18 June 2013
- "Beware of the bugs: Can cyber attacks on India's critical infrastructure be thwarted?". BusinessToday. Retrieved January 2013. Check date values in:
- "5 lakh cyber warriors to bolster India's e-defence". The Times of India. India. 16 October 2012. Retrieved 18 October 2012.
- "Iran's military is preparing for cyber warfare". Flash//CRITIC Cyber Threat News. Retrieved 18 March 2015.
- Lee, Se Young. "South Korea raises alert after hackers attack broadcasters, banks". Global Post. Retrieved 6 April 2013.
- Kim, Eun-jung. "S. Korean military to prepare with U.S. for cyber warfare scenarios". Yonhap News Agency. Retrieved 6 April 2013.
- "Nationaal Cyber Security Centrum – NCSC".
- "Defensie Cyber Strategie".
- "Cyber commando".
- "Al Qaeda rocked by apparent cyberattack. But who did it?". The Christian Science Monitor.
- "Attack the City: why the banks are 'war gaming'".
- "Wall Street banks learn how to survive in staged cyber attack". Reuters. 21 October 2013.
- American Forces Press Service: Lynn Explains U.S. Cybersecurity Strategy. Defense.gov. Retrieved 8 November 2011.
- "Pentagon to Consider Cyberattacks Acts of War". The New York Times. 31 May 2006
- Dilanian, Ken. "Cyber-attacks a bigger threat than Al Qaeda, officials say", Los Angeles Times, 12 March 2013
- "Intelligence Chairman: U.S. Fighting Cyber War ‘Every Day’", PJ Media, 29 July 2013
- "Cyberwar: War in the Fifth Domain" Economist, 1 July 2010
- The Lipman Report, 15 October 2010
- Clarke, Richard. "China's Cyberassault on America", The Wall Street Journal, 15 June 2011
- "Cyberwarrior Shortage Threatens U.S. Security". NPR, 19 July 2010
- "U.S. military cyberwar: What's off-limits?" CNET, 29 July 2010
- "US Launched Cyber Attacks on Other Nations". RT, 26 January 2012.
- Sanger, David E. "Obama Order Sped Up Wave of Cyberattacks Against Iran." The New York Times, 1 June 2012.
- ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People’s Republic of China 2010. US Defense Department (PDF). Retrieved 8 November 2011.
- AP: Pentagon takes aim at China cyber threat Archived 23 August 2010 at the Wayback Machine
- "The Joint Operating Environment", Joint Forces Command, 18 February 2010, pp. 34–36
- A Bill. To amend the Homeland Security Act of 2002 and other laws to enhance the security and resiliency of the cyber and communications infrastructure of the United States.. Senate.gov. 111th Congress 2D Session
- Senators Say Cybersecurity Bill Has No 'Kill Switch', Information Week, 24 June 2010. Retrieved 25 June 2010.
- Satter, Raphael. "US general: We hacked the enemy in Afghanistan.". Associated Press, 24 August 2012.
- DOD – Cyber Counterintelligence. Dtic.mil. Retrieved 8 November 2011.
- Pentagon Bill To Fix Cyber Attacks: ,0M. CBS News. Retrieved 8 November 2011.
- "Senate Legislation Would Federalize Cybersecurity". The Washington Post. Retrieved 8 November 2011.
- "White House Eyes Cyber Security Plan". CBS News (10 February 2009). Retrieved 8 November 2011.
- CCD COE – Cyber Defence. Ccdcoe.org. Retrieved 8 November 2011.
- Associated Press (11 May 2009) FBI to station cybercrime expert in Estonia. Boston Herald. Retrieved 8 November 2011.
- Reed, John. "Is the 'holy grail' of cyber security within reach?". Foreign Policy Magazine, 6 September 2012.
- Carroll, Chris. "US can trace cyberattacks, mount pre-emptive strikes, Panetta says". Stars and Stripes, 11 October 2012.
- "Latest viruses could mean ‘end of world as we know it,’ says man who discovered Flame", The Times of Israel, 6 June 2012
- "Cyber espionage bug attacking Middle East, but Israel untouched — so far", The Times of Israel, 4 June 2013
- Rid, Thomas (October 2011). "Cyber War Will Not Take Place". Journal of Strategic Studies. 35: 5–32. doi:10.1080/01402390.2011.608939. Retrieved 21 October 2011.
- Deibert, Ron (2011). "Tracking the emerging arms race in cyberspace". Bulletin of the Atomic Scientists. 67 (1): 1–8. doi:10.1177/0096340210393703.
- Sommer, Peter (January 2011). "Reducing Systemic Cybersecurity Risk" (PDF). OECD Multi-Displinary Issues. Retrieved 21 May 2012.
- Gaycken, Sandro (2010). "Cyberwar – Das Internet als Kriegsschauplatz".
- Mathew J. Schwartz (21 November 2011). "Hacker Apparently Triggers Illinois Water Pump Burnout". InformationWeek.
- Kim Zetter (30 November 2011). "Exclusive: Comedy of Errors Led to False ‘Water-Pump Hack’ Report". Wired.
- U.S. drone and predator fleet is being keylogged. Wired, October 2011. Retrieved 6 October 2011
- Hennigan, W.J. "Air Force says drone computer virus poses 'no threat'". Los Angeles Times, 13 October 2011.
- "SK Hack by an Advanced Persistent Threat" (PDF). Command Five Pty Ltd. Retrieved 24 September 2011.
- Jim Finkle (3 August 2011). "State actor seen in "enormous" range of cyber attacks". Reuters. Retrieved 3 August 2011.
- "Hacked by 'Pakistan cyber army', CBI website still not restored". Ndtv.com (4 December 2010). Retrieved 8 November 2011.
- "36 government sites hacked by ‘Indian Cyber Army’". The Express Tribune. Retrieved 8 November 2011.
- Britain faces serious cyber threat, spy agency head warns. The Globe and Mail (13 October 2010). Retrieved 8 November 2011.
- AFP (1 October 2010). Stuxnet worm brings cyber warfare out of virtual world. Google. Retrieved 8 November 2011.
- Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on. Ted.com. Retrieved 8 November 2011.
- Sudworth, John. (9 July 2009) "New cyberattacks hit South Korea". BBC News. Retrieved 8 November 2011.
- Williams, Martin. UK, Not North Korea, Source of DDOS Attacks, Researcher Says. PC World.
- Danchev, Dancho (11 August 2008). "Coordinated Russia vs Georgia cyberattack". ZDNet. Retrieved 25 November 2008.
- Website of Kyrgyz Central Election Commission hacked by Estonian hackers, Regnum, 14 December 2007
- Fulghum, David A. "Why Syria's Air Defenses Failed to Detect Israelis", Aviation Week & Space Technology, 3 October 2007. Retrieved 3 October 2007.
- Fulghum, David A. "Israel used electronic attack in air strike against Syrian mystery target", Aviation Week & Space Technology, 8 October 2007. Retrieved 8 October 2007.
- "War in the fifth domain. Are the mouse and keyboard the new weapons of conflict?". The Economist. 1 July 2010. Retrieved 2 July 2010.
Important thinking about the tactical and legal concepts of cyber-warfare is taking place in a former Soviet barracks in Estonia, now home to NATO's "centre of excellence" for cyber-defence. It was established in response to what has become known as "Web War 1", a concerted denial-of-service attack on Estonian government, media and bank web servers that was precipitated by the decision to move a Soviet-era war memorial in central Tallinn in 2007.
- Estonia accuses Russia of 'cyber attack'. The Christian Science Monitor. (17 May 2007). Retrieved 8 November 2011.
- Ian Traynor, 'Russia accused of unleashing cyberwar to disable Estonia", The Guardian, 17 May 2007
- Boyd, Clark. (17 June 2010) "Cyber-war a growing threat warn experts". BBC News. Retrieved 8 November 2011.
- Scott J. Shackelford, From Nuclear War to Net War: Analogizing Cyber Attacks in International Law, 27 Berkeley J. Int'l Law. 192 (2009).
- "Israel Adds Cyber-Attack to IDF", Military.com, 10 February 2010
- Russian Embassy to the UK . Retrieved 25 May 2012.
- Tom Gjelten (23 September 2010). "Seeing The Internet As An 'Information Weapon'". NPR. Retrieved 23 September 2010.
- Gorman, Siobhan. (4 June 2010) WSJ: U.S. Backs Talks on Cyber Warfare. The Wall Street Journal. Retrieved 8 November 2011.
- Sean Gallagher, US, Russia to install "cyber-hotline" to prevent accidental cyberwar, Arstechnica, 18 June 2013
- Український центр політичного менеджменту – Зміст публікації – Конвенция о запрещении использования кибервойны. Politik.org.ua. Retrieved 8 November 2011.
|Wikibooks has a book on the topic of: The Information Age|
- Bodmer, Kilger, Carpenter, & Jones (2012). Reverse Deception: Organized Cyber Threat Counter-Exploitation. New York: McGraw-Hill Osborne Media. ISBN 0071772499, ISBN 978-0071772495
- NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)
- Cyberwar Twitter feed from Richard Stiennon
- "Sabotaging the System" video, "60 Minutes", 8 November 2009, CBS News, 15 minutes
- ABC: Former White House security advisor warns of cyber war
- Wall Street Journal: Fighting Wars in Cyberspace
- Will There Be An Electronic Pearl Harbor, PC World by Ira Winkler, 1 December 2009
- Senate panel: 80 percent of cyberattacks preventable, Wired, 17 November 2009
- Consumer Reports Online Security Guide
- Cyberwarfare reference materials
- Duncan Gardham, 26 June 2009, Hackers recruited to fight 'new cold war', Telegraph UK
- Stefano Mele, Jun 2013, Cyber-Weapons: Legal and Strategic Aspects (version 2.0)
- Stefano Mele, 30 September 2010, Cyberwarfare and its damaging effects on citizens
- History of Cyber Warfare
- Cybersecurity: Authoritative Reports and Resources, US Congressional Research Service
- Why the USA is Losing The Cyberwar Against China, by Joseph Steinberg, VentureBeat, 9 November 2011
- Michael Riley and Ashlee Vance, 20 July 2011, Cyber Weapons: The New Arms Race
- The Digital Arms Race: NSA Preps America for Future Battle, Der Spiegel, January 2015