Advertisement

Security Journal

, Volume 27, Issue 4, pp 374–398 | Cite as

Digital information warfare trends in Eurasia

  • Aunshul Rege
Original Article

Abstract

The rapid proliferation of information and communications technologies has improved the means to record and transmit information. Not surprisingly, this digitized information can be exploited, corrupted, denied or destroyed electronically, resulting in digital information warfare (DIW). This article examines politically motivated cyberattacks in Eurasia to conduct DIW trend analyses. Document analysis is conducted on 86 documents dated from 1995 to 2011. The article goes beyond traditional DIW research on criminal organization and attack complexity by adding four new DIW components: division of labor, alliances, communication and physical elements. It generates a discussion of whether any of these components are connected, more prominent or exhibits a temporal order. The article also examines several factors that sustain and promote DIW, discusses practical lessons that can be learned from DIW in Eurasia, and offers suggestions for further research.

Keywords

cybercrime information warfare critical infrastructure criminal networks terrorism 

Notes

Acknowledgements

The author thanks Dr Ronald Clarke for his insightful comments that run throughout this article. Any shortcomings, however, are the author's.

References

  1. Alberts, D. (1996) Defensive Information Warfare. Washington DC: National Defense University.Google Scholar
  2. BBC (British Broadcasting Corporation). (2002) Pro-Islamic hackers join forces, http://news.bbc.co.uk/1/hi/sci/tech/2052320.stm, accessed 6 June 2009.
  3. BBC. (2011) US and Israel were behind Stuxnet claims researcher, http://www.bbc.co.uk/news/technology-12633240, accessed 17 August 2011.
  4. Billo, C. and Chang, W. (2004) Cyber Warfare: An Analysis of the Means and Motivations of Selected Nation States. Hanover, NH: Institute for Security Technology Studies at Dartmouth College.Google Scholar
  5. Blane, J.V. (2002) Cyberwarfare: Terror at a Click. New York: Novinka Books.Google Scholar
  6. Blum, J. (2005) Hackers target U.S. power grid: Government quietly warns utilities to beef up their computer security, http://www.washingtonpost.com/wp-dyn/articles/A25738-2005Mar10.html, accessed 20 November 2008.
  7. Bora, A. (2003) Worm warfare, http://www.rediff.com/search/2003/mar/17war.htm, accessed 10 December 2010.
  8. Bradbury, D. (2009) The fog of cyberwar, http://www.guardian.co.uk/technology/2009/feb/05/kyrgyzstan-cyberattack-internet-access, accessed 2 February 2009.
  9. Brenner, B. (2007) Experts doubt Russian government launched DDoS attacks, http://searchsecurity.techtarget.com/news/1255548/Experts-doubt-Russian-government-launched-DDoS-attacks, accessed 22 August 2012.
  10. Broad, W., Markoff, J. and Sanger, D. (2011) Israeli test on worm called crucial in Iran nuclear delay, http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html, accessed 17 August 2011.
  11. Byres, E. and Hoffman, D. (2004) The Myths and facts behind cyber security risks for industrial control systems. Paper presented at VDE 2004 Congress, VDE, Berlin, October 2004.Google Scholar
  12. Carr, J. (2010) Inside Cyber Warfare. Sebastopol, CA: O’Reilly Media.Google Scholar
  13. Cornish, P., Livingstone, D., Clemente, D. and Yorke, C. (2010) On cyber warfare. Chatham House, http://www.chathamhouse.org/sites/default/files/public/Research/International%20Security/r1110_cyberwarfare.pdf, accessed 5 January 2012.
  14. Council of Europe. (2004) Summary of the organized crime situation report 2004: Focus on the threat of cybercrime, http://www.coe.int/T/E/Legal_affairs/Legal_cooperation/Combating_economic_crime/Organised_crime/Documents/OrgCrimeRep2004Summ.pdf, accessed 15 October 2005.
  15. Danchev, D. (2009) Thousands of Israeli web sites under attack, http://www.zdnet.com/blog/security/thousands-of-israeli-web-sites-under-attack/2355, accessed 9 December 2010.
  16. Datz, T. (2004) Out of control. CSO Security and Risk, http://www.csoonline.com/read/080104/control.html, accessed 8 March 2006.Google Scholar
  17. Davis, J. (2007) Hackers take down the most wired country in Europe, http://www.wired.com/print/politics/security/magazine/15-09/ff_estonia, accessed 21 November 2008.Google Scholar
  18. DCSINT (Deputy Chief of Staff for Intelligence). (2006) Critical infrastructure, threats, and terrorism. Handbook No. 1.02, Fort Leavenworth, KS: DCSINT.Google Scholar
  19. Evron, G. (2008) Battling botnets and online mobs: Estonia's defense efforts during the internet war. Science & Technology IX (1): 121–126.Google Scholar
  20. Falliere, N., Murchu, L. and Chien, E. (2011) W32.Stuxnet Dossier. Version 1.4, http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf, accessed 18 August 2011.
  21. Foltz, C.B. (2004) Cyberterrorism, computer crime, and reality. Information Management & Computer Security 12 (2): 154–166.CrossRefGoogle Scholar
  22. Geers, K. (2009) The cyber threat to national critical infrastructures: Beyond theory. Information Security Journal: A Global Perspective 18 (1): 1–7.Google Scholar
  23. GoogleTech (Google Technology). (2008) Google searches more sites more quickly, delivering the most relevant results, http://www.google.com/technology/, accessed 27 December 2007.
  24. Gorman, S. (2009) Electricity grid in U.S. penetrated by spies, http://online.wsj.com/article/SB123914805204099085.html, accessed 1 June 2009.
  25. GTISC (Georgia Tech Information Security Center). (2009) Emerging Cyber Threats Report for 2009. Atlanta, GA: Georgia Institute of Technology.Google Scholar
  26. Haeni, R. (1997) Information warfare: An introduction, http://www.trinity.edu/rjensen/infowar.pdf, accessed 12 February 2010.
  27. Holt, T. and Kilger, M. (2012) Know your enemy: The social dynamics of hacking, https://honeynet.org/files/Holt%20and%20Kilger%20-%20KYE%20-%20The%20Social%20Dynamics%20of%20Hacking.pdf, accessed 10 June 2012.
  28. IBM. (2009) IBM Internet security systems: X-force threat insight quarterly. February 2009, http://www-935.ibm.com/services/us/iss/pdf/x-force/xftiq_08q4.pdf, accessed 6 June 2009.
  29. ICS-CERT (Industrial Control Systems – Cyber Emergency Response Team). (2011) ICS-CERT Incident response summary report, http://www.infosecisland.com/download/index/id/105.html, accessed 1 July 2012.
  30. Iwar.org.uk. (2003) Information warfare, http://www.iwar.org.uk/iwar/resources/wikipedia/information-warfare.htm, accessed 12 February 2010.
  31. Jenik, A. (2009) Cyberwar in Estonia and the Middle East, http://ezinearticles.com/?Cyberwar-in-Estonia-and-the-Middle-East&id=2401961, accessed 12 June 2009.
  32. Jordan, T. and Taylor, P. (1998) A sociology of hackers. The Sociological Review 46 (4): 757–780.CrossRefGoogle Scholar
  33. Keizer, G. (2009) Russian ‘cybermilitia’ knocks Kyrgyzstan offline, http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126947&intsrc=news_ts_head, accessed 8 February 2009.Google Scholar
  34. Krone, T. (2005) Hacking motives. Australian Institute of Criminology. High tech crime brief no. 6.Google Scholar
  35. Lemieux, V. (2003) Criminal networks, http://www.rcmp-grc.gc.ca/pubs/ccaps-spcca/crimi-web-eng.htm, accessed 22 August 2012.
  36. Libicki, M. (1995) What is Information Warfare, Washington DC: National Defense University, http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA367662, accessed 10 January 2010.
  37. Luiijf, E. (2008) SCADA Security Good Practices for the Drinking Water Sector. Netherlands Organization for Applied Scientific Research. The Netherlands: TNO Defence, Security and Safety.Google Scholar
  38. Mann, C. and Stewart, F. (2004) Introducing online methods. In: S.N. Hesse-Biber and P. Leavy (eds.) Approaches to Qualitative Research: A Reader on Theory and Practice. New York: Oxford University Press, pp. 367–401.Google Scholar
  39. Mann, D. and Sutton, M. (1998) Netcrime: More change in the organization of thieving. British Journal of Criminology 38 (2): 201–229.CrossRefGoogle Scholar
  40. Markoff, J. (2008) Before the gunfire, cyberattacks, http://www.nytimes.com/2008/08/13/technology/13cyber.html, accessed 21 November 2008.
  41. McAfee. (2005) McAfee virtual criminology report: North American study into organized crime and the Internet, http://www.mcafee.com/us/local_content/misc/mcafee_na_virtual_criminology_report.pdf, accessed 20 October 2005.
  42. McMullan, J. and Rege, A. (2007) Cyberextortion at online gambling sites: Criminal organization and legal challenges. Gaming Law Review 11 (6): 648–665.CrossRefGoogle Scholar
  43. McMullan, J. and Rege, A. (2010) Online crime and internet gambling. Journal of Gambling Issues 24: 54–85.CrossRefGoogle Scholar
  44. Messmer, E. (1999) Serb supporters sock it to NATO and U.S. computers, http://www.networkworld.com/news/1999/0405nato.html, accessed 20 November 2008.Google Scholar
  45. Moore, A., Cappelli, D., Caron, T., Shaw, E., Spooner, D. and Trzeciak, R. (2011) A preliminary model of insider theft of intellectual property, http://www.cert.org/archive/pdf/11tn013.pdf, accessed 10 June 2012.
  46. Mostaghim, R. (2008) IRAN: Hamas office declares cyber-war on Israel, http://latimesblogs.latimes.com/babylonbeyond/2008/10/iran-hamas-offi.html, accessed 17 June 2009.
  47. Moteff, J. (2005) Risk Management and Critical Infrastructure Protection: Assessing, Integrating, and Managing Threats, Vulnerabilities and Consequences. CRS Report for Congress, Order Code RL32561.Google Scholar
  48. Naraine, R., Danchev, D. and O'Donnell, A. (2008) Coordinated Russia vs Georgia cyberattack in progress, http://blogs.zdnet.com/security/?p=1670, accessed 21 November 2008.
  49. Neuman, L.W. (2003) Social Research Methods: Qualitative and Quantitative Approaches. Massachusetts: Allyn & Bacon.Google Scholar
  50. Newman, G. and Clarke, R. (2003) Superhighway Robbery: Preventing E-commerce Crime. Oregon: Willan Publishing.Google Scholar
  51. Nicholson, R. (2008) Critical Infrastructure Cybersecurity: Survey Findings and Analysis. Energy Insights, an IDC company. White Paper sponsored by Secure Computing, November.Google Scholar
  52. Paccagnella, L. (1997) Getting the seat of your pants dirty: Strategies for ethnographic research on virtual communities. Journal of Computer-Mediated Communication 3 (1), http://jcmc.indiana.edu/vol3/issue1/paccagnella.html, accessed 2 March 2007.
  53. Patterson, L.V. (2002) Information Operations and Asymmetric Warfare … Are We Ready? USAWC Strategy Research Project. United States Army War College, Carlisle Barracks, Pennsylvania.Google Scholar
  54. Project Grey Goose (PGG) (2008). Russia/Georgia Cyber War – Findings and Analysis. Project Grey Goose: Phase I Report.Google Scholar
  55. PGG. (2009) The Evolving State of Cyber Warfare. Project Grey Goose: Phase II Report.Google Scholar
  56. Rege, A. (2009) What's love got to do with it? Exploring online dating scams and identity fraud. International Journal of Cybercriminology 3 (2): 494–512.Google Scholar
  57. Rege-Patwardhan, A. (2009) Cybercrimes against critical infrastructures: A study of online criminal organization and techniques. Criminal Justice Studies 22 (3): 261–271.CrossRefGoogle Scholar
  58. Rinaldi, S. (2004) Modeling and simulating critical infrastructures and their interdependencies. Hawaii International Conference on System Sciences 2 (2), 2005, Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS’04) – Track 2, 2004, 5–8 January, Hawaii, USA.Google Scholar
  59. Rogers, M. (2005) The development of a meaningful hacker taxonomy: A two dimensional approach, https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2005-43.pdf, accessed 23 January 2007.
  60. Ronen, E. (2008) Israeli hackers penetrate Hamas website, http://www.ynet.co.il/english/articles/0,7340,L-3560756,00.html, accessed 1 June 2009.
  61. Sanger, D. (2012) Obama order sped up wave of cyberattacks against Iran, http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html, accessed 15 July 2012.
  62. Schloenhardt, A. (1999) Organised crime and the business of migrant trafficking. Crime, Law and Social Change 32 (3): 203–233.CrossRefGoogle Scholar
  63. Shachtman, N. (2009) Wage cyberwar against Hamas, surrender your PC, http://www.wired.com/dangerroom/2009/01/israel-dns-hack/, accessed 5 June 2009.
  64. SecureSynergy. (2003) Cyber attacks: Defending India's electronic frontiers, http://www.securesynergy.com/library/articles/039-2003.php, accessed 5 June 2009.Google Scholar
  65. Shaw, E. and Stock, H. (2011) Behavioral risk indicators of malicious insider theft of intellectual property: Misreading the writing on the wall, https://www4.symantec.com/mktginfo/whitepaper/21220067_GA_WP_Malicious_Insider_12_11_dai81510_cta56681.pdf, accessed 10 June 2012.
  66. Stamp, J., Dillinger, J., Young, W. and DePoy, J. (2003) Common vulnerabilities in critical infrastructure control systems, http://www.oe.netl.doe.gov/docs/prepare/vulnerabilities.pdf, accessed 27 August 2007.
  67. Standing, A. (2003) How can crime be organized? http://www.iss.co.za/Pubs/Monographs/No77/Chap2.html, accessed 11 October 2005.Google Scholar
  68. Stouffer, K., Falco, J. and Scarfone, K. (2011) NIST guide to industrial control systems (ICS) Security. National Institute of Standards and Technology. Computer Security Division, Computer Security Resource Center, June 2011 http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf, accessed 5 August 2011.
  69. Taylor, R.W., Caeti, T.J., Loper, D.K., Fritsch, E.J. and Liederbach, J. (2006) Digital Crime and Digital Terrorism. New Jersey: Pearson Education.Google Scholar
  70. Vatis, M. (2002) Cyber attacks: Protecting America's security against digital threats. Executive Session on Domestic Preparedness http://belfercenter.ksg.harvard.edu/files/vam02.pdf, accessed 20 January 2012.
  71. Verton, D. (2001) US–China cyberwar: Fact or fear-mongering? http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=60116, accessed 1 June 2009.Google Scholar
  72. Verton, D. (2003) Black Ice: The Invisible Threat of Cyber-Terrorism. California: McGraw-Hill.Google Scholar
  73. Wall, D.S. (2007) Cybercrime: The Transformation of Crime in the Information Age. UK: Polity Press.Google Scholar
  74. Weaver, N., Paxson, V., Staniford, S. and Cunningham, R. (2003) A taxonomy of computer worms, http://www.ll.mit.edu/mission/communications/ist/publications/031027_Weaver.pdf, accessed 22 August 2012.
  75. Williams, D. (2006) Israel holds couple in corporate espionage case. Computer World, 31 January 2006 http://www.computerworld.com/s/article/108225/Israel_holds_couple_in_corporate_espionage_case, accessed 8 March 2006.
  76. Yu, E. (2009) Israel brings Gaza airstrikes to the Web, http://news.cnet.com/8301-1023_3-10130565-93.html, accessed 15 May 2009.
  77. Zionismontheweb.org. (2006) Security experts forum: Team Evil, http://www.zionismontheweb.org/hackers/experts/team_evil.htm, accessed 10 December 2010.

Copyright information

© Palgrave Macmillan, a division of Macmillan Publishers Ltd 2012

Authors and Affiliations

  • Aunshul Rege
    • 1
  1. 1.Department of Criminal JusticeGladfelter Hall, 5th floor, Temple UniversityPhiladelphiaUSA

Personalised recommendations