Andrada, Mark Anthony: Preventing Cyberwar

A. INTRODUCTION

Over the past years, supposed attacks on government websites of Estonia, the United Kingdom, the Philippines, and other countries were reported. Cyber warriors are believed to have perpetuated government website take downs and defacement.

In Estonia, a series of attacks, allegedly perpetrated by Russia, were directed against the websites of its parliament, broadcasting networks, and banks. The attack supposedly sparked after Estonia moved a Soviet War Memorial in Talinn. For Estonia, the memorial symbolized Soviet occupation of the Baltic state. For Russia, it is a tribute to the fallen soldiers in World War II, thus sacred to the soldiers’ memories.

Another incident of cyber attack was in Jerusalem. An article titled “Pings and E-Arrows Fly in Mideast Cyber-War” was originally posted at http://www.washingtonpost.com by Lee Hockstader . As mentioned in the article, “the Web site of Hezbollah, the militantly anti-Zionist Islamic guerrilla movement, was hacked allegedly by Israeli hackers wherein the Hezbollah home page, would show the Israeli flag, Hebrew text and a slightly tinny piano recording of ‘Hatikva,’ the Israeli national anthem. Arabs struck back with a fury, apparently led by pro-Palestinian cyber-soldiers in the United States. In a sustained, coordinated counterattack, Web sites of the Israeli army, Foreign Ministry, prime minister and parliament, among others, have been staggered by a barrage of hundreds of thousands–possibly millions–of hostile electronic signals.” [1]

In the Philippines, several government websites including those of the Land Transportation Office and the Department of Health were also victims of defacement cyber attack. Also several years back, a Filipino invented the Love Bug virus which infected millions of computers worldwide. Although it could be said that such act may not be considered cyberwar, the fact that it crippled government and business computers in Asia, Europe, and the United States, makes it alarming and necessitates an action to deter future infiltration of government and business facilities which may threaten both national and global security.

As early as 2001, news stories pertaining to a Cyberwar between the United States (U.S.) and the Peoples’ Republic of China came out. There are claims that Chinese hackers have shifted to a new level of cyberwar: they have supposedly organized themselves and attacked a dozen of U.S. websites. In retaliation, a group of U.S. hackers defaced several Chinese websites and called on other hackers to join the war against China. [2] This only concludes that from the traditional cyberwar engaged by the governments, particularly its military and intelligence units, civilian hackers have also joined the battlefield.

Recently, the United Nations opined that a treaty is necessary to prevent cyber attacks from escalating into all-out-wars. Considering particularly the notion that cyberwar has turned into a coordinated cyber gang warfare, as in the case of U.S. and Chinese hackers, and given the possibility of certain states tolerating such hacker groups, whose purpose is to attack or humiliate enemy states, it is imperative to come up with international agreements ensuring that no state shall tolerate such activities.

B. DEFINITION OF CYBERWAR

“Cyberwar is the use of computers and the internet in conducting warfare in cyberspace. [3]” “It is also defined as an act of hostility carried out on the Internet against national interests or ethnic groups. [4]” “Cyber warfare terrain includes all aspects of the Internet from the backbones of the web, to the Internet Service Providers, to the varying types of data communication mediums and network equipment. [5]” Cyberwar attacks vary from espionage, Web Vandalism, equipment disruption, public utilities and infrastructure attacks, and virus distributions, all with an end either to humiliate, disturb, disrupt or cripple the system of an enemy state.

To explain a few, below is an enumeration of the several methods of attack in cyberwarfare;

“Cyber espionage: Cyber espionage is the act or practice of obtaining secrets (sensitive, proprietary or classified information) from individuals, competitors, rivals, groups, governments and enemies also for military, political, or economic advantage using illegal exploitation methods on internet, networks, software and or computers.

Web vandalism: Attacks that deface web pages, or denial-of-service (DoS) attacks. This is normally swiftly combated and of little harm.

Propaganda: Political messages can be spread through or to anyone with access to the internet or any device that receives digital transmissions from the Internet to include cell phones, PDAs, etc.

Gathering data: Classified information that is not handled securely can be intercepted and even modified, making espionage possible from the other side of the world.

Distributed Denial-of-Service Attacks: Large numbers of computers controlled by one person launch a DoS attack against systems. The overwhelming number of attempted accesses crowds out legitimate users who need to access the service.

Equipment disruption: Military activities that use computers and satellites for coordination are at risk from this type of attack. Orders and communications can be intercepted or replaced, putting soldiers at risk.

Attacking critical infrastructure: Power, water, fuel, communications, commercial and transportation are all vulnerable to a cyber attack.

Compromised Counterfeit Hardware: Common hardware used in computers and networks that have malicious software hidden inside the software, firmware or even the microprocessors.” [6]

C. PROBLEMS AND RECOMMENDATION

Cyberwar is definitely not merely a local or national threat, but an international one. The bottom line is to come up with international agreements and legislation criminalizing attacks on Web sites. Considering the colossal threat not only to National Security but to the whole world that cyberwar has brought us, there is a need for a strong counter measure to cut and eliminate cyberwar.

Similar to terrorist attacks, cyberwar can be launched stealthily and cripple governments with just the push of a button. The worst thing is that in the cyber terrain, there are a lot of places to hide, and sometimes, it is impossible to detect and apprehend the perpetrators. At the very least, one of the major obstacles to prevent cyberwar is to catch the perpetrator. Locating and capturing the cyberwarrior are two different things. Although in certain cases, it is possible to get the exact location of the perpetrator, capturing the same is a different and difficult thing to do especially if the said attacker is in another state, much more, if it is an enemy state. We will be facing another country harboring a criminal, but without resorting to hostility, there is nothing more that another state can do. Even when the attack clearly qualifies as a cyber attack, and the culprit could be identified, questions of independence and sovereignty would come in the way of enforcing the culprit’s arrest.

At present, an internationally accepted practice by the international community is entering into extradition treaties. Extradition is generally defined as an “international agreement in which the Requested State agrees, at the request of the Requesting State and under specified conditions, to turn over persons who are within its jurisdiction and who are charged with crimes against, or are fugitives from, the Requesting State. [7]

The Philippines follows the principle of territoriality in criminal offenses. However, Article 2 of the Revised Penal Code provides that:

Art. 2. Application of its provisions. — Except as provided in the treaties and laws of preferential application, the provisions of this Code shall be enforced not only within the Philippine Archipelago, including its atmosphere, its interior waters and maritime zone, but also outside of its jurisdiction, against those who:

  1. Xxx…
  2. Xxx…
  3. Xxx…
  4. Xxx…
  5. Should commit any of the crimes against national security and the law of nations, defined in Title One of Book Two of this Code.

Cyberwar may fall squarely within the ambit of crimes against national security. Thus, prosecution of the crime may be pursued even if committed outside the territory of the Philippines. This would likewise answer the question of propriety of an extradition since two of the basic elements of extradition are (1) the dual criminality rule, and (2) that the person to be extradited is a fugitive for a crime committed within the jurisdiction of the requesting state. Thus, if the perpetrator has committed a crime against the national security of the Philippines, such as cyberwar, the Philippines could request for the extradition of the said culprit assuming he is located in a country where cyberwar is also a crime, and with which the Philippines has an existing extradition treaty.

At present, the Philippines has extradition treaties with other countries such as the United States. So another question that needs to be answered is how to deal with perpetrators based in countries where extradition treaties are not present. Another is how to deal with perpetrators from those countries that refuse to deliver the culprit. We must consider that cyberwar is a war. A conflict of a state against a state, and it is possible that the culprit may be protected or harbored by the enemy state. The effects of cyberwar has no difference to hostilities launched in the past for refusal of certain countries to comply with demands of the international community, such as the nuclear weapon inspection in Iraq, and the apprehension of Osama Bin Laden in Afghanistan. These hostilities may again happen absent an effective international consensus on dealing with cyberwar.

This is primarily the reason why the recent cyber attack in Estonia highlighted the European Union and North Atlantic Treaty Organization’s (NATO) mission to come to a members aid. Although in 2002, NATO has established already its own cyber defense program. But after Estonia, it was clear that the same is not enough to aid its single member nations’ cyber defenses. The series of attacks in Estonia undoubtedly called for a change on the rules on cyberwar. NATO has to look not only in protecting its own network, but of its single members as well. Subsequently, NATO established the NATO Cooperative Cyber Defense Center for Excellence wherein experts from different members come together to develop plans to prevent, detect, and fight cyber attacks. [8]

Early this year, the International Telecommunication Union (ITU) Secretary General Hamadoun Toure calls for the need for an international treaty to prevent cyber war. The ITU is the United Nations’ main communications and technology agency. [9] On January 30, 2010, Google News quoted Toure: “‘A cyber war would be worse than a tsunami — a catastrophe,’ the UN official said, highlighting examples such as attacks on Estonia last year. He proposed an international accord, adding: ‘The framework would look like a peace treaty before a war.’ Countries should guarantee to protect their citizens and their right to access to information, promise not to harbour cyber terrorists and ‘should commit themselves not to attack another.’” [10]

Up to the present time, there are still antagonists to the idea that treaties could prevent cyberwar. This is primarily anchored on issues of sovereignty and independence of States. These issues, however, have long been resolved as a minor significance to member states conforming to the universally accepted principles of international law. Though it is worth noting that last June 27, 2009, the New York Times published an article titled “U.S. and Russia Differ on a Treaty for Cyberspace.” [11] In the said article, although the United States and Russia are in agreement of the pressing need to address cyberwar, both countries are stalled on how to counter growing threats of cyberwar. On the other hand, while Russia favors an international treaty, U.S. argues that a treaty is unnecessary.

Though at face, it implies a negative assessment on the effectiveness of treaties preventing cyberwar, it however only shows the intricacy of international law. But in no way will this suggest that a treaty or international accord is definitely not the way to prevent cyberwar.

To quote the differing positions of both countries: “Russia favors an international treaty along the lines of those negotiated for chemical weapons and has pushed for that approach at a series of meetings this year and in public statements by a high-ranking official. The United States argues that a treaty is unnecessary. It instead advocates improved cooperation among international law enforcement groups. If these groups cooperate to make cyberspace more secure against criminal intrusions, their work will also make cyberspace more secure against military campaigns, American officials say.” [12]

The said article also mentions that the United States is preparing to create a military command to prepare for both cyberattacks. President Barrack Obama was quoted releasing his cyber security strategy and said that “he would appoint a “cybersecurity coordinator” to lead efforts to protect government computers, the air traffic control system, and other essential systems. The administration also emphasizes the benefits of building international cooperation.” [13]

As can be adduced from the positions of both countries, one thing common is the participation and cooperation of the international community. Whether be it in a form of a bilateral or multilateral treaty or an international agreement, what is important is the cooperation of all members of the international community. If the U.S. position is more of cooperation on enforcement rather than entering into an agreement, such enforcement may further be assured and strengthened by virtue of an international agreement.

Moreover, at present, this differing view of the United States may no longer be an issue. As quoted in an article titled “Treaty Could Help Prevent Cyber Wars” [14]: “Susan Collins, a US Republican senator who sits on several Senate military and home affairs committees, feels the prospect of a cyber attack sparking a war is now being considered in the United States.” [15]

In quoting Craig Mundie, Chief Research and Strategy Officer for Microsoft, “[h]e expressed the growing need to secure and police the net in order to clamp down on fraud, espionage and the spread of viruses.” He further added that “[w]e need a kind of World Health Organization for the Internet” and emphasized that internet users should get “driver’s licenses. If you want to drive a car you have to have a license to say that you are capable of driving a car, the car has to pass a test to say it is fit to drive and you have to have insurance. People don’t understand the scale of criminal activity on the internet. Whether criminal, individual or nation states, the community is growing more sophisticated.” [16]

History tells us that every time a new kind of war is born, the international community reacts by developing guidelines through treaty or convention. For instance, the United Nations Convention on Law of the Seas existed first as a customary law that governed actions on the seas. [17] Also, as an off-shoot of the first World War, the Hague Rules of Aerial Warfare was drafted after by the international community. Although not ratified, it existed as a customary law since the articles thereof conformed to customary international standards. [18] And now, with the advent of technology and the internet, another type of war was formed in the vast terrain of cyberspace. The series of successful attacks of vital governmental, commercial and business systems of different countries, most of which rely on their internet connection to run, proves the international community’s insecurity to the perpetrators of this new-age war, unless the international community would again react and come up with a global measure to deter these attacks.

At present, there is no international concord in place to govern an individual or a state’s actions in cyberspace. The individual country’s effort to deter cybercrime is not sufficient. Prevention of cyberwar is a collective effort and could be achieved not by one or two states alone, but by the whole international community. Cyberwar can be staged internationally and certain elements thereof concur not in just one but several countries. To prevent cyberwar, cyberattacks must be declared illegal, must be recognized internationally as an act of war, and apprehension of its culprits must be made possible, which includes locating and identifying the attacker, and identifying what to sanction and who will execute the sanction.

The pressing need for an international agreement to prevent and detect cyberwar, and to apprehend the perpetrators and enforce sanctions upon them, thereof becomes higher and higher each day. The number of attacks is growing, and the culprits could not be apprehended. The international community must come up with a concrete framework on how it should be done, how to enforce its provisions, and sanction the culprit and its protector, whether it be an individual, an organization, or a State.

Although it could be noticed that the discussions made herein dwell on incidents outside the Philippines, said incidents should be enough to alarm the country and the international community about the possible devastating and crippling effects of cyberwar. As mentioned earlier, the Philippines has also been a victim of government website defacement. Although not concretely defined as cyberwar, since no exact definition has been conjured yet, this only proves the Philippine systems vulnerability to such attacks. Thus, the Philippines needs to participate and cooperate with the international community in preventing this act on becoming an all-out-war. If cyberwar could be staged against highly developed countries with complete facilities to counter these attacks, the Philippines, with its poor and insecure cyber defense system, is more prone and vulnerable to such cyber attacks.


Endnotes

[1] http://www.c4i.org/cyber-war.html

[2] http://www.wired.com/politics/law/news/2001/04/43437

[3] http://en.wikipedia.org/wiki/Cyberwar

[4] http://www.encyclopedia.com/doc/1O999-cyberwar.html

[5] Ibid 3

[6] Ibid 3

[7] http://www.lawphil.net/international/treaties/extrad.html

[8] http://www.youtube.com/watch?v=z4PGfZvIeeo&feature=PlayList&p=F9C41BF7FBD5CAD8&playnext_from=PL&playnext=1&index=9 (4:48)

[9] UN Chief calls for treaty to prevent cyberwar, http://www.google.com/hostednews/afp/article/ALeqM5h8Uvk-jpSvCWT-bqYSg1Ws4I4yAA, January 30, 2010.

[10] Ibid

[11] http://www.nytimes.com/2009/06/28/world/28cyber.html?_r=1

[12] Ibid

[13] Ibid

[14] http://www.red orbit.com/news/technology/1816280/treaty_could_help_prevent_cyber_wars/, February 1, 2010

[15] Ibid

[16] Ibid

[17] James B. Morell, The Law of the Sea: The 1982 Treaty and Its Rejection by the United
States, (London, UK: McFarland, 1992).

[18] Richard H. Wyman, “The First Rules of Air Warfare,” Air University Review, March-April
1984, (Maxwell AFB, AL: Air University Press, 1984), http://www.airpower.maxwell.af.mil/airchronicles/aureview/1984/mar-apr/wyman.html, (accessed
April 11, 2010).

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: