L7 - cyber and space security Flashcards
intro shit
important point: it is really young, polsci and politicians don’t know that much about it
- you don’t have to know the details of how cyber works to apply it to traditional security
- basically take traditional concepts like war and put cyber in front of it (e.g. also not armageddon, but armaggedon)
if it is possible for a state to wage cybergeddon, why hasn’t it happened?
- similar to last weeks’ question on the possibility of a doomsday machine/bomb
- interconnectedness
- we don’t know the exact consequences
story: NORAD 1979 + 1980 (North American Aerospace Defense Command)
- soviet attack simulation in the computer -> computer started to respond = they stopped it in time, but still
- year later: yet again really close to sending bomb to SU
- simulation gets fed and people respond as if it is real, danger of escalation
- War Operation Plan Response (WOPR) that can simulate thousands of scenarios
-> nuclear demand control network largely of the grid + kept apart of AI for fear of such mistakes
!!cybersecurity is a recognition that human societies r going through sea of change in communications
what is cyberspace?
“global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers”
- stakeholders include businesses, gov agencies, civil society = we are all stakeholders
Cyber is best understood as a descriptive prefix, an adjective conveying the digital or computer-like nature of the noun to which it is attached
compare cyber (i.e. digital nature) with non-cyber (i.e. off the network grid)
- e.g. cash payments vs digital transfers
- e.g. hard copy vs soft copy
e.g. military concern: what happens if the GPS go down -> still learn how to read a map
cyberspace - the problem of translation
big diff in terminology and definitions (e.g. btwn US, Russia and China)
- US used to talk about ‘information warfare’, (esp 1990s) -> cyber increasingly used in the 2000s onwards
- Russia and China still focus on ‘information’ rather than ‘cyber’
however, even within govs there has been an evolution (e.g. US definitions from the early 2000s are diff from today)
these diff in translation have direct bearing on policy formulation
we use cyber bc it sounded more cool, it was basically a rebrand
cyber security, relevant terminology
Bot
DDOS (Distributed Denial of Service)
Deepfakes
Malware
Phishing and Spear Phishing
Ransomware
Social Engineering
Spyware
Trojan Horse
Trolls
Virus
Watering Hole
Worm
Zero day
cyber deterrence
= use of cyber operations to deter actions within other domains of conflict or the deterrence of adversary cyberspace operations within the cyber domain
- can threat of cyber ‘punishment’ deter conventional military aggression?
- can defensive cyber activities raise sufficient costs to make an adversary’s offensive cyber action prohibitively expensive?
- can offensive ‘retaliatory; cyber activities deter an adversary’s offensive cyber actions?
- can non-cyber threats of punishment deter an adversary’s cyber attack?
cyber war and conflict
we haven’t seen it yet
“hostile actions in cyberspace that have effects that amplify or are equivalent to major kinetic violence”
- Utilized by state and non-state actors (e.g. Hamas used cyber attacks against Israel + ISIS against global coalition against ISIS)
- Involves direct attacks in cyberspace that are not necessarily aimed at military forces per se, but are directed at opponents digitally enabled systems in general
Usually launched in tandem with conventional military operations (e.g. during Russo-Georgia war + Russia-Ukraine war)
-> confused some theorists of war: there was a belief there would be a pure cyber war, with solely cyber elements
Can also be utilized in peacetime (Stuxnet virus attack causes physical damage in Iranian nuclear centrifuges 2008-10)
These types of acts are rare compared to financial crimes, espionage, and information operations (e.g. hybrid or grey zone war) – more than half of all cyber operations are aimed at collecting information or disseminating information
cybersecurity and armed conflict
Offense has advantage over defense
All recent conflicts have cyber dimension
- E.g. ISIS gets into mobile devices of opposition groups - used for murders/kidnapping
Will there be such a thing as a pure cyber-war?
- So far, despite hype, there is no indication of this
- So far, only major cyber attacks of limited duration (Stuxnet, 2015 Ukraine power grid)
- Rules of the road/laws of war difficult to establish = key problem people are focusing on now + e.g. are there cyber war crimes and can we punish them
Erik Gartzke: “shutting down power grids, closing airports, or derailing communication could be extremely costly, but most damage of this type will be fixed quickly and at comparatively modest investment of tangible resources”
Also ‘mutually assured destruction’ deterrence equivalent (didn’t say this at all)
Main emphasis of government cyber ops is reconnaissance, making adversary aware of presence = getting into adversary’s system as part of deterrence effort
if politicians have choice between cyber attack and physical attack, they will pick physical bc they don’t really know how cyber works
cyber power and non-state actors
Groups such as ISIS use digital technologies to recruit, train, fundraise and purchase supplies
ISIS only able to conduct small-scale denial of service attacks
Terrorist attacks produce shock (explosions, casualties) whereas cyber operations take time, money, and technical skill
- Terrorist groups focus on what is cheap, noticeable and deadly
cyber terrorism?: mostly use digital presence for recruiting
offensive cyber operations = limited success
keep in mind = why not just pure cyber terrorism: most groups not really effective (uses money, time, technical skills) -> just work with what works (bombings etc.)
what level of cyber attack would lead to a response?
A single or cumulative set of malicious cyber activities; or hostile operations to, from, or within space; could reach the level of armed attack and could lead the North Atlantic Council to invoke Article 5 of the North Atlantic Treaty. We recognise the applicability of international law and will promote responsible behaviour in cyberspace and space. We will also boost the resilience of the space and cyber capabilities upon which we depend for our collective defence and security.”
NATO Strategic Concept, 2022
no one really knows when the line is crossed
- how bad to lead to cyber retaliation?
- how bad to lead to use of kinetic/physical force?
- how bad to lead to nuclear use?
(put this in the art 5 for deterrence)
Russian cyberattacks on Estonia
!!same as in the reading -> add some notes
2007
Russian attacks (on gov websites, etc.) followed decision by Estonian government to move Soviet-era statue and graves
Cyber campaign over several weeks includes denial of service, attacks on government websites, banks and media organizations
Concurred alongside street protests by ethnic Russians living in Estonia
Estonia does not invoke NATO’s Article 5 (not clear why: either thought it was not necessary or were told that members would not go along with it)
After attack Estonia makes major investments in cyberdefense (public and private sector)
- didn’t want to see repeat -> started investing
Ukraine’s IT army
After 2022 Ukraine emerges as 12th biggest cyber power; Russia ranks third
- Q: why is Russia struggling so much to achieve cyber-related effects in Ukraine?
- Ukraine developed effective defenses + had a lot of help: IT Army
IT Army created on 26 February 2022 as part of Ministry of Digital Transformation
- Hundreds of thousands of supporters aid Ukraine (~300.000)
- Manages by a team of senior military and intelligence officers
- Use distributed denial-of-service attacks (DDoS) and other cyber attacks against Russia’s digital infrastructure (banks, businesses, government websites)
- Imposes economic costs on Russian businesses but not terribly decisive + also places limits on some civilian targets (e.g. hospitals)
- Ukraine cybersecurity supported by firms such as Microsoft, Google, and Amazon (trying to keep Ukraine’s cyber security going despite Russian cyber attacks)
how to assess impact of cyber conflict?
- Russia - Ukraine
Ukraine IT army: causes some disruption to Russian society but strategic impact is marginal
= tactical successes
but strategic impact?
Russian cyberattacks fail to have decisive impact in support of invasion = no massive decisive impact
However, it would be worse for both sides in absence of heavy investment in cyber security
(if Ukraine hadn’t invested so much it would be a lot worse)
how to assess impact of cyber conflict?
- Israel-Gaza
Hamas use of cyber acquired intel helps with attack planning
Hamas/Iran/sympathizers launch cyber-attacks on Israel = !!minimal impact
- cyber offensive
- lot of international support
Israel cyberattacks on Hamas limited because it doesn’t rely much on internet
Israel can turn on/off internet connectivity in Gaza (telecommunications blackout leads to international condemnation)
- terrible for e.g. hospital
- turning of lights and electricity in hospitals is technically a war crime
cyber example - North Korea
country you wouldn’t immediately think of as an important cyber actor
‘If warfare was about bullets and oil until now, warfare in the twenty-first century is about information. War is won and lost by who has greater access to the adversary’s military technical information in peacetime, how effectively one can disrupt the adversary’s military command-and-control information, and how effectively one can utilize one’s own information.’
Kim Jong-il, 2010 about the future of warfare
(remember information = our cyber)
-> dev. big cyber presence
(also important for fundraising: cyberattacks e.g. help fund nuclear dev)
According to South Korean sources, North Korean leader Kim Jong-un views cyber power as central to modern political and military competition
Reportedly has a cyber army of 7,000 personnel skilled in ransomware, cyber bank heists and data espionage
From 2014 onwards, experts detected, and attributed to North Korea, a series of complex extortion schemes and attacks on financial institutions and cryptocurrency dealers. A UN report in 2019 estimated that the gains from such operations totalled US$2 billion
In 2020 the UN Security Council Sanctions Committee on North Korea published a detailed report on the country’s criminal activities in cyberspace, which consisted of stealing money from banks to fund the nuclear-weapons and missile-development programs that are subject to UN sanctions.
North Korea - Nov 2014 Sony Pictures Attack
President Obama promises ‘proportional’ response – several days later North Korean internet goes down for 9.5 hours – unclear if it was a US counterattack
Sony computer system experienced extensive and debilitating attack
Company employees unable to use their computers, forced to shut down the entire system
Group named ‘Guardians of the Peace’ claim credit for attack, citing objection to an upcoming Sony comedy about North Korea – The Interview
Attack conducted in several stages: denial of service attacks, leaks of unreleased films, leaks of internal information including personnel files, leak of financial data
Sony cancels opening of the film
US Government publicly charges North Korea as responsible
- cyber forensics = difficult, but US gov said it was really clear
US Treasury overtly responds with additional economic sanctions
(shows you don’t have to respond with cyber means)
Hack-and-Leak (2016 US Presidential Election)
emails from officials were leaked
-> convenient for Clinton to explain why they lost, it was bc intervention
Russia’s intelligence services conducted cyber operations against targets associated with the 2016 US presidential election, including targets associated with both major US political parties.
Russian messaging strategy blended covert intelligence operations—such as cyber activity—with overt efforts by Russian Government agencies, state-funded media, third-party intermediaries, and paid social media users or “trolls”
Russian military intelligence relayed material it acquired from the Democratic National Committee and senior Democratic officials to WikiLeaks
intro - space
space been around for a long time, but increasingly important
most attention to space security just since the last 15y
In recent years, US and other countries raise profile of Space within their militaries
- US first established a Space Command in 1985
- Upgraded to full military service in 2019 (space force created by Trump)
- 2020: France renames Air Force to become Air and Space Force
- 2021: UK establishes a Space Command
- 2021: Germany creates a Space Command
In 2019, NATO Allies adopt Space Policy and recognize space as a new operational domain, alongside air, land, maritime and cyberspace
Outer Space Treaty
1967
states parties to the treaty undertake not to place in orbit around the Earth any objects carrying nuclear weapons or any other kinds of weapons of mass destruction, install such weapons on celestial bodies, or station weapons in outer space in any other manner
- concerns abt arming satellites with nuclear weapons: don’t have to launch, can just drop at any time
- SU and US agreed they wouldn’t put nukes in space
military use of space
US first uses satellites in Vietnam war
Maintains three space programs (NASA civil space; National Reconnaissance Office spy satellites, military satellites for communications, navigation, early warning)
- spy satellites most important satellites in the cold war: to find out what exactly was going on = as early warning systems
Satellite reconnaissance completely changes nuclear (and international) landscape – provides stability in arms race, facilitates arms control, reduces fear of sneak attack
after 1991:
Become more central to warfighting during 1991 Gulf War, especially to enable communications and GPS guided precision strikes
Key Trend: Anti-satellite weapons + massive growth in commercial use of space (and military reliance on private sector satellites)
- raises question if anti-satellite weapons are useful as there are so many satellites + it creates debree that makes it diff to put up new satellites
- blowing stuff up in space is frowned upon
China 2007 ASAT test, Russia 2021 ASAT test
But so many commercial satellites this may negate effectiveness of ASAT systems
Low Earth Orbit satellites more likely targets but cause significant debris
Attacks on ground-based systems instead
To go after Geostationary Earth Orbit nuclear command and control satellites would risk nuclear escalation
satellites
crucial for intelligence: not so worried about sudden attacks, know where the enemy is, better targeting
= changed nature of the cold war, did take a while
(originally satellites took pics and had to be sent to earth to be seen)
before (1950s): vliegtuigplaatje slides, weet de naam niet?
last 15y: increased attention to space bc increasing size of activity there
- has big implications for what militaries can do with the assets in space
GEO, MEO, LEO
- most activity in the LEO (low earth o..) = e.g. Musk satellites
- nuclear satellites etc. is at the GEO level = far in outer space
- important bc anti-satellite weapons mostly for LEO rather than GEO bc attacks on common satellites in the lower orbits not immediately seen as act of war
space - Ukraine War
satellites crucial for Ukraine
most importantly: intelligence + keeping Ukraine’s communications going when Russia is attacking it
also valuable for providing data for drones and other missile strikes
- Commercial satellite imaging delivers crucial intelligence to Ukraine
- Starlink satellites provide connectivity for Ukrainian military and vital for drone strikes
war began with huge Russian offensive
Himars project: Ukrainian artillery can shoot further and more accurately than Russia -> Russia’s offensive to a hold
- system operates with real-time data passed to military base in Germany with access to spy satellites -> communicate location and details -> can attack
US threatens to cut Starlink access in Ukraine if no rare earth minerals deal signed
shutting of Starlink for Ukraine would be catastrophic, massive blow (niet onoverkombaar)
= used as blackmailing for peace negotiations
space - another major security problem from space
“here to save the day”
Space security is not only looking down to earth from space!
Also need to think about protecting earth from asteroids and comets (Near Earth Objects)
Not only nuclear war and climate change can produce extinction level effects!
-> might it be useful to keep some nukes around for planetary defense?
Starfish Prime - exploding things in space
tests over the years: this was the first one
US exploded nuke in space over the pacific
-> started to understand electromagnetic pulse: if you launch enough of these the effect is so big you can can potentially make the entire (nuclear( control system of the adversary
July 1962 high-altitude (280 miles above sea level) 1.45 megaton nuclear test 900 miles away from Hawaii
Results in Electromagnetic Pulse (EMP) that affects Hawaii
Also damages one third of satellites then in orbit
Reagan and Strategic Defense Initiative - Star Wars
proposal for laser that would be send from earth, be reflected from a mirror in space and then go back to earth surface
Initiates land and space-based strategic missile defense program in 1983
Reagan refuses to abandon it as part of US-Soviet arms control
- Probably helped delay end of Cold War and prevented deeper cuts = probably plays into why we still have nukes now?
had immediate effect on SU?
satellites and missile defense
!!this process is still ongoing, new things we can do with satellites
Originally satellites only allowed for systems to detect missile launches; now able to accurately track
System reliant on hundreds of satellites in low earth orbit designed to track advanced missile threats through all phases of flight
Feeds intelligence/tracking data
- decoys can be identified and taken down
Increases ability of interceptors to hit, potentially to include separating decoys from real missiles
impact of AI on security: some examples
- Automated targeting/behavioral prediction
- Create/detect fake media + deep fakes
- Support decision-making through virtual assistants (emerging for military uses)
- Attack other side’s AI systems
- Command and control of drone swarms
Ukraine: manual drones
fear of the future = thousands of drones being operated by AI over a battle field
-> race in massively producing/developing drones + race between offense and defense
AI in Russia-Ukraine War
2025 “will significantly increase the percentage of autonomous drones with targeting. We might see the first real drone swarm uses, though not on a massive scale. The first steps will happen.”
- Mykhailo Fedorov, Ukrainian Minister of Digital Transformation (guy who set up Ukraine IT Army)
- Ukraine massive increase in drone production capacity
- maybe 2025 the year to use it
- combine drones and AI and you have a very lethal weapon
in general terms: mainstream consensus that Ukraine is more effective in using AI in this war than Russia, Russia has means but hasn’t employed it in useful/decisive ways
AI is used to geolocate and analyze open-source data such as social media content to identify Russian soldiers, weapons, systems, units or their movements
Neural networks are used to combine ground-level photos, video footage from numerous drones and UAVs, and satellite imagery to provide faster intelligence analysis and assessment to produce strategic and tactical intelligence advantages
= useful for intelligence, targeting, communication, more efficient than human analysis
Private companies support Ukrainian targeting by providing timely information from satellites and social media feeds to visualize friendly and enemy positions, to understand troop movements and to conduct battlefield damage assessments
Ukrainian cyber defenses were successful due to advances in AI-enhanced threat intelligence and the quick distribution of protective software to cloud services and other computer networks
AI in Isreal-Gaza
May 2021: 11-day bombing campaign against Hamas labelled Israel’s ‘First AI War’
Use of AI tools for identifying targets for potential strikes
Speeds up intelligence analytical process:
- Lavender system uses data to rank people = 0-100 ranking, if you are high you are likely Hamas or militant
- identifying adversaries
Speeds up decision-making
- IDF used to take a team of 20 to review and approve a single strike
- IDF today approving hundreds per week
Many examples highlight problems of faulty data and algorithms
+ Israel’s Iron dome is so succesfull bc it operates at much faster rate: targeting incoming missiles
next generation technology - quantum revolution?
2010s scientific community started talking about it
recently much investment -> why?
can have tremendous effect on lots of stuff (e.g. cracking codes, detecting submarines)
Emerging Quantum revolution is at hand
Expected to revolutionize sensing, imaging, precise positioning, navigation and timing, communications, computing, etc.
It will transform cybersecurity
Potential to protect data (make it un-hackable)
Or, potential to crack codes
Quantum sensors can allow underground mapping, see around corners, make oceans transparent
Can be used to detect submarines and stealth aircraft
- if we can track nuclear submarines, it makes that component of deterrence irrelevant/useless
conclusion
all domains are connected: there is no thing as cyber deterrence or cyber war, there is a cyber domain of war and of deterrence
- you can’t separate what goes on in space from what is going on on the ground
Broad security concepts of war, deterrence, etc. can be applied to cyberspace
Cyberspace can be viewed as its own domain but it rarely exists separate from other domains
This is also true of the Space domain – e.g. hard to separate deterrence of attacks in space from broader problem of deterrence on earth
MAIN = No indication any single domain is ‘decisive’ – e.g. a ‘victory’ in cyberspace does not equate with a victory in war
- no silver bullets that crack the case
Advances in AI and Quantum tech likely to have important implications for the military in decades ahead BUT unlikely to completely change the nature of war and conflict
- advances in offensive come with same advances in defensive area
- it will be new, but he doesn’t think it will change anything decisively
(lot of attention to deterrence, bc unclear what the law does with new developments)
