Article Preview
Top1. Introduction
As conflicts have moved into cyberspace (and vice versa), a clearer understanding of cyber weaponry and its implications to conflicts becomes a necessity. The development of weapons was always part of mankind’s history. Tactics evolved to suit weapons available, but from time to time new weapons revolutionised the tactics and strategies of warfare. The developments of artillery, gunpowder, aviation and weapons of mass destruction are just some examples from history. These all caused dramatic changes on the face of the battlefield. But all those weapons developed so far have similar kinetic and/or thermal properties, due to the shared physical domain.
As one result of the cyber attacks on Estonia in 2007, a campaign of massive distributed denial of service (DDoS) attacks against government websites paired with hacking attempts against valuable targets such as ISP backbone routers (Evron, 2008), a new type of conflict was declared (Landler & Markoff, 2007) and hyped. In reality, hacktivism has been around already before the 2007 attacks against Estonia (Denning (2001)introduced this term already back in the early century) and politically motivated DDoS where at this point of time not entirely new as shown by (Nazario, 2009). Still media found strong and inconsistent interest in this subjects as discussed by Farivar (2009). As a consequence, cyber conflicts quickly entering the political agenda of many nations to the extent that and that Jellenc (2012) recently confirmed an arms race having started in and about cyberspace.
The term “cyber attack” is commonly used for a wide variety of malicious cyber activities aiming to achieve various objectives. Both attacker and victim can e.g. be a States, private sector (as attackers also including organized cyber crime) or groups of individuals (see Table 1).
Table 1. Examples of cyber attacks between different groups
Attacker vs. Victim | State | Private Sector | Group |
State | Stuxnet (Falliere, Murchu, & Chien, 2010), Georgia: Conventional military conflict combined with cyber attacks (Korns & Kastenberg, 2009) | DigiNotar (Denis Fisher, 2012), Saudi Aramco (Perlroth, 2012) | Censorship in Belarus (Pavlyuchenko, 2009), Russia against opposition parties (AFP, 2011) |
Private sector | Ghostnet (Deibert, Manchanda, Rohozinski, Villeneuve, & Walton, 2009), Shadows in the Clouds (Bradbury & Rohozinski, 2010) | Cases of common industrial espionage | Hollywood poisoning torrents with fake releases (CERT Polska, 2012) |
Group | Cyber attacks on Estonia 2007 (Ottis, 2008) | Anonymous on VISA (Pras, Sperotto, Moura, & Drago, 2010), TJMaxx credit card data theft (Jewell, 2007) | Israel-Palestine |