By: Manthan Pandit and Khushi Birla, SVKM’s Pravin Gandhi College of Law

“One hundred victories in one hundred battles is not the acme of skill. To subdue the enemy without fighting is the acme of skill”

— Sun Tzu, “The Art of War”.[i]

Introduction

Before one gets into the business of two countries destroying each other, one must also understand how they come together as one. The cross-border relations between and among independent sovereign states are known as International Relations. The primary actor in international relations is a nation-state; the leader of the nation-state is essentially governed in their decision making by something that is known as “National interest,’’ which may from time to time clash directly with the national interests of other nation-states. For the protection, promotion, and preservation of these interests, the leader of the nation-state can take specific cooperative and conflict policy decisions like competitive artillery, economic and propaganda warfare, etc. Competition, Cooperation, and Conflict act as the basic principles of interaction amongst nation-states. Case in point, relations between China and the USA have been oscillating between the three C’s. The art of maintaining peaceful relationships with other nations in order to avoid the use of violence is known as Diplomacy. It can help turn conflict into cooperation.  But when diplomacy fails some states settle at using force to implement their national interest. To protect their interests, nations can go to the extent of war when they feel threatened by other nation-states. From the Peloponnesian war fought by the Ancients Greeks to the two World Wars, many wars have been fought to ensure the security of one’s nation and its existence.

Shift from Physical Wars to Cyber Wars

Traditionally, wars have been fought within defined geographical boundaries and on identifiable terrains like land, air, and sea. Along with easily identifiable tools of war like rifles, bombs, aircrafts, improvised explosive devices, etc. One of the concepts which came into play during these wars was ‘Deterrence’. Deterrence as a strategic concept has evolved during the Cold War. It was majorly aimed at preventing aggression, involving nuclear attacks, against the United States and its allies by the Union of Soviet Socialist Republics (USSR), Communist China, and North Korea.

In modern times with the change in technology and the shift of traditional warfare to cyberspace, it becomes chimerical to host the same as a war with nuclear energy in play will result in total annihilation on both sides. Hence, the former explains the shift of warfare into a new platform of cyberspace. In his story Burning Chrome, published in Omni magazine in July 1982, American-Canadian writer William Gibson coined the term “cyberspace.” [ii] Cyberspace is an amorphous virtual world created by computers and the different components of the Internet’s Infrastructure. These days, due to the expansionary nature of the internet, wars are more likely to be fought online than on the battlefield. It has opened a whole new domain for warfare. Governments are steadily stealing classified information, instilling public mistrust, and targeting commercial and knowledge centers. Cyber warfare, as a result of this evolution, is a game-changer.

Cyber Warfare 

Cyber wars act as a new and unusual alternative to military conflict. Cyber wars are different from cybercrimes, which include illegal actions of non-state actors at both national and international levels. The United States Department of Defense defines Cyber warfare as, “An armed conflict conducted in whole or part by cyber means. Military operations conducted to deny an opposing force the effective use of cyberspace systems and weapons in a conflict. It includes cyber attacks, cyber defense, and cyber enabling actions.”[iii] An international organization or nation-state may attack and try to damage the computers or information networks of other nation-states through tools like hacking, computer viruses, or denial-of-service attacks. Cyber warfare is a form of warfare capable of forcing the opponent to your will by causing strategic paralysis in order to achieve desired objectives, and it does so almost entirely without the use of physical force. 

Tools of Cyber Warfare 

There are plenty of tools and methods available to attack a computer or a network of computers. Tools are decided in accordance with the goal of the attacker. Like, a nation might try to pry into a rival nation’s bank system in order to search for economic instability one month so that it can crash it the next month to further increase the instability. Some of the methods of cyber-attacks are-

• Grid Hacking

Cyber attacks on Power Grids not only cause economic damage and inconveniences in daily life, but they also weaken the public’s trust and sense of security. Some nation-states look through old technology systems of other states to find faults that allow them to attack trains, planes, ships, and information systems. In December 2016, the second cyber attack on Ukraine after almost one year caused a blackout in the capital city of Kyiv for an hour.[iv]

• Denial of Service

A denial of service attack, also known as a DoS attack, is a form of cyberattack that involves flooding a server or network with messages in order to disable it. The target would be unable to handle all of the incoming traffic if the attack is successful. The target would most likely crash or reboot as a result. Depending on how the device is configured, this may result in the server or applications running on it being damaged. A DoS attack’s main aim is to block legitimate users from accessing the device.[v] The consequence of using a DoS attack in warfare can be even more dangerous since people are used to having access to a lot of information 24/7 and  attack on a government or news site can cause panic. 

• Spear phishing 

One of the traditional methods of cyber attacks, Spear phishing is a highly targeted form of phishing where bespoke emails are sent to specific victims by what are assumed to be trusted senders. This is done to either infect the device using malware or to convince victims to hand over money/information. 

Global Cyber Warfare Trends

There were glimpses of cyber and electronic warfare in the Gulf War and since then the use of cyber warfare by nation-states has increased quite a lot. The Stuxnet virus destroyed a significant portion of an Iranian nuclear facility in 2010. This event was widely regarded as a joint operation between Israel and the United States.[vi] In 2016, the deadly WannaCry ransomware cyber-attack affected more than 200,000 computers in 150 countries. The malware which demanded money in return for unfreezing computers targeted Governments, hospitals, and major companies around the world.[vii] These incidents show that cyber warfare is slowly becoming more preferable since it is anonymous and low cost having an infinite reach.

Cyber Warfare in China

China is an excellent example of how difficult it is to pinpoint who is responsible for a cyber attack.  It has been home to some of the most prominent hackers and hacker groups of the global community. According to a report by the Center for Strategic and International Studies (CSIS), 108 big cyber-attack incidents from 2006 to 2018 were linked to China and the number keeps increasing year after year.[viii] After recent attacks on the country’s various power assets, proof of Chinese hackers conducting a cyber espionage campaign against the Indian transportation sector was discovered by the Indian Computer Emergency Response Team (CERT-In).[ix] Chinese hackers carried out a cyber espionage operation in December 2020 targeting the Finnish parliament, breaching the email accounts of parliament members and other employees.[x] China has various organizations like LA 3rd Department, PLA 4th Department, Strategic Support Force (SSF) along with a large number of non-state Patriotic Hacker Groups which help it in carrying out the cyber attacks.

Chinese Cyber Warfare Capabilities

The Central Military Commission (CMC) formed a 100-member elite corps in April 1997 to devise ways of breaking into the computer systems of the United States and other Western countries.[xi] China has gradually strengthened its cyber warfare capabilities in terms of institutions, strategies, and skills since then. The People’s Liberation Army (PLA) agreed in 2015 to increase the Strategic Support Force, which is billed as a fifth service rather than a branch of the PLA. China’s word for an integrated approach to information warfare operations is “Integrated Network Electronic Warfare” (INEW), which includes electronic warfare (EW), computer network warfare, and psychological operations.

Salient aspects of Chinese strategy on cyberspace are given below:-

1. Superpower on a global scale. By 2025, China wants to be a global internet powerhouse with an impenetrable cyber security infrastructure. In this regard, it is fair to expect China to improve its cyber warfare capabilities in a similar manner.
2. A multi-pronged strategy. China uses a “Whole of Country” approach to cyber warfare, enlisting patriotic hackers and university students as cyber warriors alongside the PLA.
3. The First Option. Cyber warfare is seen by the PLA as a first-strike strategy to avoid the need for traditional military operations, rather than as a force multiplier for conventional operations.
4. Cyber-Strategic Warfare in Space. By integrating cyber attacks on satellites or space warfare into its offensive operations, China has elevated cyber warfare to a strategic level.
5. The definition of concurrency. It is fair to conclude that PLA aims to conduct operations simultaneously in all five domains: ground, sea, air, space, and cyberspace.
6. Cyber espionage. China conducts ongoing cyber surveillance to find weak points and collect information that can be used in a battle.

Conclusion

Since humans now communicate via software that is impersonal and non-interactive by default, this cyber threat exists. Furthermore, given the Internet’s capacity to reach millions, it is not important for every person to fall for the scam. Even if the trick is finally uncovered, the perpetrator could only want to manipulate public opinion for a brief period of time, such as before an election, a business contract, or a military operation. Unfortunately, the widespread implementation of effective defense tactics and technology does not seem to be on the horizon. Most system administrators lack the time, experience, or personnel to conduct sophisticated data analysis on their own. Furthermore, clever programming can  forge several popular signatures: if IP addresses and browser settings are realistically spread in the attack, the bar for cyber defenders is dramatically increased. Individual Site users would continue to develop their ability to assess threats originating from cyberspace for the near future.  

---

[i] The Art of War, Sun Tzu, Samuel B. Griffith (Translator), B.H. Liddell Hart (Foreword), Oxford University Press, 1963.

[ii] William Gibson Coins the Word Cyberspace, Jeremy M. Norman, History of Information. [Available at- https://www.historyofinformation.com/detail.php?id=984.%5D

[iii] Memorandum for Chiefs of the Military Services: Joint Terminology for Cyberspace Operations, James. E. Cartwright, Public Intelligence. [Available at- https://publicintelligence.net/dod-joint-cyber-terms/.%5D

[iv] Ukraine power cut ‘was cyber-attack’, BBC News. [Available at- https://www.bbc.co.uk/news/technology-38573074.%5D

[v] Understanding Denial-of-Service Attacks, Mindi McDowell, US-CERT- CISA. [Available at- https://us-cert.cisa.gov/ncas/tips/ST04-015.%5D

[vi] Israeli Test on Worm Called Crucial in Iran Nuclear Delay, William J. Broad, John Markoff, and David E. Sanger, The New York Times. [Available at- https://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html.%5D

[vii] Ransomware cyber-attack: Who has been hardest hit?, BBC News. [Available at- https://www.bbc.com/news/world-39919249.%5D

[viii] Significant Cyber Incidents, Center for Strategic & International Studies. [Available at- https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents.%5D

[ix] After power, Chinese hackers target transport sector, The Hindu BusinessLine. [Available at- https://www.thehindubusinessline.com/news/national/after-power-chinese-hackers-target-transport-sector/article34125502.ece%5D

[x] Finland says Chinese hackers behind parliament attack, The Economic Times. [Available at – https://m.economictimes.com/news/international/world-news/finland-says-chinese-hackers-behind-parliament-attack/articleshow/81592545.cms.%5D

[xi] Inside China’s cyber war room: How PLA is plotting global attacks, Saikiran Kannan and Abhishek Bhalla, India Today. [Available at- https://www.indiatoday.in/world/story/inside-china-s-cyber-war-room-how-pla-is-plotting-global-attacks-1708292-2020-08-06.%5D