The digital age of war is upon us, but what actually
constitutes an act of warfare online? This the question facing global states
but is even one for those of us sitting at home. Further to this, how do we
even set agreements in place to prevent cyber war when none of the states would
be prepared to forgo the ability to shut entire countries offline, or hack crucial
networks to force instant truces.
David Sanger, National Security Correspondent and Senior
Writer for the New York Times, addresses the Cold War of our times in his new
book, The Perfect Weapon: War,
Sabotage and Fear, speaking on the themes in a conference call with New
York Times subscribers on Monday.
Digital mass destruction
The internet, a tool built for and feted as creating globalization
and open lines of communication, is Sanger’s ‘Perfect Weapon’. He says, “cyber
is cheap and can be dialed up or down so you can keep things short of war”. The
point being, states can send attacks and retaliations constantly through the
digital space but keep it just shy of being a declaration of war and leaving us
in a permanent stalemate. Cyber attacks are cost effective compared to an army –
but also a great option to protect lives (if we assume no one attacks a
hospital network). Further to this, in rebuilding the internet, we are
retrospectively trying to add protections and security measures in while trying
to maintain the instant communication lines of the internet which are essential
to daily economic operations globally.
States are well aware of this power. Russia meddling in the
US Federal Election is just one example of this. US President Trump signed a
secret order last year which effectively allows the US to conduct cyber attacks
without Presidential approval, though given the terms of the agreement are
secret, we don’t know the full range of attack powers available. Sanger
suggests that any use or potential to use by the US enables every other country
to use the same tools against them, and each other.
A new frontier of war
Unlike its predecessor, the Cold War, the digital age of war
leaves us with many challenges in trying to control the situation. Sanger
explains there were limited players in the Cold War with weaponry that could be
itemized as part of agreements. By contrast, there are unlimited entrants to
the digital world and while states may choose to sign agreements, how do they
control the actions of individual citizens or indeed, terrorists. Also, as
Sanger jokingly mentions, teenagers use the internet and, “teenagers tend not
to sign up to any agreements, even in their own homes”.
Controlling the world
The concept of hacking and attacks is one layer of cyber war
but another is network design. Australia is the only country at this point to
deny entry to Huawei to build its 5G network, while others are still debating
the implications and their own decisions. Sanger suggests they are watching to
see whether the Chinese Government will retaliate against Australia for its
decision by withholding trade and there have bee suggestions that the recent
hacking of Australian Parliament may be part of the retaliation. He feels the
British have taken the view that it is all a manageable risk but wonders whether
they have considered the full range of challenges from allowing the company of
a foreign country to build their networks.
Sanger says, “The companies that build the infrastructure
will be in charge of the world. The Chinese have been open in their intention
to control as much of the internet as possible.” Consider that in any conflict,
the builder of the infrastructure could have the power to shut down entire
networks – potentially an entire country – to force their side. Sanger explains
that 5G operates much like software in that it constantly updates, but it is
also very difficult to analyse the backend code and there are fears that companies
building these networks could create “back doors” to access secure information
or to cause disruption.
Sanger views any solution to cyber war as requiring both a
digital and political situation but points out that at this stage, it is mainly
private enterprises spending money to protect their own interests. Most states
have their own centres dedicated to cyber risk, Australia has The Australian
Cyber Security Centre, but these fall short of the investment which may truly
be required to protect state interests – and those of its private citizens.
A private problem as
While we think of cyber war as a problem more for companies
and states, we should be considering ourselves as potential casualties in the
war. Almost all of us use GPS tracking on a daily basis through our phones and
devices. Almost all of us use the internet at home. Increasing numbers are adopting
the internet of things and inviting automation into their homes in the form of
devices like Google Home and Amazon Alexa. If someone wanted to cause you
problems, it may be as simple as hacking into your home automation and preventing
you from turning the lights on. Or, more frightening and a problem raised by
domestic violence assistance programs, the ability of abusers to track their
victims through digital GPS footprint.
How do we protect
ourselves in the war?
A philistine answer would be to just stopping using devices,
don’t use automation in your home, but the truth is, you can’t operate in today’s
society with no digital technology. While respecting there are elderly people
who have never touched a computer or phone, they find it increasingly difficult
to navigate the world and often as not, are forced to rely on their children
and grandchildren to assist even with accessing their finances.
So what is the answer? Like most things, prevention is
better than a cure but just as with a house robbery, your security is only as
good as your weakest link – if someone really wants to get in your house, they
will just break the windows or bash down the door. There are the traditional
measures we all know about, like anti-virus software, not clicking on hoax
email links, not using easy passwords and changing those passwords regularly
but there are also those that can be more challenging for the technological
dinosaurs like myself.
One security option could be creating a separate home IP address
(an IP is a personal identifier for your device) for the internet of things
(aka your home automation) that is completely blocked from an IP address for
your general wifi use so if Google Home suddenly has a hack affecting all
devices, those hackers can’t suddenly get in and access your personal logins. Install
a firewall to limit any traffic from websites and people into your computer and
other devices. You could also download programs to prevent any external
tracking of your IP so when you visit websites, your device simply appears as
anonymous. Another simple, but not so popular option is to not connect your
devices to wifi hotspots out in public as this opens you up to hacking from other
users of that wifi.
Cyber security is rapidly becoming a big business and new
companies are forming by the week to deal with the challenges. From a personal
level, you could consider using one to manage your own security but this has
its own risks – do you want to trust an external company with your security?
What if they got hacked themselves and your data was made public? You could
also learn how to manage it yourself using one of the many online articles and
video how-tos (or do like me and get a tech-savvy friend to ‘fix’ it all for
Cyber war is one of the many issues of our day that we need to learn to live with and manage. It’s another reason to “be alert, not alarmed” and we should all be making efforts to learn how to manage our own online security. The hackers are coming, and hopefully it’s just your next door neighbour annoyed at the volume of your music and not a mass country-wide attack.
Like this article and interested in commissioning content? Contact me