Relying exclusively on open source information, task is to assess the relative capabilities of certain countries identified in the literature (China, India, Iran, North Korea, Pakistan, and Russia) to wage an effective cyber attack against an adversary.
The words “effective cyberattack” by no means translate into the proverbial “take down” of the Internet; on the contrary,such attacks might involve intrusions into unprotected networks for the purpose of compromising data tables, degrading communications, interrupting commerce, or impairing critical infrastructures (such as transportation or medical and emergency services) in such a way that trust is undermined at the expense of a smoothly running economy and society.
While the degree of damage that could be caused in a cyber attack bears no resemblance to an electronic “Pearl Harbor,” inflicting significant economic costs on the public and private sectors
and impairing performance of key infrastructures (via IT networks linked to embedded computer systems, for example) seem both plausible and realistic.
Most computers are connected to each other in some way. They usually share the same operating system software and communicate with all other computers using the standard set of TCP/IP protocols. The ease and speed of dispersion of recently devised worms and viruses such as Nimda and Sasser underscores the links among networked computers.
Within the framework of an integrated national plan, the People’s Liberation Army (PLA) has formulated an official cyber warfare doctrine, implemented appropriate training for its officers,
and conducted cyber warfare simulations and military exercises. Beijing’s intelligence services continue to collect science and technology information to support the government’s goals, while
Chinese industry gives priority to domestically manufactured products to meet its technology needs.
The PLA maintains close ties with its Russian counterpart, but there is significant evidence that Beijing seeks to develop its own unique model for waging cyber warfare.
Cyber attacks pose more than a theoretical challenge to the Indian government’s day-to-day national security agenda due to the intrusions and web defacements experienced after New
Delhi’s nuclear weapons test and in the confrontation with Pakistan over Kashmir.
The Indian authorities announced a shift in military doctrine in 1998 to embrace electronic warfare and information operations. An IT roadmap, enumerating a comprehensive ten year plan, was
published. In the framework of the roadmap, the government has granted permission for closer government/industry cooperation to leverage the output of India’s world-class IT software
industry. In addition, a new National Defense University and Defense Intelligence Agency (DIA) have been established. According to journalistic accounts, the armed forces plan to establish an information warfare agency within the DIA with responsibility for cyber war, psychological operations, and electromagnetic and sound wave technologies.
U.S. national security experts have included Iran on a published list of countries said to be training elements of the population in cyber warfare. The leadership in Tehran is known to sponsor terrorist groups and for many years has chafed in the face of perceived Iranian inadequacy in the conduct of modern information warfare. Although the rhetoric of the clerical regime has been more prudent in recent years (at least until recently), the government
nevertheless continues to accord economic and political priority to extending the technological threshold of its defense sector. This is illustrated in two ways: first, the armed forces and technical universities have joined in an effort to create independent cyber R & D centers and train personnel in IT skills; and second, Tehran actively seeks to buy IT and military related technical assistance and training from both Russia and India. Overall, we assess that Iran is leveraging its resources in the non-conventional weapons and IT sector as a “force multiplier” to gain greater influence in Central Asia.
Although U.S. national security officials include North Korea on a published list of countries believed to be developing information warfare units either in the military or the intelligence services, the open literature contains no North Korean military doctrinal or policy statement to that effect. South Korea’s defense community alleges cyber reconnaissance or network hacks sponsored by Pyongyang, but such charges may only represent “disinformation.” Due to the
closed, Stalinist make-up of the North Korean regime and society, concrete evidence is difficult to obtain. There are few credible first-hand sources.
We believe it is possible North Korea is experimenting with offensive cyber attack capabilities, based on Pyongyang’s track record of priority resource allocations to the military, its evident endowment of scientists and engineers, and its documented achievements in missile and related military technologies.
Well-documented hacker activity in Pakistan and possible ties between the hacker community and Pakistani intelligence services indicate that Pakistan appears to possess a cyber attack capability. However, the published evidence is lacking concerning the exact nature of the capability; it is quite possible that the government of Pakistan has made only a minimal investment in its cyber warfare program. The available evidence suggests that the main target of Pakistan’s offensive capability is India—Islamabad’s rival on the sub-Continent and adversary in the Kashmir dispute. Pakistan’s developed IT industry, well-educated computer programmers,and supportive government that is concerned with security in Kashmir and parity with India provides circumstantial evidence suggesting a cyber warfare program.
Russia’s armed forces, collaborating with experts in the IT sector and academic community,have developed a robust cyber warfare doctrine. The authors of Russia’s cyber warfare doctrine have disclosed discussions and debates concerning Moscow’s official policy. “Information weaponry,” i.e., weapons based on programming code, receives paramount attention in official
cyber warfare doctrine. Moscow also has a track record of offensive hacking into Chechen websites. Although we assess it likely that Moscow will continue to scout U.S. military and private sector networks and websites, available evidence is inadequate to predict whether Russia’s intelligence services or armed forces would attack U.S. networks, especially after taking into account present-day political and economic ties between the two nations.