Threats of cyber war were on the top of inquiries on a news conference, marking the opening of the ITU Telecom World exhibition and forum in Geneva.
"The next world war could begin in cyberspace," warned Hamadoun Touré, secretary general of the International Telecommunication Union, the United Nations agency that organized the event.
The beginnings of such an unconventional war could be out of the control of conventional diplomacy, he said, because in cyberspace "there is no such thing as a superpower: Every citizen is a superpower." With an army of "bots," or compromised computers, at their command, almost anyone could wield great power in a virtual battle, as a number of recent denial of service attacks against targets around the world have shown.
"We know from conventional wars that the best way to win is not to start," Touré said.
That's why the ITU is pushing an ambitious worldwide program for cyber security and peace.
"By the end of next year, we will broker a global agreement with every country to protect its citizens online, not to harbor cyber terrorists, and not to start an online attack," he said.
But, the real cyber weapon is already in use by different political and religious groups, and even by different countries.
For example, on August 8, 2008, Nino Doijashvili, CEO of Atlanta-based hosting company Tulip Systems was paying a visit to her home town in Tsiblinki, Georgia, thus putting her at the nexus of the first modern use of cyber attacks in conjunction with an invasion. While Russia amassed a force of 150 tanks on the border of Georgia, and while the world was occupied with the Olympics in Beijing, and coincidently just after NATO decided to postpone voting on admitting Georgia into its alliance, there began a concerted denial of service (DoS) attack against Georgia.
Russian nationalists (or maybe, it was direct governmental strategic attack) who wished to take part in the attack on Georgia could do so from anywhere with an internet connection, simply by visiting one of several pro-Russia websites and downloading the software and instructions needed to perform a “distributed denial of service” (DDoS) attack. This involves sending a flood of bogus requests to an internet server, so that it is overwhelmed by the demand and becomes unusable.
One website, called StopGeorgia, provided a utility called DoSHTTP, plus a handy list of target websites, including those of Georgian government agencies and the British and American embassies in the capital, Tbilisi. Launching an attack was as simple as entering the address and clicking a button labelled “Start Flood”. The StopGeorgia website helpfully indicated which target sites were still active and which had collapsed under the weight of bogus requests. Other websites explained how to write simple programs to send a flood of requests, or offered specially formatted webpages that could be set to reload themselves continuously, deluging particular Georgian websites with traffic.
Knowing something about bandwidth and server hosting Doijashvili offered the services of her hosting facilities to the Georgian government who agreed. Now attacks targeted against Georgian government websites were finding their way to Atlanta, Georgia in the U.S. So, Tulip Systems got directly involved in a cyber shooting war between Eastern European states.
Another wave of cyber attacks on Estonia in 2007 brought down key financial and state systems and had demonstrated how cyber-terrorism could take down national infrastructure with "very serious consequences”. This time, it was just one 20-year old, acting by himself; there was no ideological motive behind it, so it wasn't a terrorist attack per se, but it did illustrate clearly the potential harm that could be done.
Suleyman Anil, head of NATO's Computer Incident Response Capability Co-ordination Centre, admitted that determined cyber attack on a country's online infrastructure would be "practically impossible to stop". Anil believes the threat will continue to grow as terrorist groups become aware of the potential to cause maximum damage at minimal cost. Cyberwar could become a very effective strategy because it is low-risk, low-cost, highly effective and easily globally deployable. It is almost an ideal weapon that nobody can ignore.
Threat to the World though cyber terrorism becomes more and more real, as modern society is getting hocked on the fruits of the new computerized technologies on all life aspects.
Sources and Additional Information: