Are We In a State of Cyber Cold War

We are constantly made to believe that the world around us is a safe place to live in. Internet is now at the helm of this technology driven modern world where supremacy is the solo aim of every superpower that exists on the world map. Cold Wars have a strong hand in the history of global superpower rivalries. With time, the way of fighting Cold Wars kept changing. From plotting secret spies in rival's internal forces to secretly stealing their rival's confidential information, Cyber Cold Wars involved everything. In today's world, Cyber Cold War has found a new weapon, the digital world. Yes, major security companies would straight away deny the claims of an ongoing Cyber Cold War but the truth clearly denies all their claims. The entire world is staring at the ugliest aspect of digitalisation.

After reviewing NATO assessments of Russian hacking operations and speaking to dozens of computer security professionals around the world, CNNMoney had enough audacity to declare that the cold war has moved online. However, many vendors still manage to woo a majority of people into believing that their product is good enough to keep them safe from all the aspects of a Cyber Cold War. They generate millions of revenue by taking advantage of people who are hardly aware of even the basic terminologies associated with understanding the current Cyber Cold War.

To understand whether or not we are in a state of Cyber Cold War, we first need to understand the basics associated with it. Once we get well acquainted with the basics, we can easily understand of what effect it will have on us and what measures can take to minimise those effects. Here are a few of the top basic terms one needs to understand to get a clear answer on the current state of Cyber Cold War.

Information Operation

In simple words, Information Operation or IO is defined as a set of well defined actions taken to hack into or affect someone's adversary information or entire information system while hiding one's own information. As per the definition in Joint Publication 3-13, IO is described as the "Integrated employment of the core capabilities of Electronic Warfare (EW), Computer Network Operations (CNO), Psychological Operations (PSYOP), Military Deception (MIDEC), and Operations Security (OPSEC), in concert with specified supporting and related capabilities, to influence, disrupt, corrupt or usurp adversarial human and automated decision making while protecting our own." This implies that the Information Operations have five key aspects, Electronic Warfare (EW), Computer Network Operations (CNO), Military Deception (MIDEC), Psychological Operations (PSYOP), and Operation Security (OPSEC). An understanding of these five aspects is good enough to understand the entire concept of Information Operations (IO). Here is a little briefer about what each one of them means and how they are actually executed.

1. Electronic Warfare

Electronic Warfare can be any action that involves the usage of electromagnetic spectrum or directed energy to control the spectrum, attack an enemy, or impede enemy attacks via the spectrum. The main intent of Electronic Warfare is gain control of the Electromagnetic Spectrum before the enemy does and thereby deny the enemy from taking any sort of advantage from it. The targets for EW can include anything from communication, radar, to any other services and can be executed via air, sea, land, or space. EW has three further subdivision; Electronic Attack (EA), Electronic Protection (EP) or Defence, and Electronic Warfare Support (ES). The use EM has gradually become universal in military operations, which has prompted EW to become a part of every aspect of the IO. As of now, an Electronic Warfare Coordination Cell has been established to ensure no country takes any advantage. A Joint Restricted Frequency List (JRFL) is also enlisted to specify protected, guarded, and taboo frequencies that should not normally be disrupted without prior coordination and planning. Equipment methods and tactics of EW are the EC-130E Airborne Battlefield Command and Control Center (ABCCC), The EC-130E Commando Solo, The EC-130J Commando Solo, and The EC-130Q Hercules TACAMO ("Take Charge and Move Out").

2. Computer Network Operations

Another one of the IO Core Capabilities, the CNO involves the detection of computer system vulnerabilities and thereby attacking those vulnerabilities of the opponents and defending those of their own through various developed computer technologies. With a rise in the usage of computer technology in most of the military forces across the globe, the significance of Computer Network Operations in IO has increased significantly. That rise also makes space for new vulnerabilities to develop in the computer systems which prompts the forces to identify and attack the computer systems of opponents and while defending their own systems. This also includes three subdivisions; 1. Computer Network Attack (CNA), 2. Computer Network Defence (CND), and 3. Computer Network Exploitation. Identifying the vulnerabilities and weaknesses of rival's computer systems and attacking the same to hijack their confidential information and computer system comes under the Computer Network Attack (CNA). The Computer Network Defence (CND) includes the process of identifying the weaknesses of one's own computer systems and implying measures to ensure that those weaknesses do not allow the enemy forces to breach into their systems. Using computer networks to gather data from the target or adversary automated computer system or network by enabling operations and intelligence collection capabilities is included in the Computer Network Exploitation (CNE) section. Stuxnet and Suter are two of the most popular equipment methods of the Computer Network Operations (CNO).

3. Psychological Operations

PSYOP is one of the longest aspects of the IO and plays a key role in achievement of the IO objectives in favour of the Joint Force Command (JFC). PSYOP can be conducted at the tactical level which can have large scale strategic effects. Thus, the usage PSYOP involves a lengthy approval process that considers the time taken to design, develop, and execute every stage of the PSYOPs. Timely execution of each step is a compulsion and thus planning out the entire execution strategy is a basic essential of PSYOPs. PSYOPs execution may also get revised if their are any minor/major error that are needed to be rectified before moving forward. Hence, the JFC needs to start developing the PSYOP well before time to make sure it gets completed on time. The effectiveness of PSYOP depends on the knowledge of the personnel about the language and culture of the TA. With the rise in usage of Internet, the PSYOP methodology has shifted from the conventional printed copies to facsimile messaging, text messaging and other emerging media. Most often, PSYOP is planned to influence the emotions of a selected population by conveying selected information and indicators to them. Its target can vary from a foreign individual to a foreign government. PSYOP is more like phishing on an extra large scale. Special Operation Media Systems - B (SOMS-B) is one example of proper PSYOP execution.

4. Military Deception

As the name suggests, Military Deception involves actions that are aimed to deceive the foreign adversary information system operators to make them perform actions that can help them accomplish their respective mission. MILDEC and OPSEC go hand in hand. While MILDEC provides false information to make the adversary system operator perform false analysis, OPSEC ensures that the real information doesn't reaches the adversary system operator. This is one aspect of IO that involves high usage of intelligence and proper planning and execution. The MILDEC planners must ensure that they firstly do not fall in someone else's trap while laying out their own plan. Secondly, they should solidly compete for getting the resources required for deception as well as for the real operation. Thus, it becomes necessary for the planners to develop the deception plan simultaneously with the real operation. It is more efficient and effective to come up with a false purpose for the real activity than actually creating an entirely fake activity. If the activity remains real, the adversary operators will be less susceptible about it. MILDEC planners are bound to understand how the  adversary commander and supporting staff think and plan and execute their plan. For instance, MILDEC planners can come up with a message that can fuel a rivalry between two key decision makers in the adversary staff. This will prompt the adversary board to plan a course of action and adopt a position that is more favourable for their opponents.

5. Operation Security (OPSEC)

OPSEC plays a key role in IO by denying the adversary system of the  real information required to correctly assess friendly capabilities and intentions. It, along with MILDEC, ensures that the adversary is misled to make decisions that are more favourable for the OPSEC planners. Apart from that, OPSEC also ensures that friendly capabilities are not compromised while exploiting the new opportunities and vulnerabilities such as the EW and CNO. For OPSEC to be effective, it is necessary for other types of security to compliment it. These include IA Programs, Computer Network Defence (CND), Physical Security, and Personnel Programmes that screen personnel and limit authorised access. What usually happens is information gets leaked, stolen, or hacked by the opponents which they can manipulate without the knowledge of adversary making the adversary believe the manipulated information to be the tea one. Military personnel may post photos on social media platforms or on their blogs which can allow the enemy's planners to identify the location of the personnel thereby determining the movement of the entire troop. Geo-tagging is the biggest threat that can lead to such a breach in the OPSEC.

Cyber Crime is on the rise and the Cyber Cold War is an evidence of its rise on a much more effective global scale. Information that we may not consider important is important to intelligence personnel from other countries. It is highly necessary to keep secure from all the cyber security threats to ensure we remain unaffected by the effects of a Cyber Cold War. For that to happen, the first thing that is supposed to be done is spreading cyber crime awareness amongst the masses. The above explanation is good enough to understand how and why the cyber cold war can involve us and how we can keep ourselves protected from it.

About Indian Cyber Army

Indian Cyber Army aims at making the Cyber world a better place, if not entirely safe, for everyone who uses it for the good. ICA's team of proficient ethical hackers and cyber crime experts keeps conducting seminars and workshops to spread cyber crime awareness amongst students, individuals, businesses, organizations, and other institutes. A dedicated panel of experts are available 24x7 for helping out people falling victim to any cyber crime through their cyber crime helpline number. In case you come up with any query or need any more information regarding the effects of a cyber cold war or any other cyber information, do reach out to us through the cyber crime helpline number displayed at the bottom of every page on ICA's official website.

The number of Internet users in India has been on the rise in the recent past and so has been the number of cyber crime cases. Every good thing comes with its own set of perks. The more we minimise these perks, the better experience we can get from any entity. Internet's importance in today's world needs no mention, everyone is aware of its seemingly endless usages. With its seemingly endless usages comes a seemingly endless world of cyber crimes. From risking human lives to fraudulently duping billions of money, criminals have found a way to execute all their evil crimes online. A little in-depth knowledge can make anyone capable of hacking into someone else's personal systems.

Victims of cyber crimes are mostly unaware of what is to be done after they've fallen prey to some evil trap online. The only things that can help them get justice are potential digital evidences. In the court of law, digital evidences are the only way how a victim can prove the cyber crime he/she has fallen prey to. However, not many people are aware of what exactly is included under digital evidences and to what extent it can be used in the court of law against cyber crimes. To explain the entire role of potential digital evidences in cyber crime investigation, we have come up with this little extract that tries to make digital evidences more potent in helping out cyber crime victims.

What Is Digital Evidence?

Before understanding anything else, we first need to understand what a potential digital evidence actually is. Any piece of evidence that is stored or transmitted in a digital form and can be used to prove a point is termed as a digital evidence. These include ATM transaction logs, video or audio evidences, computer printouts, computer backups, CCTV footages, databases, browser history, phone records, GPS location, e-mails, and everything else that has digital background. Just like any other evidence, the authenticity of digital evidences too needs a check. For checking the authenticity of potential digital evidences, digital forensic experts are referred. Based on what the digital evidence is, the court has the right to decide whether an original is required or a copy will be enough. In case of cyber crimes, it is most likely that digital evidences become the only solid proof as every step of the crime committed involves the usage of a computer.

What Is Their Role In Criminal Investigations?

A cyber crime cannot be committed without the usage of a computer system and at most times, Internet. Thus, the role of digital evidences in cyber crime investigations becomes the most important thing. It involves no physical evidences or eye witnesses, all it has for a record are digital logs and reports that are capable enough of rewarding justice to the victim. In case of an online fraud or scam through a phishing mail, the victim has to present a printout or the mail to the court of law which gets authenticated through the digital forensic laboratories before being considered as a digital proof. Once authenticated, further investigations are carried out and the criminal is traced by tracing the sender's IP address. Thus, from proving the crime to executing the criminal, digital evidences play a key role throughout the investigation of a cyber crime case.

Are Digital Evidences Reliable?

The biggest concerns with digital evidences are their vulnerability of being tampered easily. This doesn't hamper the reliability of digital evidences by any means. However, this gives a chance to the culprits to plot another plan and escape unscathed. In a recent case of online sexual abuse, the victim had presented proper digital evidence of the text/mail sent from the culprit that contained abusive messages initially. However, in the later hearings, the culprit tampered with the evidence and presented his side of digital evidences which showed that the messages were never sent. The victim ended up getting charged for filing a false case against a respected individual. This draws a big question mark on the credibility of digital evidences. Are they worthy of deciding justice for someone? Probably the answer still remains yes given they are the only way of proving a cyber crime. In the case discussed, it became difficult for the court to decide which digital evidence was real. There was another record of the conversation and that was with the service provider. Had the victim asked the court to extract that detail, the result could have easily been so different and that detail would most probably had been the original one. Thus, the court of law has formulated another set of instructions which are supposed to be followed before presenting the digital evidence. Anyone found presenting a manipulated digital evidence or is found tampering any digital evidence gets charged with Section 204 of the IPC and Section 65 of the ITA 2000/8 for destruction of evidence.

The final conclusion that can be drawn from this case is the fact that potential digital evidences are much more reliable only if used in a proper manner. The American Law Reports lists out a few proponents that help make the role of digital evidences more potent. It states "the reliability of the computer equipment", "the manner in which the basic data was initially entered", "the measures taken to ensure the accuracy of the data as entered", "the method of storing the data and the precautions taken to prevent its loss", "the reliability of the computer programs used to process the data", and "the measures taken to verify the accuracy of the program" should all be taken into consideration while involving a digital evidence into any criminal investigations. A few guidelines have also been laid by some top nations to ensure the reliability of digital evidences. The UK ACPO (Association of Chief Police Officers) Guidelines help them affirm the integrity and authenticity of any digital evidence.

Tampering with any digital evidence is considered to be a cyber crime. In India, the scenario is much more different than UK. Most of the people are hardly aware of the IT Act or what a cyber crime actually means. This renders the potential digital evidences more vulnerable and a bit useless for majority of India's population. To make the role of potential digital evidences more significant, it is necessary to spread cyber security awareness amongst the Indian masses to tackle cyber crime with relative ease.

Indian Cyber Army (ICA) aims at building a digital environment safe for everyone who enters it. It tries to spread cyber security awareness through its various programmes that educate people about all the cyber threats prevalent in the digital world. Anyone who falls victim to any cyber crime can easily reach out to ICA for help through their 24x7 cyber crime helpline number. Their highly skilled professionals remain available to help out everyone who reach out to them through their cyber crime helpline numbers.