The Analysis of the Situation that Happened in the Republic of Georgia
Modern society has adopted a global village way of sharing information, which has been enhanced by the advancement of technology. The integration has been enhanced by the advancement of information technology and as a result, a lot of vulnerabilities have come up, which may cause dangerous consequences. Cyber warfare is one of the mechanisms that can be applied to exploit the vulnerabilities and the results would be devastating to any country or organization under cyber-attacks (Andress & Winterfeld, 2011). The popularity of cyber-attacks has risen to an extent of the military platforms creating software programs to be used to attack opponents in the battlefield. For example, the most current cases of cyber-attacks are those of Georgia and Estonia, which serve as a sign of development of a new warfare form.
In the year 2007, Estonia experienced attacks of its networks in the main agencies of the government, including the legislature, financial networks, and the presidency. The same case happened in a year, when the Republic of Georgia was subjected to similar attacks. Speculations suggest that the aim of the attacks was to benefit the Russian Government in the political front (Knake, 2010). The Russian Government claimed responsibility and also declared that the attacks formed a new period of network attacks, which were named Cyber War. Many other countries have used computers to stage attacks to the networks of other countries, but the cases of Georgia and Estonia stand out because the attacks have been aimed at politically benefiting the Russian Government (Dunham & Melnick, 2009). The Russian Government wanted the attack to act as punishment to both countries. The attack lightened the whole world to the notion that a new weapon of an attack for economic and political benefits had risen in the form of cyber warfare. The weapon is cheaper compared to other forms of warfare due to the costs involved, and an ability of attackers to deny the attacks once they get detected.
The current research paper analyzes the situation that happened in the Republic of Georgia to identify the vulnerabilities in such attacks, impacts of the cyber-attacks, and security measures of controlling and mitigating such attacks. In light of the above situations of attacks to the Georgian Government, it is evident that cyber warfare is emerging as a new better option of waging a war due to its effectiveness and the ability of the offender to deny responsibility in such attacks (Knake, 2010). Therefore, the United States Government should be more aggressive in terms of offense and defense to ensure that it is at the forefront in this new form of war.
The United States Department of Defense has not yet provided a clear definition of the term Cyber Warfare but the general definition is the use of computers and related technology against another country to manipulation of the activities of that country. The aim of such an attack is to degrade, damage, or deny informational sources to the state with an aim of enriching the offender’s political strategy or negatively affecting the political structure of the country under attack. Such an act is usually conducted by a state, organization or individual (Dunham & Melnick, 2009). The main distinguishing factor between cyber warfare and cyber-criminal activities are that cyber warfare is motivated by political desires. In the current world, cyber-attacks can cause more damage than physical attacks as evidence by Condoleezza Rice, former United States Security Advisor who stated that it is important for the United States to devise mechanisms of defending itself from network related attacks (Voeller, 2014).
Exclusive savings! Save 25% on your ORDER
Get 15% OFF your FIRST ORDER + 10% OFF every order by receiving 300 words/page instead of 275 words/page
In modern world, the economy is usually driven through cyber activities because every important service such as transportation, finance, energy, and health activities are usually governed through cyber activities (Gariff, 2012). All the services rely on computers to efficiently operate and corruption of such networks halts the service delivery leading to disruption of the free flow running of a country. Cyber terrorism is different from Cyber Warfare based on the intent of two activities. According to the Federal Bureau of Investigation (FBI), cyber terrorism is a computer based activity to manipulate the information systems to create a state of confusion with the purpose of influencing the population to adopt various ideological ideas, may they be social or political. Therefore, cyber terrorism concentrates on spreading an ideology beyond many countries, while Cyber Warfare concentrates on manipulating the systems of a particular country.
Reasons for Employing Cyber Warfare
The main reason of many countries employing cyber warfare as a tool to attack other countries is due to the associated low costs of the method. Moreover, due to a vast number of services and national operations going online, it is possible for such attacks to be effective. Cyber warfare activities are also popular because the state initiating the cyber-attack can easily deny responsibility for such attacks. Cyber Warfare can also be applied as a strategy aimed to physically weaken the enemy because it can destroy the enemy’s military system and organization making the enemy more vulnerable (Andress & Winterfeld, 2011). An attack that is successful can create an atmosphere of uncertainty within the military ranks of a country thus creating an opportunity for attacking the opponent.
Ways of Cyber Warfare Attacks
There are different methods by which the attacks can occur in a country. Cyber warfare can be initiated in five different ways. They include disruption of websites, creation and spreading of propaganda, conducting espionage, gaining control of critical information, disruption of military operations of the opponent, and the attack to important infrastructure of the enemy (Gariff, 2012). The attack on Georgia is a demonstration of two methods, namely disruption of websites and spreading of propaganda. In Georgia, hackers from Russia manipulated many websites and went ahead to use the Internet as a way of waging a campaign of information. The attacks also had a trace of destruction of infrastructure because the Georgian Government could not perform its services effectively due to the disruption of the communications systems (Knake, 2010). The United States military is known to conduct internal tests of cyber-attacks in order to find solutions to the attacks.
Case Study: Georgia Attack
The attacks occurred in 2008 and the blame of the attacks went to Russia. The attacks were well organized and happened before a military action attack in the country. The attack involved manipulating the local websites through denial of service which entailed the websites shutting down after receiving an excessive number of requests. Many of the culprit websites had military connections and value, and many of them were being run by law enforcement bodies (Ashmore, 2009). The attack involved attacks on emergency services. The service’s servers were shut down consequently each at a time leading to confusion in the police force when responding to emergency cases. Denial of service also occurred on the websites serving the President, Defense Ministry, and other major organizations that were influential in running the country (Gariff, 2012). Military websites were not spared as they were hacked and the Russians obtained crucial information from the military websites.
The places where most attacks were initiated were Moscow and St. Petersburg, and they had links to the Russian business empire. The organizers also ensured propaganda prevailed by posting every detail of the attacks on various blogs using Russian language. Organizers also used direct links to aid the hackers in their attack (Hollis, 2011). The main website that assisted the hackers by providing utilities was Stop Georgia; it contained websites that were highly targeted (Ashmore, 2009). The targeted websites included government corporations and agencies, and the Embassy of America. Apart from providing crucial information concerning the target websites, the website also provided a utility by the name Do SHTTP that made an attack simple, which could be done by just a click on a provided address and also ensured that the hackers could monitor attacks. Stop Georgia also showed the targets whose attacks were ongoing, the successful attacks, and those that were not successful.
A few hours after the cyber-attacks, the Russian Government initiated physical attacks through bombs and aircrafts. The bomb attacks happened approximately a day after the cyber-attacks. After the aircraft attacks, the Russian Government sent tanks to Georgia, citing that their purpose was to enhance peace keeping in Tshkinvali. The websites of major government agencies were denied access to the effect that outsiders could not access any of the attacked websites. In retaliation, Georgia filtered the sites in an effort to block the malicious activities from the Russians (Ashmore, 2009). The Georgian Government was forced to create another site in which it would deliver its services. Consequently, a major news site named Civil.ge followed suit to claim that the main website was under attack. The temporary website enabled the Georgian government to maintain communication with the other friendly countries. The Georgian Government operated major government websites through the United States servers. As a consequence, the United States servers were also subjected to attacks.
The effects of the attacks were mainly the disruption of communication systems because the Russians were able to obtain crucial strategic information especially concerning military operations. However, the effects were not as devastating as those of cyber-attacks to Russia because Georgia does not rely heavily on information technology. The main evidence supporting the statement that Russia was behind the attack was the fact that military actions were carried out hours later after the cyber-attacks (Ashmore, 2009). A security researcher by the name Jart Armin also researched this issue and found out that a lot of traffic in the Georgian websites were routed from servers situated in Russian and Turkish cities. Although Georgia was not impacted significantly by the attacks, the Russian military was able to obtain crucial information on various military intelligence reports. Russian military also benefited because Georgian military was destabilized due to an interrupted communication system making it easy for the Russian to stage a military attack on the country without much retaliation (Gariff, 2012). As a result, Russian forces were able to penetrate to South Ossetia with ease leading to increased friction and war in the region.
The Russian Government also pursued the aim of degrading the military infrastructure of Georgia and this was necessitated by the government acquiring critical information from Georgian Government servers which made it possible for Russia to win in the Tskhinvali battle (Hollis, 2011). The experience gained by the Georgian Government from the Estonian attack fourteen months later was very crucial in helping the country recover its services and resume normal operations. The earlier experience made it possible for the Georgian network experts to reach into the international security community and by collaborating with NATO Cyber Defense Center, Georgia was able to defend some of its networks (Hollis, 2011). The cooperation from the international community and Georgian Government helped the country to get back on its feet and also defend some of its networks from attack.
Analysis: Vulnerabilities, Advantages, and Policies
There are a lot of lessons that can be learnt from the cyber-attack on Georgia. Firstly, the attacker in a cyber-attack usually has an advantage in almost all aspects because the defender is usually caught unaware. Secondly, it is irrelevant on who the attacker is because the effects of a cyber warfare are the same and it is usually up to the defender to react appropriately to reduce, mitigate and eliminate the attacks (Carr & Shepherd, 2010). Lastly, the attacks show that there is a need for cooperation between governments and other organizations in order to conquer the cyber-attacks. The cooperation is important because the attacker has the initial advantage compared to the defender due to the element of surprise.
There are many advantages that an attacker usually has. Firstly, making a cyber-attack prompt the defender to respond and in most cases, the defense mechanisms are usually anticipated by the attacker. The attacker also possesses the freedom of staging the attack at the preferred timing and place of choice, leaving the defender with no other choice than to defend themselves (Hollis, 2011). The attacker is also at a financial advantage because one can use a single computer to make an attack, but the defender must use resources to defend the whole network system making it more costly. As a result of the above, it becomes cheaper for the attacker. Another advantage is that the attacker determines the scale of an attack and makes an attack to the desirable variations depending on the attacker’s aims. The attacker can also perform the attack himself or involve other parties such as hackers which leads to flexibility in terms of magnifying the attack, according to the desires of the attacker (Knake, 2010). The last advantage results due to lack of international laws, especially from international bodies such as the United Nations that govern cyber-attacks and related cyber offenses. The rules available on cyber related offences are usually ambiguous meaning that their application is difficult.
The debate on the actual aims of Russia on the attacks is ongoing, but it is irrelevant because the issue that should be of concern is how such attacks can be prevented in future. It does not matter who initiates the cyber-attacks because the fact is that the attacks have devastating effects to the party being attacked. The main motivating factors in conducting the attacks are ongoing conflicts between rival states and the conflicts may be social or political (Carr & Shepherd, 2010). The attacks can also be brought about by the selfish desires of various governments or organizations. Similar attacks were experienced between the Chinese and Americans due to a conflict between the military of the two states. Such incidences show that such attacks are possible in future and there is a need for mechanisms to ensure that the attacks do not happen again.
Implications of the Attacks to the United States Military and Possible Solutions
Information technology is an ongoing process in terms of its evolution and the pace will even continue to be higher. As a result, it will be more complex and vulnerable in terms of military operations due to the development of new systems and their incorporation in the modern warfare activities. Modern communication systems enable military supervisors to gather intelligence information at a higher pace leading to greater proficiency in war activities (Carr & Shepherd, 2010). Due to the fact that the military is becoming more reliant on the information technology to perform its operations, there arises a vulnerability because any interruption on their systems may halt all the operations of the military. Some of the competing nations in China and Russia have noticed that the United States’ strength in the military is necessitated by the network integration aimed at facilitating warfare and as a result, the two countries establish measures to act as a counter to the strengths.
As a result, the United States needs to take the issue concerning cyber warfare seriously to ensure that the country’s military is better situated offensively and defensively (Stapleton-Gray & Woodcock, 2011). The United States military is disadvantaged on matters concerning Cyber Warfare mainly due to the size of the Global Information Grid (GIG) that entails the network of the Department of Defense. The network entails many computers leading to the increased chances of vulnerability. Another challenge occurs because the United States is a superpower (Andress & Winterfeld, 2011). The status brings a moral obligation with it, meaning that the country cannot engage in cyber warfare activities because such activities can affect negatively the reputation of the country. However, it does not mean that the country cannot adopt offensive strategies because such strategies usually deter enemies due to their knowledge that the United States is capable of performing such attacks.
If the country does not invest in offensive strategies, it risks losing its grip in terms of its military strength due to lack of investing in the new arms race. However, development of such offensive programs has some negative effects that accrue to them with the main one being the negative international publicity. However, because there are no international policies and rules governing the Cyber Warfare activities, the United States must embrace the notion that opponents will take advantage of the loophole to engage more in such activities and therefore, the country should not be left behind (Sweet, 2014). The United States must also be aware that such attacks can come from anyone, including unfriendly nations, individuals, or organizations. If any government identifies that there is a threat to its political, economic, and social stability, then it is the role of the government to develop strategies that would eliminate such risks.
Because of the ease of deniability of Internet attacks by many states, the United States should make necessary preparations to target the nations initiating the attacks by the use of different methods. The government of the United States can also initiate diplomatic means to pressure the governments that house hackers and organizations with malicious intentions in regard to other countries (Dunham & Melnick, 2009). The Department of Defense can also initiate a process of reviewing its personnel to retain those with the required skills to initiate both offensive and defensive mechanisms adopted by the government. The Department of Defense should also change its recruitment methods which usually entail contracting personnel with cyber expertise instead of permanently employing them (Andress & Winterfeld, 2011). The department should create an Additional Skill Identifier (ASI) which will form a basis of testing and retaining deserving talent. Lastly, the department of defense should collaborate with other government agencies and departments to seal off all the vulnerabilities that may pose a problem in case of an attack.
Cyber warfare is a new way in which many states are waging wars and with the United States being a superpower, the new type of warfare poses a threat to the country. In the past, Cyber Warfare had been used to send political messages to other countries, but the warfare has risen a notch higher and many countries are adopting it instead of the actual physical war. Therefore, the United States military policy needs to undergo revision to ensure that the information technology is integrated (Dunham & Melnick, 2009). The United States needs to develop a program that caters for all Cyber Warfare aspects including the aggressive programs aimed to defend and offend if such a need arises. The country lacks a national policy on matters concerning Cyber Warfare and the country does not have an integrative framework that ensures the coordination of all government agencies. As a result, the United States is under the threat of cyber-attacks and any attacks could have devastating consequences to the country.