Cyberattack: The Invisible Threat
When one tries to think of threats at a community or an individual level, the notions of security concomitantly flood in the mind, thinking of all kinds of security measures, ranging from traditional notions of security to non-traditional notions of security. Since, the threats evolve with the time and new threats, subsequently give rise to new problems both to individuals and masses, the need for new forms of security is needed to curb and minimize the effects of such new threats. You all might have heard about poisoning the water supply of the Florida city where hackers gained access to the city’s water supply system and tried to mix harmful chemicals into it. This was an ‘invisible’ attack where no person was physically present and everything was done remotely. The chemical which was intended to mix is called sodium hydroxide and is used to control the acidity of the water but dilution of more from the same can poison the water. Several attempts were made by the hackers to poison the water but none were successful. Another dominant ‘invisible’ cyberattack that people cannot forget is the Ransomware Attack where billions of dollars were paid to hackers in the form of ransom to restore the computer's sensitive data and files. If I may ask you about some kinds of threats and risks that persist in our world, some of you would broadly categorize the risks in five categories namely, environmental risks, economic risks, societal risks, geopolitical risks and lastly, technological risks. With all such major threats already existing in our world, human survivability comes into danger when the support from machines and technological devices turns into danger.
Suppose if someone enters the territory of another
country and willfully indulges in illicit activities, then under various rules
and norms that person, if caught, is executed. Moreover, fraudulently, if
he gets any data, sensitive in nature, such a situation can escalate some form
of war (may be cold or hot in nature) between the two countries. But suppose
that data or any sensitive information goes in the wrong hands, undeniably it
can create situations of real havoc. People cannot forget the Paris G 20 summit
held in 2011, where hundreds of computers were infected with a malicious file
sent via email culminating in the access of confidential data of the summit to
unknown entities. The Aadhaar data leak in India in 2014 and subsequent years
had risked the privacy of millions of people. Hacking and interference with the
US presidential campaigns in 2016, cyber-attacks on Ukraine in 2017 are other
few instances from the long list. To prevent aforementioned physical or cyber
intrusion, palpably, all countries take adequate security measures. As I
already mentioned, threats evolve with time, so the referent.
Cyberspace, according to the U.S. Strategic Command is “a Global domain within the information environment consisting of the interdependent network of information technology infrastructures, including the Internet, Telecommunications networks, computer systems and embedded processors and controllers” (US Strategic Command 2009,8; Richelson 2016). Undeniably, this domain too has equivalent standings as others like air, water and land. In cyberspace, as the debates suggest, the sources of any threats can emerge from physically or environmentally or in any other forms induced and managed remotely by digital interference. Few States’ potential and advancement in the digital world can act as a source of threats to others. To understand it unambiguously, it can be framed as possession of nuclear weapons by some states which in turn act as threat to others. Any kind of misunderstanding and miscalculation can result in serious repercussions. The referent will ostensibly be, if defined unidirectionally, the users and networks but multi-directionally, it would cover a state or states and their sovereignty.
Imagine, while moving the lens from small scale
cyberattacks like digital frauds, privacy violations, personal data leakages
and breaches, to the most essential and critical infrastructures such as
attacks on Hydroelectricity dams, Nuclear Power Plants, Hospitals and its
machineries, Electric Grids, Chemical Industries etc. Attacks on such critical
infrastructure can create havoc and loss of life. Government data is extremely
valuable to hackers, supported either by opposition parties within a county or
any rival countries. Undoubtedly, when it comes to the purpose of security for
the countries, it becomes absolutely necessary to protect their data,
information networks and various valuable and sensitive databases from getting
compromised and harmed. Both safety and survivability of individuals and the
state is prone in such a situation. Moreover, possibly the data breaches of
some sensitive information and hacking to critical infrastructure as mentioned
can escalate the problems globally and threaten all the states. This might also
increase chances for full-fledged war. Probably, that is one reason that states
never have indulged in a full Cyberwarfare since there exist some sort of
deterrence in Cyberspace too.
Arriving at the means of securitization, this can be
an individualistic or collectivistic approach where if any individual’s
security is in danger he can reach out to cyber experts. But if cyberattacks
threaten the sovereignty of any state from within or outside the country by
targeting its critical infrastructure and sensitive information, then air
gaping (disconnecting devices from any network or internet) targeted systems
and computers would be suitable. Unfortunately, few countries (mainly
authoritarian in their nature) under the name of protecting national security
and sovereignty, exploit cybersecurity laws. Strict imposition of surveillance
on people, hidden keywords-based censorship on online contents, and espionage
for their personal use on citizens as well as people outside the borders are
few ways by which people’s political and civil rights are curtailed. The state
becomes the guarantor (and exploiters in some authoritarian regimes) for
providing security from any sort of cyberattacks and digital threats arising
from both domestic and foreign land. Cybersecurity cells are established to
keep a check on all unlawful activities.
References :-
- “What
Is Fraud Detection? Definition, Types, Applications, and Best ..” n.d.
Accessed February 4, 2022. https://www.toolbox.com/it-security/vulnerability-management/articles/what-is-fraud-detection/.
- Park,
Donghui, and Michael Walstrom. “Cyberattack on Critical Infrastructure:
Russia and the Ukrainian Power Grid Attacks.” The Henry M. Jackson School
of International Studies, March 15, 2021. https://jsis.washington.edu/news/cyberattack-critical-infrastructure-russia-ukrainian-power-grid-attacks/#:~:text=In%20February%202016%2C%20U.S.%20Deputy%20Energy%20Secretary%20Elizabeth,companies%20was%20attacked%20from%20Russian%20Internet%20networks.%20.
- Malwarebytes
Labs. (2021, February 10). Hackers try to poison Florida City’s drinking
water.
https://blog.malwarebytes.com/hacking-2/2021/02/hackers-try-to-poison-florida-citys-drinking-water/
- “Was
It Stuxnet 2.0? Cyberattack on Iran’s Natanz Nuclear Facility”, n.d.
Accessed February 5, 2022. https://cisomag.eccouncil.org/cyberattack-on-iran-nuclear-facility/.
Comments
Post a Comment