21st century: Wars turn to technologyJan. 29, 2010
By Caty Hirst
The Internet offers a plethora of services from networking sites to online banking to the latest in breaking news. Along with all the services the Internet has to offer comes a host of vulnerabilities, ranging from cyberwar to identity theft.
Cyberwar, one of the more extreme examples of cybersecurity, is conducted by using computers and the Internet to infiltrate government, financial or other networks. According to Dr. Brad Thayer, a political science professor, cybertechnology is a new and unavoidable component of warfare.
Dr. Randal Vaughn, professor of information systems, said one of the most dangerous aspects of a cyber-attack is that the source cannot be positively identified.
"It is really difficult to implicate anybody when a cyberincident occurs because there are no geographic restrictions with computers," Vaughn said.
For example, although the Chinese government has been accused of the recent attacks on Google, Vaughn said this can't be confirmed because expert hackers can take control of a computer from thousands of miles away.
In addition, the type of attacks range across a large spectrum.
Jon Allen, an information security officer for Baylor, said as technology continues to influence more areas of life, more areas will be affected by cyber-attacks.
"We are connecting everything. We are taking infrastructure and tying it to something that really it wasn't designed for," Allen said.
Most experts agree that the only way to be completely safe from a cyber-attack is to unplug from the Internet.
"A secure computer is one that is turned off and run over by a Mack truck," Vaughn said.
Vaughn said the possibilities for cyber-attacks are endless.
"It's kind of like thinking of everything that could go wrong and then add more," Vaughn said. "You could take out a hospital room, take out nuclear power plants, open flood gates, etc."
According to an article in the Journal of Universal Computer Science, approximately 2,800 power plants, 2 million miles of pipelines, 104 nuclear power plants, 80,00 dams, 1,600 water-treatment plants and 60,000 chemical plants in the U.S. operate on Internet networks.
Thayer said a cyber-attack could accompany a traditional military attack, precede a traditional military attack or it could stand alone.
Thayer cited the cyber-attacks on Estonia in 2007 as an example of cyber war without the traditional military invasion and the cyber-attacks on Georgia in 2008 as an example of cyberwarfare that accompanied a traditional military attack.
Although the predominant opinion is that the Russian government was behind the attacks on Estonia and Georgia, Vaughn said experts can never be completely sure.
The United Sates was attacked in 2003 by a group of hackers known as Titan Rain, according to Time magazine. The hackers managed to gain access to the networks at Lockheed Martin (an aerospace corporation), Sandia National Laboratories, Redstone Arsenal and NASA. Although the group was traced back to the Chinese mainland, the source of the attack is still uncertain.
"[Cyber war] is now part of warfare, this is now normal," Thayer said. "Most conflicts in the future are going to have this component to them. It is a new weapon in intelligence wars."
Vaughn said that although he is hesitant to use the term "cyber war" because he typically sees war as a more traditional military attack, he acknowledges that cyber war meets the 'BTKP' definition of war: Break things, kill people.
"Not every attack is a cyberwar and we have attacks going on all the time which are done by hackers or people who want to be considered hackers," Vaughn said.
For example, the Oklahoma Tax Commission was attacked Wednesday and individuals are victims of cybercrime on a daily basis.
Allen said Baylor is campaigning for more user awareness to prevent cyber-attacks on Baylor faculty and students. He said many people are under the misconception that anti-virus ware will protect their computers from all attacks, even though it does not.
"It's a false sense of security," Allen said. "Just because people have anti-virus, does not mean they cannot get a virus."
Allen also said people need to be careful about the information they share, protecting their passwords, visiting unknown Web sites and opening attachments.
"A few years ago we could have said, 'As long as you don't download something to your computer you're safe.' Now its pretty common to get a virus by just going to a web site," Allen said.
Vaughn said another huge problem in cyberspace is banking networks, which are constantly being hacked.
"It happens in real time," Vaughn said. "Constantly. Someone is hacking a bank right now, but there are all forms of attacks. People are trying to get direct access to bank networks right now. Cybercriminals are taking money out of someone's account right now. Twenty-four hours a day, 7 days a week."
Vaughn said one way to defend against cyber-attacks in banking is to have a personal computer specifically for banking. Do not use e-mail, surf the Web or go to online social networking sites on that personal computer. He acknowledges that most individuals won't do this but stresses that companies and universities should.
Vaughn said not to open attachments even from people you know, unless you have confirmed they sent it. Don't fall for the 'too good to be true' scams and buy good anti-virus protection.
Thayer said social networking sites, like Facebook and Myspace, are especially dangerous to users because of the personal information people are releasing into cyberspace.
"Technology has allowed criminals to exploit victims and stay ahead of police," Thayer said. "The responsibility is now on the individuals to be careful."