Cyber Space: Twin Fold Motives

Simran Kothari

June 24, 2020

10 MIN READ

Cyber Space: Twin Fold Motives
  • 3
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    3
    Shares

The impact of cyber-attacks on developed and emerging countries are alike. In this article, we shall focus on how the Industrial Control System (ICS) could be hacked even when tightly air-gapped.

The air gap does provide a certain level of protection to the nuclear plant, as in the case of Kudankulam Nuclear Power Plant (KKNPP) but the gap does not safeguard it entirely.

The case of KKNPP is possibly conducted by Lazarus Group whose activity and IP address could directly be linked to North Korea.

There are many reasons why a group may want to have control over India’s nuclear program, and at the same time, there are various reasons to not believe that this activity is done by a nation-state, particularly Korea. India is one of the few countries to have good diplomatic and trade relations with North Korea.

Over the last few years, cybersecurity has been an issue of grave importance for both developed and developing nations.

In the previous week, the coincidental shutdown of one of the plants led to speculations that the two were connected.

Generally, cyber-attacks as suggested by the history, have been conducted by the nation-states or the coalition of nations in order to ensure superiority over the nation being threatened.

The initial official response from the plant authorities refuted these reports. Subsequently, officials from other agencies, including the Office of the National Cyber Security Coordinator (NCSC) confirmed these reports, and the Nuclear Power Corporation of India Limited (NPCIL), the parent body responsible for running nuclear power plants in the country, issued the official press release giving out limited yet important information.

Press release stated that the infected computer was solely used for the administrative purposes and no leakage of sensitive information was reported with this breach

As technological advancements increase, there is an elevated threat of being targeted by cyber-attacks on both individual and national levels.

Generally, cyber-attacks as suggested by the history, have been conducted by the nation-states or the coalition of nations in order to ensure superiority over the nation being threatened.

Kudankulam: One incident, Many facets (Samuel C and Sharma M, 2019) highlights the brief issues of cybersecurity with regards to nuclear and energy security of a country.

Though it is not a comprehensive analysis, it does provide an insight into the world of cyberspace and espionage and their interplay in the present and the scenarios one can expect shortly.

The Internet remains a space which can be accessed by all the nations. Space is mostly used for constructive purposes but with modern times, the purpose of the internet has changed.

Stuxnet still remains a prime example to show how even the most advanced air-gapped could be breached and how cyberspace can be easily used by individuals, groups or nation-states to penetrate the country to either attack or simply keep a track on the activities of a particular nation.

Cyberspace is a space that is open to all and till now, a structure hasn’t been formulated to govern that space. Moreover, the malware does not reach to main systems but even an attack on a personal computer connected to the IT network which has day-to-day administrative information can be a threat to the whole nuclear plant.

Since, business-sensitive and classified information traverses over IT networks, and are stored and processed over IT systems, they are an obvious and a soft target to gather sensitive information.

It could further be used in perpetrating malicious and hostile acts that could disable, destroy or compromise the computer resource critical to the security or safety of the facility or it could simply be used for R&D of some other nation.

The Internet remains a space which can be accessed by all the nations. Space is mostly used for constructive purposes but with modern times, the purpose of the internet has changed.

Dark web and space are used as a weapon to threaten the very sovereignty of the nation. The fact that it could infect ICS which might have a deeper impact on the plant shows how simple malware can make the whole system vulnerable and exposed to greater risks.

Countries today, are more vulnerable as the internet is an open space and is accessible than ever. Countries are now capable to go beyond traditional means to assert their authority and are inclining towards more creative and unimaginable ways to win the race of balance of power.

Espionage and secret operations have been a culture of countries from the 18th century onwards but now, while the purpose remains the same, ways have changed.

Global commons, like, internet followed by cyberspace have taken drivers set in this modern way of warfare. The case of KKNPP proves to be a great example to study how the internet and something like malware or virus which was often overlooked, can disrupt the entire structure and is an issue of the rigorous investigation if found in critical areas.

It also portrays how countries will be bent over backward to make sure they stay in that power or elevate their existing position in the power hierarchy.

Although the KKNPP provides very little information in terms of espionage, it hints that that may be the operation ran deeper and was intended at something wider, KKNPP was just one of the points where it was detected.

In the contemporary era, looking for solutions and providing solutions is undoubtedly a much more intense task and it is getting difficult to look for solutions with each passing day.

The international community needs a greater and more efficient approach in restricting this space which is offering more negatives than positives.

The only proactive approach would be the need for stringent measures such as mass surveillance on the dark web and opting for cognizance of the new threat vectors. Countries do not directly participate but rely on third-party vendors to get their work done effectively.

Naturally, they do not want to be blamed in the interconnected world and pay the price of economic, social and political marginalization.

Countries like the US, accomplished enough to identify “redlines” for appropriate and unacceptable cyberspace activity, the key to punishment for dissuasiveness, have struggled in dissuading attacks against its cyber-infrastructure.

The principle of dissuasion needs to be more updated to make it workable in cyberspace. International cooperation on this particular issue has been rather talked about in books and is practically non-existent in practice.

The international community needs a greater and more efficient approach in restricting this space which is offering more negatives than positives.

Cyber-attacks may increase the risk of military escalation. Since the recent Kashmir crisis, there has been an increase in Pakistan’s cyber-attacks on India. Indians have also responded with their own cyber operations against Pakistan.

But even when restricting something as common as the internet will be followed by debates on freedom and access to knowledge.

There needs to be a consensus on what to do with the attackers and the nation-states if and when found guilty to set an example for the community as a whole.

While the Kudankulam attack did not cause damage to critical systems or, apparently, affect reactors, it revealed that India’s cyber defenses are based on outdated principles such as the air gap strategy.

Early denials by NPCIL officials suggested a sense of complacency about cyber defense, which means that India’s critical infrastructure is vulnerable to attack.

Cyber-attacks may increase the risk of military escalation. Since the recent Kashmir crisis, there has been an increase in Pakistan’s cyber-attacks on India. Indians have also responded with their own cyber operations against Pakistan.

Given the low threshold of military escalation between India and Pakistan and the high potential for escalating from cyber to the real world, India may wish to treat the Kudankulam attack as a wake-up call to its vulnerable cyber defenses in nuclear installations and other critical infrastructure.

(Simran Kothari is a Post Graduate student at Symbiosis School of International Studies, Pune, India)

(Nepal Institute for International Cooperation and Engagement (NIICE), Nepal’s independent think tank, and Khabarhub — Nepal’s popular news portal — have joined hands to disseminate NIICE research articles from Nepal)

Just In

0