Inside Cyber Warfare

Jeffrey Carr

Part 28

Report Chapter


Italy has expressed interest in setting up a Cyber Defense Command (CDC), and in May 2010 the Italian parliament's intelligence commission formally investigated taking such action.[159] Currently, the Italian cyber warfare and security operations are divided among the military, police, and government departments, without any real coordination or fusion. The end result is expected to set up two separate cyber divisions: one that handles foreign issues, and one that is more domestically focused. Like many other countries, the Italians are looking at the NATO cyber centers for a possible cheap alternative to setting up their own center.[160]

In August 2011 a group called the Anonymous Hackers for Anti Operation released over eight gigabytes of stolen files from the Italian National Anti-Crime Computer Center for Critical Infrastructure Protection (CNAIPIC). The files included correspondence indicating the CNAIPIC has been spying on Russian-owned government energy and defense industries primarily, but that Italy may have also gathered much of its Russian information from the Indian's Air Attache to Russia.[161]

[159] Tom Kington, "Italy Weighs Cyber-Defense Command," Defense News, May 31, 2010, accessed August 30, 2011,

[160] Ibid.

[161] Joseph Fitsanakis, "Computer hacking reveals Italian spying on Russia, India,", entry posted August 1, 2011, accessed August 30, 2011,


In June 2010 the Kenyan Internet Governance Forum (KGIF) proposed the formation of a national cyber security management framework. Citing the growing accessibility to Internet access and the attacks on critical national infrastructure in Estonia and Georgia, the proposed CERT would coordinate response to cyber security incidents at the national level.[162]

A year later the Kenyan government had set up a CERT as the first steps to a future cyber-combatting department.[163] The Kenyan CERT has partnered with cyber experts from the United States to help shape the newly founded departments.

[162] Vincent Ngundi, "Cybercrime, Cybersecurity and Privacy," East Africa Internet Governance Forum (EAIGF), July 29, 2010, accessed August 31, 2011,

[163] Lola Okulo, "Kenya: State Sets Up Cyber Crime Team,", July 26, 2011, accessed August 31, 2011,


Myanmar has long used cyber warfare capabilities to silence domestic political opposition. In 2008 the military regime used denial of service attacks on several opposition websites. The Defense Services Intelligence (DDS) set up the Defense Services Computer Directorate (DSCD) in 1990, which was then focused primarily on military communications, but it soon became more focused on information warfare.[164] In 2004 the service was disbanded as a result of the former prime minister and intelligence chief being arrested during a military coup. The DDS was later reformed as the Military Affairs Security (MAS), which took on the majority of the cyber warfare functions. The MAS reportedly received major a.s.sistance from Singapore, but many of the cyber experts in MAS received training from Russia and China.[165]

The military cyber warfare division surfaced again in March 2011 when it was tracked to the hacking of an exiles media website that routinely criticizes the regime.[166] The media website was also taken down in 2008, presumably by the MAS.[167] In the first quarter of 2011 Myanmar was the world's leader in received cyber attacks, not necessarily indicating that the MAS was at fault, but rather that hackers around the world are taking advantage of Myanmar's weak Internet security laws.[168]

[164] Brian McCartan, "Myanmar on the cyber-offensive," Asia Times, October 1, 2008 accessed August 31, 2011,

[165] Ibid.

[166] "Exile Website Hacked," Radio Free Asia, March 14, 2011, accessed August 31, 2011,

[167] Ibid.

[168] "Cyber war: Myanmar leader in attacks in 2011,", July 28, 2011, accessed August 31, 2011,


A very large contingent of NATO's cyber warfare capabilities rest in the establishment of NATO's Cyber Defense Center (detailed earlier in the section Estonia). In November 2010 NATO conducted its third cyber exercise dubbed The Cyber Coalition of 2010.[169] The exercise simulated cyber attacks against NATO and alliance members to test the response of the decision-making process, which was very similar to the Cyber Europe exercise that the European Union conducted earlier in November 2010. Currently, NATO networks are spread among several countries, many of which have not yet reached agreements on standard operating procedures for data sharing. All NATO members are not expected to reach similar agreements for NATO networks until 2013.[170]

Since the cyber attacks on the NATO member nation of Estonia, NATO has implemented quick responses such as the Cyber Defense Center, but it also has been working on a long-term policy concept that was formally agreed upon at the 2011 Lisbon summit.[171] The strategic concept includes many obvious realizations, such as the necessity of cyber defense to NATO's core tasks of collection defense and crisis management, but it also displays an absence of offensive-capabilities focus.[172] While these capabilities may not have made it to the uncla.s.sified version of the strategic concept, it is rather strange that none was mentioned. The current strategy is to build only cyber defensive capabilities, which is likely an attempt to streamline the ability to protect member nation networks against the already-developed offensive capabilities of adversary nations.[173]

[169] Warwick Ashford, "NATO gears up for cyber warfare with latest exercise," Computer Weekly, November 18, 2010, accessed August 31, 2011,

[170] Ibid.

[171] "NATO adopts new Strategic Concept," North Atlantic Treaty Organization (NATO), November 19, 2010, accessed August 31, 2011,

[172] Jason Healey, "NATO Cyber Defense: Moving Past the Summit," The Atlantic Council, June 24, 2011, accessed August 31, 2011,

[173] Jorge Benitez, "NATO and Strategic Cyber Capabilities," The Atlantic Council, July 15, 2011, accessed August 31, 2011,


The Dutch government released a cyber security doctrine in April 2011 that focuses on involving commercial interests and cooperating with international initiatives, as well as improving existing capabilities and creating collaborations with the private sector. The doctrine is short, and most of the proposed ideas are capable of being attained without major investment-if any at all.

*** You are reading on ***

One of the biggest takeaways is the establishment of two cyber agencies: the National Cyber Security Council and a National Cyber Security Center (NCSC). The NCSC will coordinate cyber security through all Dutch organizations and departments.[174] All involved parties will create a strategy, and the NCSC will execute those policies. The already-existing Cyber Security and Incident Response Team (GOVCERT)[175] will be incorporated into the NCSC. Absolutely no budget is allotted for this doctrine, which will challenge the effectiveness.

People's Republic of China

The People's Liberation Army (PLA) Science and Engineering University is the People's Republic of China's (PRC) center for information warfare (IW) training.[181] The PRC's Integrated Network Electronic Warfare (INEW) is the formal IW strategy that places intelligence-gathering responsibilities and network defense on the PLA's 3rd General Staff Department (Signals Intelligence) and specialized IW militia units. Since 2002, the PLA has created IW militia units that integrate personnel from the military, universities, and private sector information technology companies. Research and development in cyber espionage is considered a focusing strategy, according to the Five-Year Plan (20112015) by both the Chinese central government and the PLA.[182]

The Chinese government's ma.s.sive efforts to develop cyber warfare capabilities have created a growing cadre of cyber experts. China is increasingly finding that it is difficult to control and harness these experts and hacktivists.[183] Chinese citizens who are designated for cyber warrior training are first sent to military inst.i.tutions in an attempt to nationalize and promote loyalty within the warriors.[184] In May 2011 China announced that it had established a "Blue Army" division, a cyber command unit of 30 initial members who were recruited from existing PLA soldiers, officers, college students, and experts from the private sector.[185] The unit's formation contrasts the PLA information warfare concept, which harnesses the hacktivists and existing cyber experts instead of establishing a military operations command.[186] It is likely that the Blue Army division will serve as a coordinating and focusing element to the largely diverse hacktivists networks.

The PRC's and PLA's cyber offensive capabilities are slightly divided. The government's focus on hacktivists and other a.s.sets is to further the economic and technological successes through the use of cyber espionage, as well as to quell or silence political dissenters.[187] The military, on the other hand, is more focused on obtaining technology or cyber warfare capabilities to disable enemy communication networks with one swift blow. To obtain this evolving piece of attack code or tools, they have utilized hacktivists and other organic cyber experts to steal or develop these capabilities.[188]

[181] Deepak Sharma, "China's Cyber Warfare Capability and India's Concerns," Journal of Defence Studies 5, no. 2 (April 2011), accessed August 29, 2011,

[182] w.i.l.l.y Lam, "Beijing Bones up its Cyber-Warfare Capacity," The Jamestown Foundation: China Brief 10, no. 3 (February 2010), accessed August 30, 2011,[tt_news]=36007.

[183] Sean Noonan, "China and its Double-edged Cyber-sword," Stratfor, December 9, 2010, accessed August 30, 2011,

[184] Ella Chou, "US-China Cyber War Scenario in the Eyes of a Chinese Student," The Atlantic, February 8, 2011, accessed August 30, 2011,

[185] Leo Lewis, "China's Blue Army of 30 computer experts could deploy cyber warfare on foreign powers," The Australian, May 27, 2011, accessed August 30, 2011,

[186] Dancho Danchev, "People's Information Warfare Concept," Mind Streams of Information Security Knowledge, entry posted October 5, 2011, accessed August 30, 2011,

[187] Tim Hudak, Zach Krajkowski, and Anthony Salerno, "Chinese Cyber Focus Likely On Enemy Military Networks; During Preconflict, China Likely To Use Cyber Attacks To Disrupt Enemy Infrastructure Using All a.s.sets," Wikis.p.a.ces, accessed August 30, 2011,

[188] Bryan Krekel, "Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation," Northrup Grumman, accessed August 30, 2011,


Poland is intending to play a leading role in the NATO multinational cyber defense initiative that is to be up and running by the end of 2012. The cyber defense capabilities will be structured under the NATO C3 Agency, which is responsible for delivering C4ISR to NATO operations. In March 2011 NATO C3 Agency's General Manager Georges D'hollander commented that "Poland is renowned for its cyber defense expertise."[189]

*** You are reading on ***

Popular Novel