TEL AVIV: We are in the midst of a new wave of digitalization. The turn of the century ushered in the latest and greatest in advanced technology thus, catapulting us farther into the digital Information Age. But along with e-trade, mobile transaction, and social media networking come sophisticated hackers armed with updated breaching techniques and crippling cybernated viruses of equal or greater proportion.

For the security and defense industries, this caprice into the digital era is a game-changer. New technologies are revolutionizing modern-warfare and yesterday’s sabotage and espionage tactics of intercepting pigeons and jamming radars have been replaced with cunning DDoS (Distributed Denial of Service) attacks, identity theft, compromised e-mails, leaked intelligence, worming, and other Malware. Experts note that cyber offensives occur globally at an astonishing rate of 500 million attacks per second and with hyper-connectivity becoming the norm both military and civilian sectors are at risk. As reports surface of sharp increases in the number of data network raids emanating from Russia, China and North Korea, the United States – partnered with her allies – is looking to boost their cyber-arsenal to prevent, detect, and neutralize attacks on their national security and critical infrastructure.

“Cybernetics and cyber-warfare are not only a means of war they are changing the face of modern warfare and technology,” said Israeli President Shimon Peres, adding “The cyber threat is significant and can paralyze and entire nation.” Speaking at a plenary session in front of a packed crowd of 1500 at Tel Aviv University, Peres’ words fueled further discussion of the digital nature of conflict and peace in the 21st Century and with that the Third Annual International Cyber Security Conference was underway.

Sponsored in part by Lockheed Martin, Israel Aerospace Industries, Ernst & Young, and other industry elitists, the ICSC was part of a 4 day Cyber Week under the auspices of the Prime Minister’s Office and National Cyber Bureau. The conference hosted delegations from over 30 countries and attracted senior government officials, military attaches, and world-renowned scientists and academics in the IT field to participate in engaging speeches, presentations, and roundtables addressing the latest threat to global security: Cyber-terrorism.

Certainly, the paradigm has shifted in the threat to information security, classic forms of espionage, treason, and whistle-blowing still exist. The name Edward J. Snowden is synonymous with all three. Before fleeing the United States, Snowden, a former CIA and NSA operative, fed the press evidence of top-secret and highly controversial mass surveillance operations by the aforementioned organizations. Some speculators insist he is now in China while other claim he is requesting asylum in Russia, Ecuador or Iceland. But Snowden’s story should not eclipse the big picture and the disclosure of classified NSA documents highlight an even greater risk to Americans. In light of the leaks, a furtive government surveillance program code-named PRISM caught the public’s attention after reports circulated that the NSA utilizes their capacity to track foreign and domestic internet and social media habits, email records, and telephone conversations storing them in massive data centers. This highlights a unique form of cyber-espionage that may be taking place on U.S. citizens by their own government.

Although only recently made a top priority on the agenda, more and more cases of cyber-combat and espionage are starting a formidable trend that is unleashing a current of broken trust and diplomatic tension worldwide. From tumult to terrorism, there is a broad spectrum of potential targets for cyber-warfare and an immeasurable amount of valuable time, money, and even human lives are at stake. In many incidences, novel forms of today’s technology are privately invented and publicly adopted without consideration of their multi-faceted security threats. With e-government, e-banking, e-health, e-learning, air-traffic control, and many other advanced services becoming standard, governments, corporations, and citizens alike need to safeguard these digital platforms to maintain the efficiency and luxury of their services.

Secretly hiding behind computer screens, elite hackers and cyber-criminals – on both the government and citizen levels - are gaining access to confidential and advantageous information in covert cyber- reconnaissance missions. Intellectual property and state secrets are being stolen through industrial and political espionage. Global trade in the financial services sector is being disrupted by cyber-sleuths gaining access to a bank databases, altering financial records and systems, and spying on company boards.

But that’s not all and yesterday’s incredulous threats are today becoming frighteningly realistic. Patient data can be maliciously swapped or deleted thus wreaking havoc on medical facilities and endangering lives. Many digitalized pacemakers, insulin pumps, and artificial organs run on networks and can communicate wirelessly; unauthorized access to these technologies would cause unthinkable damage. The latest car models are sophisticated multi-computer machines with core components that operate via radio, cellular, Bluetooth, remote, and Wifi technology. One can only imagine the devastating consequences of a paralyzed or reprogrammed oil-tanker turning into a rouge vehicular weapon. Motivated attackers could cripple an entire region’s’ electrical, water, and gas infrastructure with knowledge of computer programing, code, and a few simple keystrokes.

With innovators and geeks pushing the envelope towards a solely digitalized society, a growing number of critical infrastructure have entered digital platforms. This poses an increased risk to the harmony of civilian life systems. If we are putting all our digital eggs inside the proverbial cyber basket we must ensure that the basket is strong, fortified, and virtually impregnable from outside threats from foes. “Every essential service of all of our countries has been concentrated onto one infrastructure; that’s why it’s a security conversation. We can’t afford for that one infrastructure to become fragile or less resilient,” said Melissa Hathaway, president of Hathaway Global Strategies, LLC and former cyber-security advisor to President George W. Bush. According to Hathaway, who also served as the Acting Senior Director for Cyberspace in the National Security Council during the Obama Administration, the mammoth attack surface in Cyberspace leaves much room for exploitation in an age where 135 Botnet (robotic network) infections and 20 new identity theft victims are generated every minute.

In the business of war, cyber-weaponry has secured its place as a fifth dimension to warfare and sharing -- if not surpassing -- the significance of air, land, sea, and home-front commands. Today, major hacking campaigns have originated from countries like the United States, Russia, China, Iran, Israel, and North Korea. Germany, India, and the U.K. reportedly also have state-sponsored cyber programs. Due to the furtive nature of online intrusion, hackers can operate virtually anywhere with (or without) a network connection while confidently enjoying inconspicuousness. Primarily by use of proxy servers and computer zombies, tracks can be masked and identities blurred on the information superhighway thus making detection and prosecution of criminals near impossible.

In 2005, The Washington Post reported that a cyber-espionage ring operating out of China had targeted and infiltrated the computer networks of numerous U.S. agencies including the Department of Defense and Homeland Security. Internet-based conflict again reared its ugly head in 2007 during a brief dispute between Russia and Estonia over a Soviet war-monument that sparked heated protest and riot. Russian hackers swamped the systems and websites of Estonian banks and broadcasters even targeting the Parliament. Many believe that Russia’s DDoS attacks, through the use of Botnets, is one of the largest incidences of state-sponsored cyber-warfare ever recorded. Russia – a cyber-war veteran -- again entered the arena during the plight of the Russia-Georgia war. In the summer of 2008, cunning cyber-jammers set a tough tone by coordinating a wave of DDoS attacks on the websites and servers of Georgian government and other organizations. News and other broadcast agencies were compromised and pumped with propaganda and misinformation in an attempt to disrupt public opinion and gain Russian support. While the skirmish lasted a mere 5 days, the results were catastrophic and proved to the world that a new era of warfare had begun.

For the U.S. And other Western powers, advanced cyber systems are forcing leaders to enter choppier waters to stay one step ahead of their adversaries. But at what costs? “Cyber-weapons and cyber military attacks is the worst innovation of this century,” thundered Eugene Kaspersky, a Russian cyber czar and CEO of Kaspersky Lab.“ Simply because, cyber-weapons – that’s malicious code – can travel and infect innocent computers. It’s a boomerang.” One prime example of this boomerang effect took place in July 2010 when the notorious computer worm “Stuxnet” entered cyber-space after a programming error sent it viral over the web. Initially gift-wrapped to target Natanz, Iran’s controversial nuclear enrichment facility, the virus caused widespread havoc on Iranian servers even changing the spinning speeds of 1000 centrifuges thus temporarily hindering activity at the plant. The virus, uploaded via a USB memory stick, had reached it’s intended target. But after an Iranian engineer took a contaminated computer out of the plant and set it up on a separate network, the beast was unleashed. Unable to distinguish the new platform from its original target, the Stuxnet virus circulated Advanced Persistent Threats (APT) throughout Iran, India, and Indonesia, and eventually reaching the shores of the United States. The consensus points fingers at Israel and the U.S. for perpetrating the attack but both countries have kept relatively mum on the allegations.

“I’m afraid that in the future we will see more and more attacks which we will define as cyber terrorist attacks; attacks against nations, regions, or attacks against global infrastructure,” said Kaspersky, adding “Unfortunately our world is very very vulnerable.” In light of a recent onslaught on South Korean banking systems and state-run websites, which have since been attributed to its neighbor in the north, Kaspersky plead for strong international cooperation warning that Botnet barrages are setting a negative tone for invaders of all calibers. “These guys, they learn from military attacks; they learn from espionage attacks,” he told an eager crowd.

Recently, however, a new element of cyber-warfare has been introduced and is on the rise at an alarming rate. “Hacktivist” groups such as WikiLeaks and Anonymous are gaining prime media exposure thus, starting a controversial trend of digital piracy by targeting government, corporate, and religious websites and databases to expose their secrets and combat censorship. In many regards, “hacktivism” or the use of computer hacking to achieve political goal has far greater consequences than conventional cyber-strikes. Stolen money can be retrieved or replaced but large scale hacktivism can damage a reputation or bring a business -- even an entire regime – to its knees. In 2012, when the Syrian government unplugged the internet on the entire country during the blood-bath that has since entered its third year, Anonymous responded with an eerily symbolic act of sabotage. After the incognito hacktivist group took down websites that were linked to Syria, such as those of embassies and and other official sites, Anonymous issued a video statement warning Assad of his regime’s eminent demise. “By turning off the internet in Syria, the butcher Assad has shown that the time has come for Anonymous to remove the last vestiges of his evil government from the internet,” said one anon hiding behind the group’s trademark Guy Fawkes mask. “Soon, his people will remove him from the world.” Other incidences of hacktivism, such as Wikileaks’ public exposure of emails stolen from Strarfor, a private, Texas-based, global intelligence firm, have been covered extensively by The Suit Magazine. “The price that the world is paying today for cyber-crime and cyber-espionage is a very high one,” said Richard A. Clarke, former Special Advisor for Cyber Security to the President of the United States.

In light of these global risks, Clarke, who boasts 15 years in the cyber security field in both the White House and as CEO of his private firm Good Harbor Security Risk Management, LLC, introduced the prospect of cyber arms-control, calling for peace in an era when a disastrous networking meltdown or attack is shockingly plausible. Although the prospect of implementing standards in cyberspace has been discussed mostly in UN forums, Clarke remarked that the appropriate measures have failed to launch explaining that countries such as Iran, Russia, and China have used the forum largely for propaganda purposes and to score political points. “The UN is not the place to start cyber-arms control,” deplored Clarke. “I need hardly tell an audience in Israel that there are problems with the UN,” he added amidst scattered snickers and applause. He suggested, instead, that countries begin by collaborating with like-minded diplomatic neighbors and allies to ensure both domestic and multilateral trust as opposed to countries with a shared history of long-term conflict. Clarke foresees the future of cyber-peace as one of informal pledges, binding treaties, appropriate legislation, and an international secretariat to record and respond to threats and assaults and enforce mutual cooperation.  

Although, due to extreme competitiveness and lack of trust, the IT security sector is severely separated. During her 30 minute presentation at the ICSC, Hathaway urged the national and civilian domains of the cyber-community to reconcile extremes to a healthy mid-point and work together to achieve mutual goals. In a similar vein, she identified 30 countries that have cyber-security strategies in need of tweaking to retain a balance between the economic and security elements of cyber-warfare. “In these austere times, our countries are focused on the economic aspects of security,” she said, reminding diplomats that cyber-defense strategies need to address “infrastructure protection, intellectual property protection, defense of the homeland, and yes, in some cases, regime stability.” 

In a similar vein, USMC Gen. (Ret.) James Cartwright is undergoing an investigation by the Justice Department on suspicion that he disclosed  to the press details of U.S.-led cyber-counterinsurgency operations against Iran. If convicted, Cartwright, a Former Vice Chairman of the Joint Chiefs of Staff and four-star General, would be charged with exploiting state secrets, a move that would send a shock-wave of stellar political consequences throughout the Pentagon.   

Since the economic free-fall in late 2008, the global agenda has been focused on regaining financial stability with attempts to race out of the recession. While world leaders of both the public and private sectors have a lot on their plate, little by little they must progress in all areas of information security lest they overlook valuable assets leaving the public vulnerable and open to unthinkable attack. We must find a balanced approach to ensure security on the ground, in our wallets, and in cyber-space. Cyber Security need not be an oxymoron. A cyber-9-11 would cripple entire industries with victims suffering more physical, psychological, financial damage than any disaster to date. Notwithstanding, any nation that values its sovereignty must protect its civilian services as much as it safeguards its citizens. Although, with hackers hiding behind anonymity and covering their tracks in the virtual world, it is becoming increasingly hard to determine the location of attacks. Add that to the numerous hacktivist groups exposing valuable secrets and sparing nobody, the cyber-sphere is gradually turning into an all-out virtual war-zone. The only question now is: Who can we trust?