Cyber Warfare -- Beyond Estonia-Russia

ATCA Briefings

The Rise of China's 5th Dimension Cyber Army

London, UK - 30 May 2007, 22:04 GMT - Eight years after the mi2g initial forecast, and 11 years after we began to do research into the vulnerability of the fragile digital environment, the world has arrived at the predicted precipice with a quantum jump via the Estonia-Russia Cyber War in May 2007, with a significant degradation to the Estonian digital eco-system and infrastructure for a protracted period of nearly one month. During this period of cyber war, the native defence forces, government departments, businesses and individuals all suffered over and beyond their imagination by way of expectations for digital services' reliability, availability and sustainability in the event of adversity.

Dear ATCA Colleagues

Re: Cyber Warfare -- Beyond Estonia-Russia, the rise of China's 5th Dimension Cyber Army

Victor Hugo (1802-1885), French poet, writer and playwright, who witnessed the revolutions in France that succeeded 1789, ie, 1830, 1832, 1848 and 1870, has said, "There is nothing more powerful than an idea whose time has come!"

In January 1999, after three years of research and development, the mi2g Intelligence Unit published an internal memorandum titled, "Cyber Warfare: The Threat to Government, Business and Financial Markets." In the internal memorandum, released in the public domain post the NATO-Serbia first cyber war in April 1999, it was stated, "Historically war has been classified as physical attacks with bombs & bullets between nation states. It was beyond the means of an individual to wage war. Today, in the Information Age, the launch pad for war is no longer a runway but a computer. The attacker is no longer a pilot or soldier but a civilian Hacker. An individual with relatively simple computer capability can do things via the internet that can impact economic infrastructures, social utilities and national security. This is the problem we face in moving from the industrial world to the Information Age, which is the essence of Cyber War."

Eight years after the mi2g initial forecast, and 11 years after we began to do research into the vulnerability of the fragile digital environment, the world has arrived at the predicted precipice with a quantum jump via the Estonia-Russia Cyber War in May 2007, with a significant degradation to the Estonian digital eco-system and infrastructure for a protracted period of nearly one month. During this period of cyber war, the native defence forces, government departments, businesses and individuals all suffered over and beyond their imagination by way of expectations for digital services' reliability, availability and sustainability in the event of adversity.

In November 2002, almost five years before the debilitating Estonia cyber attacks, the mi2g Intelligence Unit released a public briefing titled "Government backed counter-attack-forces necessary in future," which stated, "As the damage done by radical, criminal and intellectually motivated hackers continues to rise, about six Billions Dollars of economic value was destroyed worldwide by overt and covert digital attacks including viruses and worms in October alone. As a result, the mi2g Intelligence Unit predicts there will be a growing requirement for Governments to intervene and to mobilise counter-attack-forces that protect economic targets and critical national infrastructure constituents on a 24/7 basis."

The 2002 mi2g Intelligence Unit briefing continued: "Historically, politicians in civilised Western democracies have challenged their defence forces to provide adequate defence capability within limited resources. The focus has been on the four physical dimensions - land, sea, air and outer space - and not on the new 5th Dimension, which is cyberspace. There is no real digital defence capability deployed so far -- other than occasional simulations and exercises which are to uncover gaps in the national critical infrastructure's digital defences. The redressal lies primarily in developing counter-attack-forces, which would begin to arrest the imbalance of power between ill-motivated hackers on the one hand and little-prepared businesses on the other. It is unrealistic to expect that any defence department can provide 'counter-attack-forces' against digital attacks for an entire nation's economic targets immediately and, in any case, the expertise needed is relatively fast moving and cannot be 'trained' into would be combatants in a short period of time."

Fast forwarding to May 2007: When Estonian authorities began removing a bronze statue of a Second World War-era Soviet soldier from a park, they expected violent street protests by Estonians of Russian descent. What followed was the second major war in cyberspace, a month-long campaign that has forced Estonian authorities to defend their Baltic nation from a data flood that they say was set off by orders from Russia or ethnic Russian sources in retaliation for the removal of the statue. The Estonians assert that an Internet address involved in the attacks belonged to an official who works in the administration of Vladimir Putin, Russia's President. Computer security experts from NATO, the European Union, the United States and Israel converged on Tallinn in May to offer help and to learn what they can about protracted cyber war in the digital age in the 21st Century. Attacks on Estonia continue albeit at a slower pace as measured against the peak at the start of May.

The Russian government has denied any involvement in the cyber attacks, which came close to shutting down the country's digital infrastructure, clogging the websites of the President, the Prime Minister, Parliament and other government agencies, staggering Estonia's biggest bank and overwhelming the sites of several daily newspapers. "It turned out to be a national security situation," according to Estonia's Defence Minister Jaak Aaviksoo. "It can effectively be compared to when your ports are shut to the sea."

The attackers used a giant network of bots (enslaved computers) on 9th May -- perhaps as many as one million slave computers in places as far away as North America and the Far East -- to amplify the impact of their assault. In a sign of their financial resources, there is evidence that they rented time from trans-national criminal syndicates on Botnets. The combination of very, very large packets of information streams -- generated by tens of thousands of machines -- provide the mechanism for very damaging Distributed Denial-of-Service (DDoS) attacks. In the early hours of 9th May, traffic spiked to thousands of times the normal flow. It was heavier on 10th May, forcing Estonia's biggest bank to shut down its online service for more than an hour. Even now, the bank, HansaBanka, is under assault and continues to block access to 300 suspect Internet addresses. Finally, on 10th May, it appears that the attackers' time on the rented servers expired, and the botnet attacks fell off abruptly.

China's 5th Dimension Cyber Army

In the meantime, a US military report into the future of geo-political relations with China has claimed that the Chinese government is developing a cyber (5th Dimension) warfare division for use in possible future conflicts.

"The Military Power of the People's Republic of China 2007" report suggests that, in addition to the Red Army's army, navy, air force and rocket arms, the Chinese government is putting together a team to deal with "electronic and online arenas." According to the report, "People's Liberation Army authors often cite the need in modern warfare to control information, sometimes termed an 'information blockade'... China is pursuing this ability by improving information and operational security, developing electronic warfare and information warfare capabilities, denial-of-service and deception... China's concept of an 'information blockade' likely extends beyond the strictly military realm to include other elements of state power."

The same US defence report suggests that the People's Republic of China is developing teams to handle computer network attack, defence and exploitation with a separate section handling electronic countermeasures. It cites logistics systems and satellite communications as possible targets, and claims that exercises have been held in cooperation with other Red Army wings since 2005. The report also mentions an article on the subject which appeared in the November 2006 Liberation Army Daily.

Solutions for The Cyber Warfare Paradigm Shift

The Pandora's box of full scale cyber war is open now, post Estonia, and the world is even more dependent on digital networks than it was eight years ago, when the mi2g Internal Memorandum was placed in the public domain in the wake of the NATO-Serbia cyber war. Where are the solutions? Going back to the mi2g Intelligence Briefing from November 2002, governments and large businesses are still in need of following the recommendations made nearly five years ago:

"In the future, when seeking to protect the critical infrastructure constituents and business digital systems at a national level, the economically prudent way forward would be to combine knowledge management, analysis and counter-attack tools with on-the-ground human intelligence sources. Surveillance and reconnaissance dashboards of digital systems would need to be managed by experienced counter-attack-forces on a 24/7 basis. mi2g believes that this war on digital terrorism can be won decisively and effectively. As in all wars, our collective national defences must excel enemy aggression. We will therefore need to understand that:

. Defence has always been about securing trade routes and markets. Given that several Trillion Dollars of trade is routed digitally, counter-attack-forces with electronic weapons that can disable attacking systems from various parts of the world will ultimately need to be deployed with Governments' backing as part of their 5th dimension defence shield. Counter-attack-forces will save businesses a lot of lost time and money in dealing with rogue, politically motivated, electronic attacks from radical and criminal groups scattered across the world and within the nation(s)....

. Mobilisation of resources including new investment will become necessary on interoperable distributed knowledge management and analysis systems, which allow data to be shared easily from and between different sources and agencies collecting intelligence. Also, investment in more local human intelligence across the globe will be essential. The expertise of the very few available people who are proficient in the technologies of the 5th dimension would need to be utilised to train the counter-attack-forces through the establishment of national centre(s) of excellence for digital defence. Nothing significant can be achieved without this cohesive sharing capability being made available to the future counter-attack-forces, who would be able to ensure reliability, availability, maintainability and scalability of business systems in the event of protracted hacker attacks."


For a more in-depth look at this subject, please consult my keynote speeches delivered at:

1. The First International Conference on the Information Revolution and the Changing Face of International Relations and Security in Lucerne, Switzerland on 24th May 2005, organised by ETH Zurich's Centre for Security Studies (CSS) & Comparative Interdisciplinary Studies Section (CISS) of the International Studies Association (ISA):

Holistic Solutions to Counter Asymmetric Threats: The Pivotal Role of Technology; and

2. The Oxford Internet Institute, University of Oxford, Inaugural Industry Lecture on 10th February 2005:

Cyberland Security: Organised Crime, Terrorism and The Internet

We look forward to your further thoughts, observations and views. Thank you.

Best wishes

For and on behalf of DK Matai, Chairman, Asymmetric Threats Contingency Alliance (ATCA)

ATCA: The Asymmetric Threats Contingency Alliance is a philanthropic expert initiative founded in 2001 to resolve complex global challenges through collective Socratic dialogue and joint executive action to build a wisdom based global economy. Adhering to the doctrine of non-violence, ATCA addresses asymmetric threats and social opportunities arising from climate chaos and the environment; radical poverty and microfinance; geo-politics and energy; organised crime & extremism; advanced technologies -- bio, info, nano, robo & AI; demographic skews and resource shortages; pandemics; financial systems and systemic risk; as well as transhumanism and ethics. Present membership of ATCA is by invitation only and has over 5,000 distinguished members from over 100 countries: including several from the House of Lords, House of Commons, EU Parliament, US Congress & Senate, G10's Senior Government officials and over 1,500 CEOs from financial institutions, scientific corporates and voluntary organisations as well as over 750 Professors from academic centres of excellence worldwide.

The views presented by individual contributors are not necessarily representative of the views of ATCA, which is neutral. Please do not forward or use the material circulated without permission and full attribution.

Intelligence Unit | mi2g | tel +44 (0) 20 7712 1782 fax +44 (0) 20 7712 1501 | internet www.mi2g.net
mi2g: Winner of the Queen's Award for Enterprise in the category of Innovation

mi2g is at the leading edge of building secure on-line banking, broking and trading architectures. The principal applications of its technology are: 1. D2-Banking; 2. Digital Risk Management; and 3. Bespoke Security Architecture. For more information about mi2g, please visit: www.mi2g.net

Renowned worldwide for the ATCA Briefings. Subscribe now.
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy