Unlike a “classic” war, cyberwar does not require substantial human resources or the support of the population. It is “simpler” to implement, much faster to organize and its visible consequences in the real world can be devastating.
Cyberspace has become a new battlefield where armies are made up of hackers, terrorist organizations or state agencies. The targets are multiple: banks, government organizations, large and medium-sized companies, individuals, no one is immune.
We have seen it for a few days, when we talk about the Ukrainian-Russian conflict, the question of cyber is present. States are preparing for repercussions and strengthening their cyber defenses. In the same way hackers from all countries help the Ukrainian government to counter the attacks. Thus, the activist hacker group Anonymous has officially launched a “cyber war” against the Russian administration.
What actions can be implemented?
- The spread of false information,
- Spying or collecting sensitive data,
- Sabotage of sensitive equipment,
- The attack on strategic infrastructures.
History fact: As early as 1999, in War Beyond Limits, two senior officers of the Chinese Air Force imagined what war could be like, especially in terms of computers. Their vision of cyberspace and possibilities has enabled China to develop a veritable cyber army.
Long before this sad conflict, cyberattacks took place. Here are the most famous:
In 2007, two major attacks took place:
- Estonia suffers from a major cyberwar, by denial of service. The country is completely paralyzed. This attack is a reaction of the Russians to the decision of the Estonian government to unbolt the statue of the Soviet soldier in the heart of the capital Tallinn.
- Israel targets Syria’s surface-to-air defense systems to secure its fighter-bombers during the attack on the Syrian nuclear reactor.
In 2012, the Saudi oil company Aramco and the Qatari gas company RasGas were both targeted by the Shamoon computer virus, which led to the destruction of some 30,000 Aramco computers. According to US Secretary of Defense Leon Panetta, this is “probably the most destructive attack the private sector has ever experienced”, believing that there is now a risk of “cyber-Pearl Harbor”, making the cyberspace “the battlefield of the future”.
In 2013, the New York Times revealed that hackers had been spying on its journalists (53 hacked microcomputers) since October 25, 2012, when it published an article on the fortune accumulated by Wen Jiabao, the Chinese Prime Minister. Also in the same year, the New York Times (USA), the Huffington Post (UK) and the image service of the social network Twitter were the targets of attacks by pro-Assad hackers. The claim of the attack comes from the SEA, Syrian Electronic Army.
In 2018, the German intelligence service, the BfV detects new attacks as part of an investigation into the ‘Snake’ cyberattack campaign. The targets are mainly governmental and political”, although no data was stolen. The Snake hacking group is suspected of being linked to Russian authorities. He rose to prominence in 2014, when Ukrainian government systems were attacked by a Russian computer weapon of the same name.
In 2020, several American institutions are undergoing massive hacks, including the Secretariats of Commerce and the Treasury, carried out by hackers linked to Russia. This cyberattack comes as Donald Trump dismisses, less than a month earlier, Chris Krebs, director of the Cybersecurity and Infrastructure Security Agency, because the latter contradicts his accusations of fraud by assuring that the presidential election had been “the safest in the country’s history. The attack is so critical that it provokes an emergency meeting of the National Security Council: the email addresses of employees of the targeted agencies have been monitored for months.
The Paris Call to guarantee cyberpeace?
In the face of these attacks, it is essential to bring the international community together to guarantee peace in cyberspace. The Paris Appeal is a call to react together in the face of new threats that endanger citizens and infrastructures. It is based on nine common principles for securing cyberspace, which are all areas of reflection and action.
For the CSB.School to respond to this call was obvious, in order to contribute with all the players in the sector, to a fairer, safer and more responsible cyberspace.
Prior to this call for Emmanuel Macron’s initiative, France implemented other protective measures:
In 2008, the National Information Systems Security Agency (ANSSI) was created.
A joint and ministerial operational chain of command, placed under the authority of the Chief of Defense Staff and integrated within the Center for Planning and Conduct of Operations (CPCO), is set up to organize and conduct cyber defense military from 2014.
In 2016, the decision to form a new cyber army corps was taken by the then Minister of Defense, Jean-Yves Le Drian; its operational center is located in Bruz, in Ille-et-Vilaine.
These are all actions that demonstrate all the human, technical and organizational means to structure and secure cyberspace.
Peace is not an empty word.