Military Alliances, Acts of War, and DDoS Attacks
In June of 2016 the North Atlantic Treaty Organization or NATO officially declared cyberspace a warfare domain, confirming that a cyberattack against any of the organization’s member states can be considered as an act of war. This means that a cyberattack against a member state could warrant a response involving cyber weaponry or even a traditional armed response.
This is a major declaration, one that acknowledges the role cyber dimensions are already playing in warfare as well as the increasingly significant role they’ll play in the future, forever changing warfare as we know it. While to some the idea of a military response to an online attack may seem drastic, for anyone who’s been closely tracking the state of cyber affairs, particularly the DDoS landscape, it’s about time.
A decade of DDoSing
DDoS attacks have long been a source of serious grief for businesses and websites, with consequences that include five, six or even seven-figure costs incurred fighting the attacks and reputational damage from which it can be hard to recover. However, while it may be DDoS attacks that take down Netflix and Reddit that grab the most attention from mainstream media, there are even more serious attacks flying around the internet, ones that threaten governments, democracy, freedom of the press, citizen rights, critical infrastructure and economic stability.
Distributed denial of service attacks perpetrated by nation states date back over a decade. One of the most infamous of those early state-sponsored attacks was the alleged Russian onslaught directed at Estonia, taking down government websites as well as banks, newspapers and broadcasters for three weeks in 2007 in retaliation for the relocation of a soviet-era war monument. This crippling assault is considered a landmark attack, and was what actually prompted NATO to initially begin developing a cyber defense policy.
In the decade since, state-sponsored DDoS attacks have become somewhat of a norm. North Korea has allegedly been targeting the United States since 2009, China has reportedly taken aim at the pro-democracy movement in Hong Kong, and Russia has had the finger of blame pointed at them for attacks on the United States, the Ukraine, the Brexit voter registration website, Kyrgyzstan, and Germany. These are just some of the attacks that have gained media attention. The true scope of the state-sponsored DDoS scene is hard to determine and hard to imagine.
A scary escalation
In January of 2016 the Ukraine was hit by a serious DDoS attack, one that allegedly came from Russia. Considering how frequently Russia is said to target the Ukraine, this attack could have very well slipped through the cracks of mainstream awareness if it weren’t for one detail: the attack wasn’t aimed at online services, it was aimed at the power grid. It succeeded. For six hours, more than 100,000 residents of Ukrainian city Ivano-Frankivsk were without power because of a DDoS attack.
In May of 2017, Russia was allegedly at it again, targeting the power grids in Estonia, Lithuania and Latvia with what was described as a series of limited distributed denial of service attacks, possibly being used to test for weaknesses. Russia has also been publicly blamed by the Trump administration for a two-year series of cyberattacks on the US power grid, though DDoS attacks were not specified.
DDoS attacks aimed at government services, financial institutions, major corporations and media outlets can obviously have a serious impact on the state of a nation, but long-lasting attacks on critical infrastructure such as the power grid have the potential to cause unimaginable turmoil, including loss of life. If these first attacks on power grids are signs of what’s to come, it could be a dark future indeed.
In July of 2017 NATO’s Secretary General Jens Stoltenberg stated that NATO is increasing its cyber defense efforts because cyberattacks can be as dangerous and as serious as armed attacks. NATO is in a position to know this, fending off over 500 cyberattacks per month.
NATO nations including the United States, Britain, Denmark, Germany, Norway, the Netherlands and Spain are all currently working on cyber warfare guidelines that will clarify the justifications for deploying cyber weapons. These are guidelines that are expected to shift NATO into a more offensive-defense mindset when it comes to cyber warfare. Couple all of NATO’s recent cyber defense declarations with the 25-nation cyberattack exercise held in Estonia last November to test NATO member nations against fictional state-sponsored attackers and it would seem that it won’t be the wars of the future being fought with computers. It’s the wars of right now.