Though an under-explored aspect of contemporary conflict, developments in information technology are fuelling the emergence of new forms of warfare which could pose a unique challenge to state’s critical infrastructure.
By Jovana Jezdimirovic Ranito
The end of the Cold War saw a multiplication of war strategies, fuelled primarily by the emergence of non-state actors and threats – including well-organized political movements, guerilla and terrorist groups – plus new communication and information technologies. The transformation of both the settings and demands of conflict has led to a transformation of the very conflicts themselves.
Military hardware – no matter how sophisticated – is beset by several short-comings; being expensive to produce and always leaving physical traces as to its use. Beside physical and diplomatic battlefields, contemporary battles are instead increasingly being fought virtually (through programmed weapons) and in cyber-space.
The bi-polar tensions of the Cold War reduced and obscured the actions of many actors – such as extreme ethnic groups, non-governmental organizations and private entities – whose re-emergence on the international scene has raised their importance for states. Their impact on, for instance, public opinion – which has been used a valedictory tool for new forms of behaviour and modes of organization, often transcending international laws and norms – has made them an important focus for state policies.
Warfare in this new, multi-polar setting has included – besides battles on the ground and diplomatic measures – strategies created by Information Technology (IT); such as ‘net-‘, ‘cyber-‘ and ‘virtual-‘ war. Cheaper and nearly invisible, these emergent strategies have been used as a supplement to more conventional forms of warfare.
If we consider cyber-attacks to be part of a concerted cyber-war, then they would have several profound consequences – political, economic and psychological. Politically, when organized by states keen to hide their tracks, they have the potential to damage infrastructure – including by provoking a shut-down of the power grid, or causing disturbances in transportation, telecommunications, the banking and financial transactions. The economic consequences of such attacks would be devastating; it is calculated that daily losses would be somewhere between $35m and $150m. Psychologically, the chaos caused would provide a considerable advantage to the state executor of the attacks, whose final goal is to exert pressure at the negotiating table.
If on one side of the scale we have cyber war, on the other is ‘net war’; a strategy that employs soft power and does not have the capability to cause the sort of damage that cyber-war does. The similarities are significant, particularly the common goal to influence ongoing negotiations through the use of virtual space and attacks on key websites. However, the differences relate to the technological capability of the attack, its executioners and the tactics used to achieve its goals.
In the case of netwar, the executioner is the nationalist, extreme ethnic group – not the state itself -which leave traces on the websites targeted and spreads propaganda as a means of influencing foreign policy. These attacks are directed not only at vital infrastructures, but rather at all websites they consider relevant to the cultural identity of the enemy; everything that would garner media attention. Their means are grounded in the posting of, for instance, advertising messages and the blocking of websites.
Attacks between Serbian and Albanian hackers, which can be traced back to the late-nineties, have increased in intensity over the last three years. Attacks on the websites of institutions and those concerned with cultural heritage should serve as a warning to policy-makers in the Balkans, emphasizing the need to better define strategies to combat cyber-attacks. At present, there is a lack of clear and official strategies, even though the respective countries recognize the problem and the very real threat it poses.
In Kosovo, netwar has been used as an addition to conventional war strategies as a consequence of the transformation of the conflict; from on-the-ground battles to diplomatic and net war strategies. This strategy cannot exist independently, and its main goal is to influence the ongoing negotiations and spread propaganda. Globally, combating netwar through law enforcement and counter-intelligence remains weak, suggesting that this will remain a privileged way of attacking critical infrastructure in the future.
The lack of clear and strong legislation among the Balkan states leaves them particularly vulnerable to speculative attacks which – in the case of the Serbia and the self-proclaimed Republic of Kosovo – are exploited by opportunist, nationalistic, extremist groups with an aim to complement their political dispute. Such cyber-attacks have, until now, not been significant enough to destroy critical infrastructure, though they have certainly disturbed their functioning. The tendency is towards increasing level of attacks, which eventually could reach a level where it is transformed into a cyber-war.
The countries of the region, therefore, need to invest further resources in order to objectively analyse the prevailing situation and address the problem accordingly. Each is increasingly dependent on IT services, and needs to begin seriously investing not only in improving legislation and policies targeting such crimes, but also in network security, incident response, technical training and international collaboration. Without these steps, the possibility of damaging and costly attacks on critical infrastructure remain a distinct possibility.