Abstract
The rapid proliferation of information and communications technologies has improved the means to record and transmit information. Not surprisingly, this digitized information can be exploited, corrupted, denied or destroyed electronically, resulting in digital information warfare (DIW). This article examines politically motivated cyberattacks in Eurasia to conduct DIW trend analyses. Document analysis is conducted on 86 documents dated from 1995 to 2011. The article goes beyond traditional DIW research on criminal organization and attack complexity by adding four new DIW components: division of labor, alliances, communication and physical elements. It generates a discussion of whether any of these components are connected, more prominent or exhibits a temporal order. The article also examines several factors that sustain and promote DIW, discusses practical lessons that can be learned from DIW in Eurasia, and offers suggestions for further research.
Similar content being viewed by others
References
Alberts, D. (1996) Defensive Information Warfare. Washington DC: National Defense University.
BBC (British Broadcasting Corporation). (2002) Pro-Islamic hackers join forces, http://news.bbc.co.uk/1/hi/sci/tech/2052320.stm, accessed 6 June 2009.
BBC. (2011) US and Israel were behind Stuxnet claims researcher, http://www.bbc.co.uk/news/technology-12633240, accessed 17 August 2011.
Billo, C. and Chang, W. (2004) Cyber Warfare: An Analysis of the Means and Motivations of Selected Nation States. Hanover, NH: Institute for Security Technology Studies at Dartmouth College.
Blane, J.V. (2002) Cyberwarfare: Terror at a Click. New York: Novinka Books.
Blum, J. (2005) Hackers target U.S. power grid: Government quietly warns utilities to beef up their computer security, http://www.washingtonpost.com/wp-dyn/articles/A25738-2005Mar10.html, accessed 20 November 2008.
Bora, A. (2003) Worm warfare, http://www.rediff.com/search/2003/mar/17war.htm, accessed 10 December 2010.
Bradbury, D. (2009) The fog of cyberwar, http://www.guardian.co.uk/technology/2009/feb/05/kyrgyzstan-cyberattack-internet-access, accessed 2 February 2009.
Brenner, B. (2007) Experts doubt Russian government launched DDoS attacks, http://searchsecurity.techtarget.com/news/1255548/Experts-doubt-Russian-government-launched-DDoS-attacks, accessed 22 August 2012.
Broad, W., Markoff, J. and Sanger, D. (2011) Israeli test on worm called crucial in Iran nuclear delay, http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html, accessed 17 August 2011.
Byres, E. and Hoffman, D. (2004) The Myths and facts behind cyber security risks for industrial control systems. Paper presented at VDE 2004 Congress, VDE, Berlin, October 2004.
Carr, J. (2010) Inside Cyber Warfare. Sebastopol, CA: O’Reilly Media.
Cornish, P., Livingstone, D., Clemente, D. and Yorke, C. (2010) On cyber warfare. Chatham House, http://www.chathamhouse.org/sites/default/files/public/Research/International%20Security/r1110_cyberwarfare.pdf, accessed 5 January 2012.
Council of Europe. (2004) Summary of the organized crime situation report 2004: Focus on the threat of cybercrime, http://www.coe.int/T/E/Legal_affairs/Legal_cooperation/Combating_economic_crime/Organised_crime/Documents/OrgCrimeRep2004Summ.pdf, accessed 15 October 2005.
Danchev, D. (2009) Thousands of Israeli web sites under attack, http://www.zdnet.com/blog/security/thousands-of-israeli-web-sites-under-attack/2355, accessed 9 December 2010.
Datz, T. (2004) Out of control. CSO Security and Risk, http://www.csoonline.com/read/080104/control.html, accessed 8 March 2006.
Davis, J. (2007) Hackers take down the most wired country in Europe, http://www.wired.com/print/politics/security/magazine/15-09/ff_estonia, accessed 21 November 2008.
DCSINT (Deputy Chief of Staff for Intelligence). (2006) Critical infrastructure, threats, and terrorism. Handbook No. 1.02, Fort Leavenworth, KS: DCSINT.
Evron, G. (2008) Battling botnets and online mobs: Estonia's defense efforts during the internet war. Science & Technology IX (1): 121–126.
Falliere, N., Murchu, L. and Chien, E. (2011) W32.Stuxnet Dossier. Version 1.4, http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_stuxnet_dossier.pdf, accessed 18 August 2011.
Foltz, C.B. (2004) Cyberterrorism, computer crime, and reality. Information Management & Computer Security 12 (2): 154–166.
Geers, K. (2009) The cyber threat to national critical infrastructures: Beyond theory. Information Security Journal: A Global Perspective 18 (1): 1–7.
GoogleTech (Google Technology). (2008) Google searches more sites more quickly, delivering the most relevant results, http://www.google.com/technology/, accessed 27 December 2007.
Gorman, S. (2009) Electricity grid in U.S. penetrated by spies, http://online.wsj.com/article/SB123914805204099085.html, accessed 1 June 2009.
GTISC (Georgia Tech Information Security Center). (2009) Emerging Cyber Threats Report for 2009. Atlanta, GA: Georgia Institute of Technology.
Haeni, R. (1997) Information warfare: An introduction, http://www.trinity.edu/rjensen/infowar.pdf, accessed 12 February 2010.
Holt, T. and Kilger, M. (2012) Know your enemy: The social dynamics of hacking, https://honeynet.org/files/Holt%20and%20Kilger%20-%20KYE%20-%20The%20Social%20Dynamics%20of%20Hacking.pdf, accessed 10 June 2012.
IBM. (2009) IBM Internet security systems: X-force threat insight quarterly. February 2009, http://www-935.ibm.com/services/us/iss/pdf/x-force/xftiq_08q4.pdf, accessed 6 June 2009.
ICS-CERT (Industrial Control Systems – Cyber Emergency Response Team). (2011) ICS-CERT Incident response summary report, http://www.infosecisland.com/download/index/id/105.html, accessed 1 July 2012.
Iwar.org.uk. (2003) Information warfare, http://www.iwar.org.uk/iwar/resources/wikipedia/information-warfare.htm, accessed 12 February 2010.
Jenik, A. (2009) Cyberwar in Estonia and the Middle East, http://ezinearticles.com/?Cyberwar-in-Estonia-and-the-Middle-East&id=2401961, accessed 12 June 2009.
Jordan, T. and Taylor, P. (1998) A sociology of hackers. The Sociological Review 46 (4): 757–780.
Keizer, G. (2009) Russian ‘cybermilitia’ knocks Kyrgyzstan offline, http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126947&intsrc=news_ts_head, accessed 8 February 2009.
Krone, T. (2005) Hacking motives. Australian Institute of Criminology. High tech crime brief no. 6.
Lemieux, V. (2003) Criminal networks, http://www.rcmp-grc.gc.ca/pubs/ccaps-spcca/crimi-web-eng.htm, accessed 22 August 2012.
Libicki, M. (1995) What is Information Warfare, Washington DC: National Defense University, http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA367662, accessed 10 January 2010.
Luiijf, E. (2008) SCADA Security Good Practices for the Drinking Water Sector. Netherlands Organization for Applied Scientific Research. The Netherlands: TNO Defence, Security and Safety.
Mann, C. and Stewart, F. (2004) Introducing online methods. In: S.N. Hesse-Biber and P. Leavy (eds.) Approaches to Qualitative Research: A Reader on Theory and Practice. New York: Oxford University Press, pp. 367–401.
Mann, D. and Sutton, M. (1998) Netcrime: More change in the organization of thieving. British Journal of Criminology 38 (2): 201–229.
Markoff, J. (2008) Before the gunfire, cyberattacks, http://www.nytimes.com/2008/08/13/technology/13cyber.html, accessed 21 November 2008.
McAfee. (2005) McAfee virtual criminology report: North American study into organized crime and the Internet, http://www.mcafee.com/us/local_content/misc/mcafee_na_virtual_criminology_report.pdf, accessed 20 October 2005.
McMullan, J. and Rege, A. (2007) Cyberextortion at online gambling sites: Criminal organization and legal challenges. Gaming Law Review 11 (6): 648–665.
McMullan, J. and Rege, A. (2010) Online crime and internet gambling. Journal of Gambling Issues 24: 54–85.
Messmer, E. (1999) Serb supporters sock it to NATO and U.S. computers, http://www.networkworld.com/news/1999/0405nato.html, accessed 20 November 2008.
Moore, A., Cappelli, D., Caron, T., Shaw, E., Spooner, D. and Trzeciak, R. (2011) A preliminary model of insider theft of intellectual property, http://www.cert.org/archive/pdf/11tn013.pdf, accessed 10 June 2012.
Mostaghim, R. (2008) IRAN: Hamas office declares cyber-war on Israel, http://latimesblogs.latimes.com/babylonbeyond/2008/10/iran-hamas-offi.html, accessed 17 June 2009.
Moteff, J. (2005) Risk Management and Critical Infrastructure Protection: Assessing, Integrating, and Managing Threats, Vulnerabilities and Consequences. CRS Report for Congress, Order Code RL32561.
Naraine, R., Danchev, D. and O'Donnell, A. (2008) Coordinated Russia vs Georgia cyberattack in progress, http://blogs.zdnet.com/security/?p=1670, accessed 21 November 2008.
Neuman, L.W. (2003) Social Research Methods: Qualitative and Quantitative Approaches. Massachusetts: Allyn & Bacon.
Newman, G. and Clarke, R. (2003) Superhighway Robbery: Preventing E-commerce Crime. Oregon: Willan Publishing.
Nicholson, R. (2008) Critical Infrastructure Cybersecurity: Survey Findings and Analysis. Energy Insights, an IDC company. White Paper sponsored by Secure Computing, November.
Paccagnella, L. (1997) Getting the seat of your pants dirty: Strategies for ethnographic research on virtual communities. Journal of Computer-Mediated Communication 3 (1), http://jcmc.indiana.edu/vol3/issue1/paccagnella.html, accessed 2 March 2007.
Patterson, L.V. (2002) Information Operations and Asymmetric Warfare … Are We Ready? USAWC Strategy Research Project. United States Army War College, Carlisle Barracks, Pennsylvania.
Project Grey Goose (PGG) (2008). Russia/Georgia Cyber War – Findings and Analysis. Project Grey Goose: Phase I Report.
PGG. (2009) The Evolving State of Cyber Warfare. Project Grey Goose: Phase II Report.
Rege, A. (2009) What's love got to do with it? Exploring online dating scams and identity fraud. International Journal of Cybercriminology 3 (2): 494–512.
Rege-Patwardhan, A. (2009) Cybercrimes against critical infrastructures: A study of online criminal organization and techniques. Criminal Justice Studies 22 (3): 261–271.
Rinaldi, S. (2004) Modeling and simulating critical infrastructures and their interdependencies. Hawaii International Conference on System Sciences 2 (2), 2005, Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS’04) – Track 2, 2004, 5–8 January, Hawaii, USA.
Rogers, M. (2005) The development of a meaningful hacker taxonomy: A two dimensional approach, https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2005-43.pdf, accessed 23 January 2007.
Ronen, E. (2008) Israeli hackers penetrate Hamas website, http://www.ynet.co.il/english/articles/0,7340,L-3560756,00.html, accessed 1 June 2009.
Sanger, D. (2012) Obama order sped up wave of cyberattacks against Iran, http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html, accessed 15 July 2012.
Schloenhardt, A. (1999) Organised crime and the business of migrant trafficking. Crime, Law and Social Change 32 (3): 203–233.
Shachtman, N. (2009) Wage cyberwar against Hamas, surrender your PC, http://www.wired.com/dangerroom/2009/01/israel-dns-hack/, accessed 5 June 2009.
SecureSynergy. (2003) Cyber attacks: Defending India's electronic frontiers, http://www.securesynergy.com/library/articles/039-2003.php, accessed 5 June 2009.
Shaw, E. and Stock, H. (2011) Behavioral risk indicators of malicious insider theft of intellectual property: Misreading the writing on the wall, https://www4.symantec.com/mktginfo/whitepaper/21220067_GA_WP_Malicious_Insider_12_11_dai81510_cta56681.pdf, accessed 10 June 2012.
Stamp, J., Dillinger, J., Young, W. and DePoy, J. (2003) Common vulnerabilities in critical infrastructure control systems, http://www.oe.netl.doe.gov/docs/prepare/vulnerabilities.pdf, accessed 27 August 2007.
Standing, A. (2003) How can crime be organized? http://www.iss.co.za/Pubs/Monographs/No77/Chap2.html, accessed 11 October 2005.
Stouffer, K., Falco, J. and Scarfone, K. (2011) NIST guide to industrial control systems (ICS) Security. National Institute of Standards and Technology. Computer Security Division, Computer Security Resource Center, June 2011 http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf, accessed 5 August 2011.
Taylor, R.W., Caeti, T.J., Loper, D.K., Fritsch, E.J. and Liederbach, J. (2006) Digital Crime and Digital Terrorism. New Jersey: Pearson Education.
Vatis, M. (2002) Cyber attacks: Protecting America's security against digital threats. Executive Session on Domestic Preparedness http://belfercenter.ksg.harvard.edu/files/vam02.pdf, accessed 20 January 2012.
Verton, D. (2001) US–China cyberwar: Fact or fear-mongering? http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=60116, accessed 1 June 2009.
Verton, D. (2003) Black Ice: The Invisible Threat of Cyber-Terrorism. California: McGraw-Hill.
Wall, D.S. (2007) Cybercrime: The Transformation of Crime in the Information Age. UK: Polity Press.
Weaver, N., Paxson, V., Staniford, S. and Cunningham, R. (2003) A taxonomy of computer worms, http://www.ll.mit.edu/mission/communications/ist/publications/031027_Weaver.pdf, accessed 22 August 2012.
Williams, D. (2006) Israel holds couple in corporate espionage case. Computer World, 31 January 2006 http://www.computerworld.com/s/article/108225/Israel_holds_couple_in_corporate_espionage_case, accessed 8 March 2006.
Yoo, J. (2005) Fighting the new terrorism, http://www.aei.org/article/foreign-and-defense-policy/international-organizations/fighting-the-new-terrorism-article/, accessed 22 August 2012.
Yu, E. (2009) Israel brings Gaza airstrikes to the Web, http://news.cnet.com/8301-1023_3-10130565-93.html, accessed 15 May 2009.
Zionismontheweb.org. (2006) Security experts forum: Team Evil, http://www.zionismontheweb.org/hackers/experts/team_evil.htm, accessed 10 December 2010.
Acknowledgements
The author thanks Dr Ronald Clarke for his insightful comments that run throughout this article. Any shortcomings, however, are the author's.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Rege, A. Digital information warfare trends in Eurasia. Secur J 27, 374–398 (2014). https://doi.org/10.1057/sj.2012.35
Published:
Issue Date:
DOI: https://doi.org/10.1057/sj.2012.35