Opinions Wed, 2 Dec 2009

On the imminent Cyber Warfare, what’s Ghana’s preparedness?

Conventional warfare as we know relies on tanks, troops, artillery, aircraft and a whole range of weapons systems. Nations strength and ability to defend themselves were therefore based on their collection of weaponry. However, in this age of Information and Communication Technology (ICT), Computers rather than chemical weapons, Mass Weapons of Destruction (WMDs) or missiles pose the biggest security threat of the future depending on nation’s ability to cripple rivals by using cyberwarfare. ! It is instructive to note that Cyber attacks are not new - websites were being hacked into and brought down during the Kosovo war 10 years ago.

Cyber warfare which is seen right now as the modern warfare strategy requires a computer and an internet connection. Computer strikes could damage a country's infrastructure as well as a whole collection of defence equipment, cutting off communications, power supplies and military command systems. Imagine this happening in Ghana! Rather than sending in the marines or military persons, the act of just typing a command on a keyboard can have a devastating effect on computer systems and networks which at the moment are the main engine-rooms for running successful nations as well as corporate organisations. It is possible to bring an entire state or organisation to a standstill

For now, 30 countries have advanced and put in place aggressive programmes to wage war by computer. These programmes would certainly become a major scheme of a country’s arsenal over the next decade, especially highly computerized nations. Many nations are already preparing for a future in which conflict would be conducted via the internet and it is confirmed that five countries namely the UK, Germany, France, China and North Korea are arming to defend themselves in a cyber war and are developing their own capabilities.

The US, according to BBC information, is known to have an operating manual governing the rules and procedures of how it can use cyber warfare tactics. It is known to have used hack attacks alongside ground operations during the Iraq war and has continued to use this cyber capability while policing the nation. With respect to the 2012 Olympics in the UK, the British former Home Secretary David Blunkett has cautioned the country’ security’s apparatus of the possibility of a cyber attack. His fear was that cyberspace might be used by jihadists to attack the UK and he indicated to the BBC that terrorists could be planning to attack national infrastructure – power grids, telecommunications and the like via the internet in order to hit a big and symbolic target.

In February this year (2009), NATO’s computers were constantly attacked by organisations and individuals bent on trying to hack into their secrets. The attacks went on despite the establishment of a co-ordinated cyber defence policy with a quick-reaction cyber team on permanent standby. The cyber defence policy was set up after a wave of cyber attacks on NATO member Estonia in 2007. A number of government websites, Estonian banks and media websites were brought down by a massive flood of artificial traffic, that was brought in from the outside, bringing down a number of websites over the course of a few weeks.

After that experience, Estonia established a body called the Cooperative Cyber Defence Centre of Excellence, in order to enhance NATO’s cyber defence capability.

South Korea experienced series of suspected cyber attacks in an attempt to paralyse a number of its major websites in July 2009. According to a BBC report, one of the country’s biggest banks, a leading national newspaper and the South Korean spy agency were targeted. In what was known as a "denial of service" attack, thousands of virus-infected computers were hijacked and simultaneously directed to a particular site, overwhelming it with the sheer volume of traffic. In response to the disruptions, South Korea announced that it will speed up plans for a cyber warfare unit to counter such threats. Major Websites used by al-Qaeda were in October 2008 shut down for six weeks. This fuelled wide range of speculation that they had been targeted by hackers or intelligence agencies. One site, Al-Ekhlas suffered occasional glitches, but was really down during that period for long time. Some jihadists blamed western intelligence groups for the disruption. The sites, which also include al-Firdaws, disappeared shortly before 11 September, the seventh anniversary of the attacks on New York and Washington.

The internet has become an increasingly important tool for al-Qaeda, allowing the group to keep in contact with its supporters and spread its message to the outside world. Some jihadists blame western intelligence agencies, particularly the United States, seeing it as an attempt to stop al-Qaeda getting out propaganda to coincide with the 9/11 anniversary in 2008.

Last year (2008), Internet users in Russia and Georgia attacked vital websites in each other's countries, in a virtual echo of battles being fought on the ground by troops and tanks. A BBC report revealed that several Georgian government portals were defaced or forced offline by hackers allegedly based in Russia. Visitors to Georgian President Mikhail Saakashvili's website were routed to a page portraying him as a modern-day Hitler. Georgia's parliament and foreign ministry sites were also repeatedly disabled, allegedly by attacks from networks of hijacked computers.

Russia's association with cyber-crime dates back to the demise of the former Soviet Union - an event that roughly coincided with the dawn of the internet era in the early 1990s. For thousands of youths who came of age as communism collapsed, computers symbolised the new spirit of enterprise. Treating programming as a tool for self-empowerment, these eager amateurs eventually became skilled software engineers. I am not a computer expert but I believe that every Ghanaian who understands the above instances will certainly be concerned about the security of this country in terms of cyber warfare. One might think there is no need for us to be so much worried for now since we as nation are not highly computerised as indications are clear that the more computerised you are as a nation the more vulnerable you become. Need we wait till we are considered as a highly computerised nation before we start thinking of how to ward off cyber attacks? The answer is a big NO! We have to be proactive and start devising mechanisms to protect our vital information right from the national security level to corporate organisations file. My worry however is that most of these sensitive and vital installations, especially the telecommunication sector are not under our control and it looks like we are not motivating our nationals to venture into that field. I am also perturbed knowing that our major buildings are contracted to foreigners hence sensitive installations are designed and controlled by them. Let’s imagine installations in the presidential palace or the yet to be constructed foreign affairs ministry are shut down and all vital information re-routed, erased or compromised via the internet. How about erasing or corrupting data at the Bank of Ghana or the national security offices? The American government launched a whole national cyber security strategy and the UK responded by creating two organisations, the Office of Cyber Security and the Cyber Security Operations Centre with about 20 people within each of those two offices. Other highly computerised nations are working on devising their own defence mechanisms.

In order for us not to be over taken by events, it is advisable that Ghana as a nation starts putting in place an agency to oversee critical national infrastructure and ensuring that it is adequately hardened against net-borne attacks. We must begin to consider our own cyber defense mechanism. Corporate organisations must certainly contribute to this end since they certainly stand to benefit from such initiative, especially the Banks or financial bodies and insurance companies. The earlier we start building our own defense and buck up systems the better it will be for us. Let’s not wait to get attacked before we think about a defence mechanism.

SOURCE: Frank Agyemang

Columnist: Agyemang, Frank