Cybersecurity Threats to National Defense

Introduction

As technology advances, it has presented huge complications in evaluating impendences to national security. There are adverse acts of violence through the Internet and they are cyber-terrorism and cyber-wars that have heightened interests with security agencies within governments of a number of nations. The essay intends to focus on the importance of governments to keep an eye on and control usage of systems of connections so that to minimize acts of terrorism and civil crimes through the Internet in sustenance of national defense. Furthermore, the essay will provide more discussion on some of the actions national security bureaus have employed in their endeavors to repress the threats, and which particular network they look carefully into. In the current society, Internet systems of connections are developing to be crucial methods for people and businesses to promote communication. The capacity and social communication of the society rely on a huge deal on this instrument to promote communications as well as national growth. Nonetheless, as computer network application is exponentially developing, it is evolving into more complicated to assess its effects. This subjects a peril to people’s privacy and adversely to national security.

Computer network and its vulnerabilities

Programs of surveillance like the Communication Assistance for Law Enforcement Act (CALEA) have rendered to be crucial strategies employed to battle and curb criminal pursuits via Internet (1). With the breakneck adjustment as well as innovation of telecommunication, regimes are capably and easily putting all form of individual information of the public beneath adjacent scrutiny with programs such as Total Information Awareness Programs (TIAP) and Computer and Biometric Software (CBS) (2). Nevertheless, as pointed by Premaratne et al., (2016) and Hutchins et al. (2011), United Kingdom (UK) and other European nations are still under threat due to continuous sophistication of computer networks, and most UK citizens are concerned with their loss of privacy due to efforts the government and other countries’ governments efforts to reduce these portents (3, 4).

There are quite and prevailing criticism from citizens towards governments due to efforts employing to foster national security via application of surveillance. People perceive these endeavors as an invasion of citizens’ privacy and that of businesses (5). They pose the efforts by governments to mitigate threats before they take place fruitless. However, significant strides are being undertaken by government agencies such as intelligence departments to track and survey networks in benefits of the public (6). These endeavors to scrutinize and assess computer communications are meant to curb network intrusion as well as proximate leaks of impressionable information so that to safeguard the privacy of people. This exertion to heighten safety and concurrently bulwark individual aloofness is a decisive step fronting attaining the government’s objective to sponsor national defense.

Susceptibility to Risks like Cyber war and Cyber-terrorism Posit Extreme Insecurity to National Security

There is an increase in cyber incursions, and governments are developing several attempts to keep an eye on systems within the computer connections in concerns of national defense. On March 2013, statistics by IWS (2013) showed that almost 40% of the global population will have the capacity to access computer connection, with at least 65% of the population from Global North. The divergence of computer connections has poise several issues that are worsened by indefensible government procedures or tactics (7). As a consequence, there is a need for governments to invent with firm stratagem to assist in maintain defense scathe less.

A major form issues faced related to networking and internet within the UK as well as its organizations is cyber terrorism (8, 9). It has several definitions, but the most known is the application of computers and Internet that lead to distortion of information of people, property, individuals lives or worse of it all is the intimidation of the government with intention to cause havoc politically or economically (10, 11). It possesses the potential to destroy those people that lead in national industries such as oil and gas companies. It is the reason why government and security bureaus are charged on dealing with the issues via monitoring of all public communications.

Cyber wars, on the other hand, are more of political in structure and entail a particular threat pointed at besieging a company, a fiscal institution, or a particular economic filed leading to loss of economic factors (12, 13). For instance, such as the Operation Socialist in which UK acquired information from Belgian communication organization on call information. According to Lewis (13), these threats emanating from internet and computer (cyber dimension) have spread into the government infrastructures, NGOs systems, and big commemorates. These and other cyber-attacks led to the UK and other countries such as United States of America which was forced to undergo a Wall Street of New York City cyber-attack to make measures to boost cyber warfare units and capabilities due to the effects such as loss of lives, political instabilities, as well as economic loss and consequently national insecurity (14, 15). Thus most nations have taken a role in assessing and monitoring public communications and Internet activities so as to disclose the kind and cause of attack in backing of national defense.

Example of cyber terrorism on computer frameworks is the stuxnet worm (16). Karnouskos (17) and Yang (16) explained that the worm developed by Israeli and US government that intended to use it in enrichment of the uranium facilities was a significant miscreant in Saudi Arabia and Enstonia affecting the architecture of the oil industry. It was deemed one of the serpentine malware developed by the US government, not leaving out that there were also conjectures that the same government was targeting the power infrastructure of Iran. The stuxnet worm invaded the SCADA (Supervisory Control and Data Acquisition systems) that command industrial communications, as well as gas pipelines and power plants (17). This prepared in advance attack led to a malware of at least 100,000 computers presenting hazards to the industrial architecture of Iran. Researchers have presumed that it was the designation of the U. S government to demolish the industrial control framework of the Iranian government (18, 19). At that time if the correct assessment and monitoring approaches were put in place, such a dissemination of malware could have discovered at antecedent stage and contained (20). It depict that the assessing of computer communications is vital to identify the source of that kind of risks and to evade same invasions so that to secure the interests of a country.

Security risks accompanying social media platforms

The high reliance of social media by government and its agencies possess possible risks. These platforms that include Twitter, Facebook and YouTube have been accursed for significant riots that have previously been identified in UK and specifically spread in London (21, 22). The freedoms of expression via these media platforms have posed much grave danger, but governments can minimize these threats if they monitor the computer communications.

There is another challenge that the social media is posing, and that is tracing crimes, and could also be limited if security agencies have the capacity to monitor these platforms so as to prevent threats associated. Criminal activities associated with national security threats could be mitigated, such as detecting of locations of possible planned attacks, and further aid in the prosecution of criminals in judicial systems by use of evidences collected from these social media platforms (23, 24). Consequently, it would aid in the reduction of cyber-wars and cyber terrorism, depicting the role of government in monitoring and assessing Internet and computer networks would play a major role in effecting and sponsoring national defense as well as public stake of a country.

Measures taken by governments on cyberwars and crimes

Governments predominantly those of the UK and US have put in place a number of security agencies meant to monitor networks to minimize possible threats. According to Von Solms and Van Niekerk (25), to curb the usage of gathered information for disregarded purpose, tough regulation and laws promulgated by these security bureaus would confine individuals’ application of such data by journalists and staff. It displays that governments’ comprehension of criticality of establishing such rules in place so that to survey networks and sponsor national defense. Similarly, the NSA (National Security Agency) of the US is the biggest security agency performing mass surveillance, and sources have disclosed that at least millions of information from US citizens as well as foreigners’ computer-based communication and mobile calls and messages are surveyed (26, 27). It was put forth after the 9/11 bombing and implemented as an Act known as the Patriot Act. The Act authorizes the US NSA to reconnoiter n people without acquisition of a search warrant from US courts. It could be depicted that it is an intrusion of individuals’ private lives but several have agreed that security is a predominant in this case in support of national defense.

Recently, countries have partnered in establishing security agencies to promote national defense by use of Internet networking, for example the UKUSA. Countries in this partnership include Canada, New Zealand and Australia. As illustrated by Nugraha et al., (28), the member states use the ECHELON security intelligence collection and analysis network to undertake its national defense operations. Ideally, the infrastructure was developed and integrated with capability to recognize communications between terrorist and criminals in various member states and take action before attacks are launched against people (28).

The GCHQ (Government Communication Headquarters) is a security agency in UK and monitoring computer networks. The agency’s operations are not constrained to intrude of information but it has been considered the first line of defense in the Britain’s national security, and also the dominant monitoring agency that watches carefully private communications via uninterrupted taps into fiber optic cables (29, 30). Recent advancements indicate the extent to which the GCHQ and NSA are functioning in collaboration to undertake mass surveillance (31, 32). A former US security intelligence contractor by the name Edward Snowden disclosed that there exist capabilities of government to meddle with people’s privacy through accessing their social media.

In the UK, programs were mandated and launched to be used to track and scrutinize personal emails and website visits as well as document communications so that to curb terrorism, but has been maintained queries of debate among politicians and the public (33, 34). However, plans are in motion, but citizens are still arguing the legitimacy of invasion of their privacies. The UK government, however, has set up measures aimed at protecting the public (35, 36). Internet Protocols (IP) addresses are being applied to monitor certain suspected web pages visits. Nevertheless, it has also raised intense debates of personal privacy breaching by GCHQ, but the agency has stood firm in asserting that there is need to survey different computer-based communications systems of connections to respond in retaliation terrorism in sponsoring of national defense.

Local Area Networks (LAN) as well as Wide Area Networks (WAN) are the most common and biggest systems of connections that are under surveillance by security bureaus. According to Kruegle (37), these networks are populous collections of computer networks, which possess various purposes relying on the geography and users requirements. It is the reason of the support of national defense by the governments through surveillance on the Internet activities and access by people.

Social networks, World Wide Web (www), and electronic mails are other fields monitored by the governments. Social networks such as Facebook, LinkedIn and Twitter have been widely been associated with heightened levels of crimes the UK and USA (38, 39). Recently analysis into social media usage by radical groups showed that Telegram is another social media that is widely used among terrorist groups (40). It has the capability to distort its record of information after communication making it impossible to detect any forms of threats. Therefore, governments identifies that it is vital to monitor these social networks, communications that are relayed in them as the technology advances. Given the approximately 95% of adverse threats and organizes crimes have been detected by security agencies and counter-terrorism programs due to subscriptions of communication information. From this assertion, it exhibits how surveying communication information that entails a numbers dialed for phone calls, duration as well as addresses of emails, are congruous with the objectives of governments of stockpiling civil data and confine the freedom of people in the interest of national defense.

Governments are also committing extra endeavor in surveying telecommunication systems of connections that entails landline and mobile phones. In the UK, a contemporary law of the year 2012 was sanctioned offering the police and the security services to monitor telecommunication systems of connections. The Strategic Defense and Security Review of 2010 backed up the law via the government’s program to permit an action by security intelligence as well as law enforcement bureaus to acquire communication information from mobile phones and to confine suspicious information transmitted (41). It is evidence that governments are committed in countering terrorism by monitoring all kinds of information transmission media so that to foster national defense.

Different Technologies Used to Monitor Networks

Communication providers aid governments with usage information so as to monitor systems of communications used. The availability of client-server model within the Internet networks offers an opportunity to request from several clients from the Internet Service Providers (ISP). The ISP, sometimes are unwilling to disclose such information, as they speculate that it is not their responsibility to manage the Internet [42]. For instance, the technology applied by the Chinese Golden Shield, also known as the Chinese Shield Firewall. The Chinese government devised it with the capability to conceal information addressed to devastate the government from the Chinese public. It is designed to concede traffic to go through a number of avenues at the Internet Service Provider stage ahead of a blockade [43]. So far, the social media platform that has promoted such technology has been Skype and has been used in this organization.

Non-governmental organizations (NGOs) have also been used to survey on employees and relay any form of suspicious data to the government’s security agencies. It has been deemed helpful in sponsoring of national defense in an event where the staff could be scheming any terrorist or malevolent acts [44]. Computer technical staffs have been perceived to be of the essence in accessing the staffs’ gadgets such as smartphones and laptops in a case where there are apprehensive data that can be relayed to the organization’s management and later to the security agency, and later to the national defense agencies for measures to be taken. For example in Toronto, Canada, the news was reported that at least 17 individuals were suspected of planning a terrorist attack where an organization that was disclosed undertook such a measure and were apprehended to the authorities [45]. It has led to an increase in the levels of surveillance among the NGOs in support of the governments I fostering national defense, and has been identified to be beneficial.

There are a number of tools that are still employed by industries and organizations to surveil on people. They are depicted as Digital Stakeout in Social Media Monitoring Software (SMMS) that are being employed to covertly privately monitor, fetch, and assess individual social media information from platforms such as Facebook, Twitter, and Instagram. It has been identified that it is a component of an increasing augmenting industry that the public is limitlessly aware of [46]. The SMMS are products such as the Dataminr, SocioSpyder, and Dunami, to mention just some of them that are bought by company’s defense contractors, federal agencies like the Central Intelligence Agency (CIA) and law enforcement bureaus and ventured into the technology to aid in the monitoring, evaluating and recording public social media content without the knowledge. Such technology has been identified to apply complex algorithms to assess and organize information into a much more than a set of search results.

It has been identified that such social media surveillance software can be applied topographically trace individuals as they share information. It has the capability to chart out people’s relationships, associations, and systems of connections. Security agencies employing these networks have been able to monitor protests, point out leaders of social and political movements, as well as scope people’s influence [44]. Further, SMMS have the capacity to predict future occurrences, containing threat assessment, and capable of also influencing public opinion. Basically, SMMS is a rancid-tech instrument for monitoring and engineering meant to foster national defenses among nations that have employed it in their security agencies.

Regulation

As mentioned earlier, the legality of monitoring of networks and civil network systems was and still questionable under recent legislation. In the UK, an Act of parliament still revolves around and debate on the Regulation of Investigatory Powers Act (RIPA) of 2000, supposed to regulate the powers of security agencies in undertaking any surveillance and investigations, as well as concealing the interposing of communication of the public. In addition, the US also hold onto the 1986 Electronic Communications Privacy Act (ECPA) that was legislated the US Congress and was supposed to extend the US government limits on wiretapping of telephone calls as well as transmission of electronic information via computers [77]. But then security agencies have in many cases championed the revision of the Acts to allow constant surveillance for considerations of national defense. It is vital to for these legislations to be modified to offer security intelligence bureaus the powers to constantly offer defense against any form of threats originating from within or outside the borders of that country.

However, it is vital to note that progressive surveillance of systems of connections traffic would require rigid regulations to prohibit information seized from being applied for extraneous purposes like individual application by the staff members or journalistic application by the media [48]. These forms of invasions of privacy would oppose the coveted intention the framework and therefore draw away from its genuineness in the permissible struggle.

Conclusion

Networks have posed threats in nations on a daily basis by networks, and threats are several as the networks and technologies continue to advance and diversify. Recently, policing of the Internet is poor, with the number of individuals using to form communications and various other purposes that are growing each day. Policing of the Internet is vital as the same platform is being applied to facilitate threats, terrorism, and crimes to individuals. While several civic concerns have regarded as network monitoring by governments to foster national defense as an invasion of privacy, it has promoted criminal activities being operated at large scale and in a more sophisticated manner due to the advancement of systems of connections. Cyber warfare and cyber terrorism are prevalent nowadays, thus calling upon network monitoring to curb such activities and promote the national defense. Nations such as UK and USA have already adopted systems such as NMMS to monitor networks and consequently have managed to prevent a number of possible threats and also predict possible future threats and prevent them too. Therefore, recent regulations such as the ECPA and RIPA need to be modified to promote intelligent agencies to protect individuals from cyber warfare and terrorism.

References

[1] Hibbard, C.M., 2011. Wiretapping the Internet: The Expansion of the Communications Assistance to Law Enforcement Act to Extend Government Surveillance. Fed. Comm. LJ, 64, p.371.

[2] Talib, S., Clarke, N.L. and Furnell, S.M., 2010, February. An analysis of information security awareness within home and work environments. In Availability, Reliability, and Security, 2010. ARES'10 International Conference on (pp. 196-203). IEEE.

[3] Premaratne, U.K., Samarabandu, J., Sidhu, T.S., Beresh, R. and Tan, J.C., 2010. An intrusion detection system for IEC61850 automated substations. IEEE Transactions on Power Delivery, 25(4), pp.2376-2383.

[4] Hutchins, E.M., Cloppert, M.J. and Amin, R.M., 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research, 1(1), p.80.

[5] Dufaux, F. and Ebrahimi, T., 2008. Scrambling for privacy protection in video surveillance systems. IEEE Transactions on Circuits and Systems for Video Technology, 18(8), pp.1168-1174.

[6] Dufaux, F. and Ebrahimi, T., 2010. A framework for the validation of privacy protection solutions in video surveillance. In Multimedia and Expo (ICME), 2010 IEEE International Conference on (pp. 66-71). IEEE.

Xu, J., Duan, L. and Zhang, R., 2017. Surveillance and intervention of infrastructure-free mobile communications: A new wireless security paradigm. IEEE Wireless Communications, 24(4), pp.152-159.

[7] Zhang, J., Xiang, Y., Wang, Y., Zhou, W., Xiang, Y. and Guan, Y., 2013. Network traffic classification using correlation information. IEEE Transactions on Parallel and Distributed Systems, 24(1), pp.104-117.

[8] Ahmad, R., Yunos, Z. and Sahib, S., 2012, June. Understanding cyber terrorism: The grounded theory method applied. In Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on (pp. 323-328). IEEE.

[9] Dogrul, M., Aslan, A. and Celik, E., 2011, June. Developing an international cooperation on cyber defense and deterrence against cyber terrorism. In Cyber conflict (ICCC), 2011 3rd international conference on (pp. 1-15). IEEE.

[10] Abomhara, M. and Køien, G.M., 2015. Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security, 4(1), pp.65-88.

[11] Akhgar, B., Staniforth, A. and Bosco, F. eds., 2014. Cyber crime and cyber terrorism investigator's handbook. Syngress.

[12] Gandhi, R., Sharma, A., Mahoney, W., Sousan, W., Zhu, Q. and Laplante, P., 2011. Dimensions of cyber-attacks: Cultural, social, economic, and political. IEEE Technology and Society Magazine, 30(1), pp.28-38.

[13] Lewis, J.A., 2011. Cyberwar thresholds and effects. IEEE Security & Privacy, (5), pp.23-29.

[14] Walters, R., 2014. Cyber attacks on US companies in 2014. The Heritage Foundation, 4289, pp.1-5.

[15] Geers, K., Kindlund, D., Moran, N. and Rachwald, R., 2014. World War C: Understanding nation-state motives behind today’s advanced cyber attacks. FireEye, Milpitas, CA, USA, Tech. Rep., Sep.

[16] Yang, Y., Littler, T., Sezer, S., McLaughlin, K. and Wang, H.F., 2011, December. Impact of cyber-security issues on smart grid. In Innovative Smart Grid Technologies (ISGT Europe), 2011 2nd IEEE PES International Conference and Exhibition on (pp. 1-7). IEEE.

[17] Karnouskos, S., 2011. Stuxnet worm impact on industrial cyber-physical system security. In IECON 2011-37th Annual Conference on IEEE Industrial Electronics Society (pp. 4490-4494). IEEE.

[18] Masood, R. and Anwar, Z., 2011. SWAM: Stuxnet worm analysis in metasploit. In Frontiers of Information Technology (FIT), 2011 (pp. 142-147). IEEE.

[19] Langner, R., 2011. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Security & Privacy, 9(3), pp.49-51.

[20] Sandberg, H., Amin, S. and Johansson, K.H., 2015. Cyberphysical security in networked control systems: An introduction to the issue. IEEE Control Systems, 35(1), pp.20-23.

[21] Trottier, D. and Fuchs, C. eds., 2014. Social media, politics and the state: Protests, revolutions, riots, crime and policing in the age of facebook, twitter and youtube (Vol. 16). Routledge.

[22] Sandoval-Almazan, R. and Gil-Garcia, J.R., 2013. Cyberactivism through Social Media: Twitter, YouTube, and the Mexican Political Movement" I. In 2013 46th Hawaii International Conference on System Sciences (pp. 1704-1713). IEEE.

(23) Barak, G., 2013. Media, process, and the social construction of crime: Studies in newsmaking criminology. Routledge.

(24) Jiang, Y. and Jiang, J.C., 2014. Understanding social networks from a multiagent perspective. IEEE Transactions on Parallel and Distributed Systems, 25(10), pp.2743-2759.

[25] Von Solms, R. and Van Niekerk, J., 2013. From information security to cyber security. computers & security, 38, pp.97-102.

[26] Greenwald, G., 2014. No place to hide: Edward Snowden, the NSA, and the US surveillance state. Macmillan.

[27] Hunt, E., 2012. US Government computer penetration programs and the implications for cyberwar. IEEE Annals of the History of Computing, 34(3), pp.4-21.

[28] Nugraha, Y., Brown, I. and Sastrosubroto, A.S., 2016. An adaptive wideband delphi method to study state cyber-defence requirements. IEEE Transactions on Emerging Topics in Computing, 4(1), pp.47-59.

[29] Svendsen, A.D., 2009. Intelligence cooperation and the war on terror: Anglo-American security relations after 9/11. Routledge.

[30] Harrop, W. and Matteson, A., 2015. Cyber resilience: A review of critical national infrastructure and cyber-security protection measures applied in the UK and USA. In Current and Emerging Trends in Cyber Operations (pp. 149-166). Palgrave Macmillan, London.

[31] Bauman, Z., Bigo, D., Esteves, P., Guild, E., Jabri, V., Lyon, D. and Walker, R.B., 2014. After Snowden: Rethinking the impact of surveillance. International political sociology, 8(2), pp.121-144.

[32] Almeida, V.A., 2014. The Evolution of Internet Governance: Lessons Learned from NETmundial. IEEE Internet Computing, 18(5), pp.65-69.

[33] O’Connell, M.E., 2012. Cyber security without cyber war. Journal of Conflict and Security Law, 17(2), pp.187-209.

[34] Vukovic, D., Gligoroski, D. and Djuric, Z., 2014, August. On privacy protection in the Internet surveillance era. In Security and Cryptography (SECRYPT), 2014 11th International Conference on (pp. 1-6). IEEE.

[35] Reyns, B.W., 2010. A situational crime prevention approach to cyberstalking victimization: Preventive tactics for Internet users and online place managers. Crime Prevention and Community Safety, 12(2), pp.99-118.

[36] Levi, M. and Leighton Williams, M., 2013. Multi-agency partnerships in cybercrime reduction: Mapping the UK information assurance network cooperation space. Information Management & Computer Security, 21(5), pp.420-443.

[37] Kruegle, H., 2011. CCTV Surveillance: Video practices and technology. Elsevier.

[38] Trottier, D., 2016. Social media as surveillance: Rethinking visibility in a converging world. Routledge.

[39] Bekkers, V., Edwards, A. and de Kool, D., 2013. Social media monitoring: Responsive governance in the shadow of surveillance?. Government Information Quarterly, 30(4), pp.335-342.

(40) Prucha, N., 2016. IS and the Jihadist Information Highway–Projecting Influence and Religious Identity via Telegram. Perspectives on Terrorism, 10(6), pp.48-58.

(41) Chen, P.Y., Cheng, S.M. and Chen, K.C., 2012. Smart attacks in smart grid communication networks. IEEE Communications Magazine, 50(8).

[42] Zhang, Yongguang, and Wenke Lee. "Intrusion detection in wireless ad-hoc networks." In Proceedings of the 6th annual international conference on Mobile computing and networking, pp. 275-283. ACM, 2000.

[44] Clayton, Richard. Anonymity and traceability in cyberspace. No. UCAM-CL-TR-653. University of Cambridge, Computer Laboratory, 2005.

[45] Geist, Michael. Law, privacy and surveillance in Canada in the post-Snowden era. University of Ottawa Press/Les Presses de l’Université d’Ottawa, 2015.

[46] Ballantyne, Bryan J. "Social movements and social media: surveillance and unintended consequences." PhD diss., Monterey, California: Naval Postgraduate School, 2017.

[47] Bertot, John Carlo, Paul T. Jaeger, and Derek Hansen. "The impact of polices on government social media usage: Issues, challenges, and recommendations." Government information quarterly 29, no. 1 (2012): 30-40.

[48] Carlo Bertot, John, Paul T. Jaeger, and Justin M. Grimes. "Promoting transparency and accountability through ICTs, social media, and collaborative e-government." Transforming Government: People, Process and Policy 6, no. 1 (2012): 78-91.