Experts Attempt to Map the Battlefields of Cyber Warfare

When attempting to make sense of a physical warzone, there are many clues to help you identify the combatants. These include uniforms, accents, flags, battle strategies, types of weaponry, etc. For example, most people with an elementary understanding of World War II could identify a German regiment from an American one simply by looking at their helmets.

The present and future of cyberwarfare offers little in comparison. As explained by The Economist, anti-virus firms and other computer experts often have to rely on educated guesses and conjecture to track the origin of malicious software designed to spy on other nation-states.

“One of the most famous bits of nation-state malware, Stuxnet, was used to sabotage centrifuges used by Iran’s nuclear programme. Suspicion naturally fell on Israel, which is the region’s most technologically advanced nation, and which has long feared that Iran is working on a nuclear bomb (there have been rumours that Israel has mulled air strikes against Iranian factories). America, as Israel’s chief ally and one of Iran’s chief opponents, fell under suspicion as well. Neither country has ever admitted to working on Stuxnet. But American officials have never denied it, either.”

More recent pieces of malware include Regin, which has been found in computers in Saudi Arabia and Russia, and DarkHotel, which targets corporate executives staying in Asian hotels. Due to their advanced nature and espionage-like purpose, experts believe these malicious pieces of software can be traced to nation-states. Regin has been linked to the British. DarkHotel to South Korea. The reason for these assertions is two-fold. First, the code within each piece of malware includes lexiconical clues: Korean characters in DarkHotel, cricket terminology in Regin. Also, the target of an attack can usually clue observers in on who is likely to have initiated it.

Of course, nothing is certain:

“But all this is tentative. The spies presumably know that their opponents (as well as civilian security researchers) will try to reverse-engineer any computerised bugs they stumble across. So either the clues that do remain were included accidentally, or they are deliberately designed to deceive.”

If the future of warfare is to include fewer arms and more malware, it’s to be expected that nations will boost their efforts in deciphering code and tracing the trail of smoke from the virtual gun barrel.