Cyber Warfare, The new Weapon

Cyber warfare is very similar in nature to the naval warfare. In International Water Navy encounters enemy warships, large merchant vessels, small merchant ships, fishing boats and guised surveillance ship from all directions. There are no borders to clearly establish that everything on other side belongs to enemy assets. Though there are Sea-Lanes-of-Communication but two ports are actually on connection less service and no ship is bound to follow SLOC. In cyberspace IP address is the flag which every asset on the Internet displays but ruse is not uncommon.  It is therefore necessary to identify the cyber assets positively in any cyber-conflict before any aggressive response is initiated. Wearing flag of convenience is common by sea vessels as well as cyber assets.

Tallinn Manual while drawing the rules for Cyber War has based the identity of any cyber-asset on its territorial linkages. If Tallinn Manual is used as start point for taking any decision on ‘Laws of Cyber Conflict’, then geo-spatial tagging will be a critical in deciding whether an act by a military leader amounts to war-crime or not. It is therefore necessary that any attack or counterattack in any Cyber War should be focused primarily using geo-spatial intelligence rather than general purpose destructive force. That is why cyber weapons such as Stuxnet, Duqu and Flame are geographically focused and are unlike other normal viruses and Malwares which are general purpose to infect every vulnerable system.

Advanced Persistent Threats (APT) are selecting specific targets based on location, similarly large data mining and analytic tools are also focused to attack based on geo-spatial information. Operations Titan Rains, Olympic Games, ATP1, Night Dragon, and Ghostnet are all pre-war surveillance. Only Operation Orchard and Stuxnet can be called acts of Cyberwar and both operations had target location mechanism built into them. Therefore unlike other acts in cyberspace geo-location of a target is critical.

There are several techniques for IP- geo-location. Some of them are host-dependent while other are independent of host and based purely on IP address to get physical location. A brief on some of the techniques used for IP-Geolocation are discussed below.

A.  Global Positioning System. Global Positioning System has become a standard fit in most of the mobile devices and tablets. The GPS uses Doppler Effect of satellites orbiting in the space. The accuracy which is achieved by non-military GPS system is about to 2 meters, it can also provide information related to altitude of the system. Most of the social-media application such as twitter, Facebook, Instagram, has integrated geo-location tagging for the images. Photographs taken by inbuilt GPS devices also have the capability of IP- geo-location tagging with the photographs. 

While gathering data from such device application by twitter, Google, Microsoft, Facebook, and others that correlate the IP address with geo-location of the device. In fact in a incident, where the location of the INS Vikramaditya on her maiden passage to India got compromised through social-media due to auto geo-location tagging of the photographs. The GPS project was developed in 1973 is run by US Department of Defense. Other similar systems such as Russian’s – Global Navigation Satellite System (GLONASS) , European’s – Galileo , China’s – Compass Navigation System and India’s – Indian Regional Navigation Satellite system, though exist are not extensively used with the IP enabled devices.

 B.  WiFi Positioning system (WiPS). WiPS is used where GPS system is not installed or switched off or signals are blocked. Each WiFi device in the world is unique through the combination of its Service Set Identification (SSID) and Media Access Control address (MAC address). Various commercial companies such as Google, Infsoft, Navizon, AlterGeo, Skyhook Wireless and  Combain  Mobile provide the services of IP geo-location through WiPS, the location of the WiFi system is collated in the database while other geo-location tools such as GPS are used on a device with enabled WiFi services. In fact once the geo-location of a WiFi Hot-Spot is fixed the location of the computers using WiFi can also be found out remotely. Using signal strength techniques accuracy less than 1 meter can be achieved.

C.  Mobile networks. The mobile phones using mobile networks of GSM or CDMA can provide geo-location information of such devices even in absence of GPS and WiFi receivers. The technique of geo-location in this based on the delayed time between the mobile phones and the cell tower, whose position is fixed and known. Accuracy through this technique is reasonably course. In case these mobiles phones are using GPRS, 3G or 4G services, then it automatically provides IP geo-location.

D. Anti-theft hardware. Most of the motherboards of computers, laptops and mobile devices have inbuilt features for remote activation for the anti-theft mechanism. These anti-theft mechanisms keep continuously gathering geo-location information of the host, as and when same is reflected in any application. This collated information is then used to develop reasonably accurate geo-location of the device. In addition, it can ping back the mother-site through well-established geo-located servers, where delayed times through various routes can provide reasonable accurate IP-geo-location. The leading company providing such services is Computrace.

E. Device independent IP geo-location. There exists a reasonably high possibility that computers may not be fitted with features such as GPS, GSM or CDMA. There exist several client independent geo-location techniques to link IP address with the physical location. One of such techniques is using geo-location method at each step to improve the accuracy in an iterative manner using time delay calculations in the following sequence:

1.    Harvest Geo-location on the web of well-known servers in an area.

2.    Geo-locating primary servers of ISP.

3.    Geo-locating last mile routers of ISP.

4.    Time delay between last mile router and the host.

F.  Non-Technical – web based information.

a.  Trace route – Trace route fired from multiple locations to an IP address can provide IP geo-location by calculating time delay between various routes.

b.  The information provides in whois records can give a reasonable accuracy of such servers. The whois records are publically available. When compared with the location of such companies in many cases geo-location at least up to Zipcode/ Pincode level can be established.

G.  Non-Technical – Database of ISP

Stealing or legally getting information from ISP of their registered user's details can also provide a reasonable accurate geo-location.

Determining the geographical location of an Internet Protocol host is valuable for many Internet-based application including marketing and anti-fraud activity. However, in planning and execution of CyberWar, IP Geo-location has far more important value.   Some of the applications of IP geo-location in CyberWar are:

(a)  Allocation or area of responsibility to CyberWar Sector Commanders

(b)  Implementation of Rules of Engagement

(c)  Avoiding fratricide

(d)  Avoiding over-concentration of fire power or leaving gaps in attacks

(e)  Encirclement and isolation of heavily defended Cyber Targets.

(f)  Minimizing collateral damages

(g)  Simplify Battle Damage Analysis (BDA) of cyber-attack or real-world attack.

(h)  Control intensity and pace of cyber conflict.

(i)  Integrate HUMINT and kinetic (physical) weapon attack with cyber-attack.

And many more.

CyberWar in future may be launched independently or in the prelude to or in support of real world conflict. An unstructured cyber-attack based on opportune target methodology (as presently being practiced) can be counter-productive to the objective of the mission. To properly control the scope, pace and intensity of CyberWar, it is necessary to IP geo-locate the target host.  Therefore IP geo-location of enemy targets is a precondition for launching any effective cyber-offensive.

Disclaimer : Inputs for this post is drawn from various articles. This is a summary of those articles

The Advent Of ‘Blockchain’ And What It May Mean For Lawyers

In simple layman terms, Block chain is a Technology which removes the middleman for any kind of transaction and that includes financial.

The financial world may be headed for a major change. As with any change to society, there will be disputes, and good lawyers need to be ready.

“Everything that can be invented has been invented” — these words are generally attributed (perhaps erroneously) to Charles Duell, commissioner of the United States Patent and Trademark Office from 1898 to 1901. As the story goes, Duell said this just a few years before the invention of both the typewriter and the telephone. The advent of either one would have been enough to prove the falsity of his pronouncement.

When the industrial revolution began in England and then the United States two centuries ago, people in every walk of life in both of those countries and then the world were angry (or, more likely, scared) at the daunting prospect of progress. As the first caravan owners thousands of years ago learned once seafaring ships were built, and as we’ve all learned every year since, as new industries arise, old jobs are phased out.

Hopefully, as Americans we can also recognize that as new industries arise there are new opportunities. And as lawyers we can hopefully see how these new opportunities allow us to serve our clients better. Today, a new industry has arisen known as “block chain.” Many claim that the technology — a new type of decentralized network — will replace the internet, offering a model in which fraud and lack of integrity can be stamped out immediately.

Block chain represents a major shift in information management, in a time some have called the Information Age. In the past, to make a database, someone would spend time crunching numbers on Microsoft Excel. Today, there’s an opportunity to collaborate on what essentially is a secure, global spreadsheet shared by multiple parties. One of the most promising examples of block chain technology is Ethereum, and it contains some exceptional opportunities to disrupt the legal industry.

Block chains determine what is truthful by using a so-called “consensus mechanism” effectively to compare each party’s statements immediately, alerting the parties involved as soon as there is a discrepancy. As an example, imagine a block chain being used for a legal case. The relevant legal texts would be fed into this block chain so that particular laws could be cited and referenced. The software could then identify if there is an incorrect statement by either party in a brief or other filing. Companies are already using databases as powerful tools for legal teams.

One such example is Tim Hwang’s FiscalNote, where changes in legislature are tracked in real-time and lobbyists are also alerted to changes in real-time. The software supposedly can even predict the probability with which a certain lawmaker might vote given past opinions from prior votes.

In law perhaps no concept is more central to the role of the blockchain than what are called “smart contracts.” These are agreements that are written in computer code that automatically monitor the actions of the individuals involved, and will immediately provide notice when a violation takes place, or when a contractual obligation has been fulfilled. If provided adequate, accurate information, these processes would be nearly instant, because a computer is reviewing the actions, rather than a person.

This would be equally beneficial for corporations and individuals. London-based law firm Hogan Lovells has already begun to involve smart contracts in their practice.

An example of how this could work would be a charitable donor or investor who writes a check with a smart contract that provides, “I’d like to fund your project and I’ll give you $10,000, but only if you have raised the $1 million that it’s going to take to fund your entire project. Otherwise, the money reverts back to me.”  This allows people to turn contractual terms into computer code and govern the way they are executed. In the code, the money would automatically be returned without the need for making a claim if a counter party did not fulfill the pre-conditions for non-reversible execution of the wire.

Lawyers are needed here (if not necessarily for the grunt work). A contract is only as smart as the humans writing the code. Humans have not been made perfect here; we will need lawyers to guide the code writers. And, of course, for trial lawyers like us and our colleagues, there will be a role to play when things go wrong.

Applications of block chain technology offer great promise and potential that may give rise to major upheaval in industries all over the world. The practice of law may be one of the industries most primed to benefit from the immediate, anonymous, verifiable, decentralized, and truly fair power of the block chain. And of course, there will be disputes. As lawyers, we need to be ready.

Dubai is planning to remove middlemen like lawyers, accountants, bankers, immigration officers & govt. officials by year 2020 by adapting to block chain technology. 😱 

What will governments look like 5 years from now? Today Dubai announced its plan to be “The World’s first block chain powered government” with a plan to move 100% on block chain by 2020:

# Arabian Chain is moving all Dubai’s government paperwork onto the block chain, so it doesn’t need lawyers and government departments for verification.

# ObjectTech is providing digital passports and block chain security to Dubai International airport to deliver seamless entry and exit from the country.

# The Dubai Land Department has launched a block chain system to record all real estate contracts and record all property-related transactions such as rental, utility and telecom bills.

Inputs from  John Balestriere, Sam Tabar