Digital Asymmetric Warfare
2018 has just finished; malware, hacks and exploits are everpresent, and we are wondering, why is this happening? What has led to this?
The answer — Cyberwar is being conducted on a global scale via digital strategic asymmetrical warfare, employed by nation states and non-state actors.
Before we can understand what asymmetric warfare is and how it applies to the current state of the digital domain, we need to understand what conventional war is.
Conventional warfare
Conventional warfare is a form (the traditional) of war conducted using conventional weapons and warfighting tactics between two or more states in open warfare. The forces on each side are well-defined and leverage weapons that target the opponent’s military forces. This type of warfare is typically fought using conventional weapons, and not with chemical, biological, cyber or nuclear weapons.
Conventional warfare leveraging cyber weapons cannot be achieved due to each side not knowing the opponent’s forces, the mass of power and the battleground in which the war is fought. These unique challenges states face in today’s digital domain can be overcome by leveraging asymmetric warfare.
What is asymmetric warfare?
In short, asymmetric warfare is referred to as; two powers, states or individuals whose relative military power differs significantly, or whose strategy or tactics differ significantly. “Power”, in this context, is broadly interpreted to mean physical power, such as a large army, sophisticated weapons, technological advancement, economic size etc. Furthermore, the size and power of a state are not always relative to their cyber capability, and this is due to the minimal requirements on information technology and a greater emphasis on people, skills and intent.
Now that we have understood what asymmetric warfare is — We now see that states, non-state actors and individuals can conduct cyber warfare against any target with effective results due to that actor possibly having greater skill or “power” in a unique offensive cyber capability. Also, states that do have a conventional warfare strategy and forces to action a traditional approach can also supplement their force multiplies with a cyber asymmetric warfare capability; this is where it gets interesting.
Interesting? Yes; to explain this, we will understand three states The Islamic Republic of Iran (Iran), The Peoples Republic of China (PRC) and The Democratic Peoples Republic of Korea (DPRK). These states employ asymmetric warfare effectively (not limited to these states) in addition to there conventional military strategy.
The Islamic Republic of Iran
Iran has a deep history of using force by proxy, that being conventional conflicts (Hezbollah attacking Israel) or by cyber attackers (IRGC and Iranian based cyber contractors). This proxy strategy is a unique style of asymmetric warfare and has lead to Iran leveraging this strategy over all others, this is in part due to Iran being surrounded by enemies, and Irans need to enforce power throughout the Middle East North Africa (MENA) by distance. Furthermore, we have recently seen this strategy exercised in the Syrian war with Iran backing the Assad regime by supplying aid and weapons to the Syrian Army and various militias; Additionally, Iran providing aid, support and weapons to the Houthis rebel that over through the Yemeni government in 2015.
Irans main cyber-fighting force is the Islamic Revolutionary Guard Core (IRGC) which is a branch of Iran’s military forces. The IRGC’s role is to protect the Islamic system via preventing foreign interference as well as coups by the military or deviant uprisings. IRGC operations are focused on asymmetric warfare and less traditional military functions. The IRGC also focuses on domestic monitoring and collection due to Iran implementing a monitoring mandate, focusing on the protection of the Islamic system.
The IRGC has been identified to have penetrated domestic news and media organisations for intelligence collection while also affecting several western organisations (not limited to) within the United States, Saudi Arabia and Turkey since 2009.
Result — Iran leverages asymmetric warfare using offensive cyber operations to protect its domestic Islamic interests, its Islamic international interests and conduct cyber espionage campaigns for intelligence collection.
The Democratic Peoples Republic of Korea
The DPRK is a unique geographically located nation, unique socialist regime and significant military force of over 1.2 million personnel, 4th after China, the United States and India. The DPRK has a unique economic position, wherein their trade is currently globally restricted due to DPRK’s unfavourable nuclear weapons program. Furthermore, since the collapse of the Eastern Bloc, the DPRK’s economy had to realign its foreign economic relations with South Korea and enabling China to become the DPRK’s largest trading partner.
These factors have to lead the DPRK’s need to protect its political regime while projecting force outside of its small geographical location; Conventional warfare cannot protect the DPRK’s interests due to its geographical location but be employing a mass of decision strategy, that being nuclear weapons program and cyber asymmetrical warfare program. Offensive cyber operations have enabled the DPRK to conduct shows of force against many states and organisations, robbing international banks worth millions without ever physically leaving the Korean peninsula.
The DPRK’s principal cyber force is staffed via “Bureau 121”, one of six sub-bureaus of The Reconnaissance General Bureau (RGB) — DPRK’s intelligence agency that manages the state’s clandestine operations. Bureau 121 is also further subdivided into five sub-branches:
Office №91 — Thought to be the headquarters of the cyber division
Unit 121 — The majority of the force and has the most advanced capabilities.
Lab 110 — Responsible for technology reconnaissance and targeting
Unit 35 — Responsible for internal investigations and security functions, but also maintains offensive cyber capabilities.
Unit 204 — Responsible for psychological operations and information warfare.
The above bureaus are supported by the General Military Offices 31, 32 and 56; these offices are tasked with developing new, updated and offensive system penetration software that bureau 121 can leverage.
Result — The DPRK has a large military force, asymmetrical warfare strategy and a well structured/defined offensive cyber capability. These capabilities make the DPRK a significant threat against any state or organisation that has opposing views to the North Korean Regime or its current strategic goals.
The Peoples Republic of China
China is the world most populous country at a staggering 1.4 billion people. This population has enabled China to have the most significant conventional fighting force “The Peoples Liberation Army”, the PLA has approx 2.2 million active and reserve forces. The PLA is also Chinas cyberwarfare capability with a specialist unit designated “61398” or “PLA Unit 61398”, this unit has been identified to have conducted offensive cyber operations since around 2002.
Furthermore, the PLA is a well staffed, trained and government offensive cyber capability that currently has over 77 uniquely attributed cyber persistent threat groups (as at June 2018) that have and do engage in cyber activities not limited to covert espionage, website defacement, phishing, watering hole attacks and bio-pharmaceutical intelligence collection.
Result — China is a global power within economics, military force and size but its military lacks force projection beyond the Asia Pacific region, mainly due to its aging military equipment and its past military strategies not mandating force project elements, like aircraft carriers. Furthermore, this has lead to China employing a unique asymmetric warfare strategy that fills the conventional warfare force projection void. This strategy has allowed China to project global operational force with enough digital camouflage to withstand direct attribution and global backlash.
All the above nation-state entities described leverage asymmetric warfare to different degrees, but primarily leveraging asymmetric cyber tactics, techniques and procedures. Asymmetric Cyberwarfare combines the best of new technologies with the strategy that targets your adversaries deficiencies to exploit their inherent weakness. For these reasons, Asymmetric Cyberwarfare is here to stay!
