From swords to guns, and wooden ships to warships, the technology and battlefield is constantly changing.  With the invention of computers and the internet, and their ubiquity, cyber warfare and cyber attacks are becoming a more and more prominent issue.  Computers have taken the battlefield from a physical conflict to a conflict that is focused on informational and economical gains and damages.  Cyber attacks can be committed by the government, individuals acting alone, or even through a government-hired third party.  Impact of warfare on civilians has always been an issue but cyber warfare presents a different way that civilians can get impacted through war.  Cyber warfare involves more civilians and non-battle personnel than ever before, causing undue and unjust damage to those impacted.

To understand the basics, TIME Magazine cites five main points about the evolution of cyber warfare: government threats, business threats, social media threats, Russia, and China (time.com).  Each of these five have played an important role in the evolution of cyber warfare and cyber attacks in general.Washington D.C. is no stranger to cyber attacks.  In 2014 the United States federal government endured an enormous amount of attacks, with 61,000 cyber-security breaches last year.  Much information was compromised, including but not limited to: Social Security numbers, job assignments and performance evaluations of government employees (time.com).  All of this is important information and has the potential to cause great harm to individuals employed by the US government or to government as a whole.  The danger is real, and the United States Director of National Intelligence affirms that by ranking cyber crime as the country's number one security threat - even in front of terrorism, weapons of mass destruction, and treason (time.com).

Hackers can do more than just find information on government officials and civilians.  Robbery is nothing new to cyber criminals and they have been doing this since hacking was created.  2013 saw a very high number of attacks, with over 3,000 United States companies officially being informed by the FBI that the company was a victim of a cyber security breach (time.com).  Hackers will attack anything that has money because the risk of getting caught or recognized is greatly diminished.  Instead of going into a store and robbing it, they can just go online and get what they want.  The victims of these few thousand attacks ranged from smaller banks, to large defense contractors, and even mega retail stores (time.com). These attacks show how cyber attacks, while targeting a specific individual, bank account, or whatever target it may be, still impact a much greater population.  When large retail stores and similar targets get attacked, it not only impacts the store's bank account but also its employees.  Incredibly, 7% of United States organizations lost at least $1 million or even more due to the cyber crime recorded in 2013.  19% of American entities have claimed their losses between half a million dollars and one million over the same timespan.  Hacking is estimated to cost the United States over a staggering $300 billion per year.  This figure is magnified on a world scale, being somewhere around $445 billion which is 1% of global income.  Gartner research firm projects that in 2018, the world will spend as a whole $101 billion on information security (time.com).

Seemingly non harmful, even social media can serve as a threat - especially in today's world.  In 2014, social media spam increased an incredible 650% from 2013.  Spam is any internet message that is sent to a large number of people that is irrelevant.  Basically, the annoying emails that get filtered into the "Spam" folder in any email mailbox.  This number is astounding, and about 30% of American adults claim that one of their personal social media accounts has been hacked before (time.com).  With technology only growing more accessible, this number is set to increase.  The fact that social media accounts are being regularly hacked poses a huge concern.  Globally, it is estimated that 10-15% of home computers are currently infected with botnet crimeware, along with over 30,000 new websites compromised daily (time.com).  Botnet crimeware is a tool hackers will use to infiltrate systems.  The tool is autonomous and used to facilitate cybercrime.  Even more common things such as spyware, keyloggers, and browser hijackers can be considered crimeware, but only when used explicitly for that purpose.  Today's world and culture places such focus on the internet and social media presence that damaging someone's account could have an impact on both the user's personal and professional life.  Facebook is a prime example of a large company being targeted.  In 2011, Facebook admitted to being the target of 600,000 individual cyber attacks every single day.  Since then, the social media giant has not made any figures public (time.com).

Russia has an interesting strategy when it comes to the online world, operating more defensively than offensively.  Known as a "troll army" arranged under the Internet Research Agency, its intention upon establishment was to provide readers with disinformation (time.com).  They used this strategy heavily during the invasion of Ukraine but also operate on a regular basis.  Many are aware of Russia invading Ukraine, but not many are as aware of the role that cyber warfare played in it.  Each "troll" puts out approximately 135 comments in an hour over a twelve hour shift.  Additionally, each is reportedly required to fifty news articles every single day, and even running six individual Facebook accounts and ten different Twitter accounts each (time.com).  Russia is so determined with this strategy that they employ 400 full-time staffers and are funded with a $400,000 monthly budget (time.com).

The only country comparable to Russia's prominence in the cyber world is China.  Not only do they rival Russia, but they exceed them.  China is the single largest threat to America.  An overwhelming 70% of the United States corporate intellectual property is believed by officials to be coming from China (time.com).  This is not just a sloppily thrown together group of hackers - this is a large organized group even housed by China's government in Beijing (time.com).  China does not attempt to rival the US with military power, but rather with information and technology.  Beijing's focus is on commercial and government espionage.  Hard figures are rare about this subject, but in May of 2013 two former unnamed Pentagon officials came out stating, "Chinese computer spies raided the databanks of almost every major defense contractor and made off with some of the country's most closely guarded technological secrets," (time.com).  

Cyber warfare is truly a revolution in warfare itself.  Not only has it been revolutionary, but it will continue to be.  Boeing's Battlefield Integration Centre (BIC) is like a preview of what warfare in the future could look like.  Essentially, it is like a large cinema for war, with three large screens and three consoles  beneath (economist.com).  One screen includes an image of Korea with triangles and circles representing different threats including fighter jets, bombers, and spy planes.  Another has close-up of trucks moving and the third contains a feed from a camera on a soldier's helmet (economist.com).  While this is not a direct attack through cyber warfare, it is using Internet and connections through different systems to coordinate efforts.  It can help provide efficient strategies and allow for split-second decisions as well.  

The UAVs in Afghanistan also point to a huge revolution in warfare.  Northropp Grumman's Global Hawk proved the ability of drones to fly long range through its flight from California to Australia before being deployed for use in Afghanistan (economist.com).  The Global Hawk is a "high-altitude long-endurance aircraft" (HALE) was built to the scale of a mid-sized corporate jet with a large nose for carrying its antennae.  Unlike the UAVs, they are not a drone but fly autonomously.  It is used for surveillance, and is meant to fly at a height of 65,000 feet for 24 hours up to thousands of miles away (economist.com).  This Global Hawk is also made to stay out of the flight paths of other UAVs, fighters, bombers, and out of range of missiles.  UAV development is picking up as well, with over $1.5 billion invested in the development each year (economist.com).  

UAVs and UCAVs may only cost one third as much as a manned fighter to manufacture.  Projections show that by 2055 90% of fighters will be unmanned (economist.com).  A challenge that arises with unmanned UAVs is that since there will be so many in use at one time, flight patterns would have to be accounted for.  Also, the bandwidth would be an issue since there would be so many flights on so many different networks (economist.com). Chris Domas is currently involved in the field as a cybersecurity researcher.  He is an expert in pattern recognition and reverse engineering and shows how researchers use these to understand binary code.  This is important because it is the basis on how cyber criminals operate.  They need to understand what the hackers are looking for to provide efficient security for their systems.  Domas explains how through these two concepts, cyber security can be better understood and executed.

Domas provides examples on how these techniques can even be used to carry out physical attacks.  He points to the terrorist threat of mobile batteries exploding against protesters.  This cyber attack shows how terrorist and other organizations can use cyber attacks to not only carry out virtual damage, but physical damage and human casualties as well.  Domas provides this example because it broadens the scope of the cyber attacks.  Not many think that cyber attacks could lead to people actually dying, but linking these devices with explosives has proven to be a way that this can be done. 

A perfect example of a threat like Domas suggests is the Chinese hacks on the United States.  According to sources of NBC, Chinese hacking attacks targeted at the personal emails of "all top national security and trade officials," (Thielman).  There were more than 600 individual attacks, all attributed to hackers working for the Chinese government.  These attacks sought personal email information from high-ranking officials, with attacks having started in the year 2010.  The largest informational security breach was when the Office of Personnel Management was hacked and around 22 million people had their personal information compromised (Theilman).

The impact of these attacks reaches beyond the boundaries - it caused internal strife among government officials as well.  The agency even admits that there has been internal strife; Patrick McFarland, who is the office's inspector general, authored a very strongly worded note to the Office of Personnel Management's director, Beth Cobert.  McFarland's note accused the department's Office of the Chief Information Officer of 'hampering' its inquiry into the hack, citing multiple instances of uncooperative behavior (Theilman).

Not only is information compromised, but attacks can cause internal strife and other internal errors on the targeted network's users.  These attacks are dangerous and real, but according to Lauren Weinstein, the anonymous attribution of the attacks to China may not be warranted:

"Just about every email address ever published on a web page is subjected to phishing attacks sooner or later these days.  If you phish at a few hundred million email addresses, you'll probably suck up a bunch of them from government officials in the process, whether you specifically targeted them or not.  When you keep trying to comb through this kind of data to tease out patterns after the fact, there can be pressure (political and otherwise) to start seeing relationships that aren't really there, much like staring into a kaleidoscope for too long." (Theilman)

Weinstein's proposal very well could be accurate.  There is no way to 100% accurately trace where these attacks came from, since the attacks were not found and traced during the attack, and the assumption that it was China may be jumping to conclusions.  Phishing is not an uncommon practice, and it is completely feasible that these were just coincidental attacks.  It also happens that these attacks occurred during the time that Hillary Clinton was receiving work-related emails on her personal email accounts (Theilman).  While no names of victims were ever formally released, it is possible that Clinton's email was a victim of these attacks and would corroborate Weinstein's claim that government officials' information can be accidentally scooped up with everyone else.

Although attacks are often specifically targeted for certain information, sometimes the hacker luckily finds some extra information they were not intending to find.  The hacking attacks supposedly done, or facilitated by, China was during the time when Secretary of State Hillary Clinton happened to be receiving work related emails in her private accounts.  It is unknown if any of this information was compromised with these attacks because none of the victims have been formally recognized.

Even though the United States government has many ways of protecting its information, internet activists believe that the United States government cannot protect its data, and that through past incidences and handling of incidences, they claim that they have proven so.  "The US government has proven itself incompetent when it comes to protecting its data.  Information sharing bills like Cisa would make us even more vulnerable by dramatically expanding the amount of private data the US government keeps in its databases and the number of government and law enforcement agencies who house that data," said Evan Greer, a member of the advocacy group Fight for the Future (Theilman).

Laws regarding cyber warfare have not always existed and traditional laws regarding war are hard to apply to cyber war.  Priyanka R. Dev writes, "As the dangers of cyber actions evolve in the wake of technological developments, so too should the way States and organizations apply traditional law of armed conflict (LOAC) principles to cyber actions.  Traditional kinetic LOAC principles simply do not fit this new wave of warfare." (Dev 380).  Dev makes the claim that LOAC does not fully account for cyber warfare and the way it is fought.  Since it is so different from traditional warfare, practically applying preexisting laws oftentimes presents a challenge.  Dev goes on to explain that the limitations of applying the traditional set of LOAC laws to cyber acts have left nation States: 

"misguided and confused, forcing them to rely on subjective views of what is lawful rather than apply an objective, internationally-accepted assessment of lawfulness before implementing a cyber act.  In the absence of formal guidance from the United Nations, the organization that typically formalizes LOAC rules into transnational binding treaties,8 scholars have offered informal rules of cyber conduct in the form of the Tallinn Manual - but their response lacks the enforceability mechanisms that boost the legitimacy of and reciprocity for LOAC.  " (Dev 380).

The Tallinn Manual Process is a leading effort on international cyber law research and education.  The Tallinn Manual can be found in book form for free on NATO's Cooperative Cyber Defence Centre of Excellence.  This publication strives to explain and delve into the law regarding cyber warfare, both in how it can be currently practically applied and how they can be changed for the better.  Russia is the main party that rejects the Tallinn Manual, instead favoring to wait until a more formal international response on the issue is formulated (Dev 381).

Dev's main focus of the article is to explore the various ways in which traditional combat thresholds of a U.N. Article 2(4) "use of force" and Article 51 "armed attack" have been applied to cyber conduct (Dev 381).  The author is not alone in their concern, and this is in fact a world wide matter.  The fact that Russia rejects this is worrying, because they have been attributed with attacks in the past and are known to have some cyber prowess.  The questions arise when they reject this document: are they rejecting it because they believe the laws are too good and secretly hope that revisions will make them more easily avoided?  Or do they actually care and enforce the law?

Ryan Patterson, author of Silencing the Call to Arms: A Shift Away from Cyber Attacks as Warfare, creates a world in his introduction where the reader is in a world being attacked through cyber attacks, with government websites shutting down, social media disruptions, and even mobile communications blackouts.  These daunting thoughts could all easily become reality.  Patterson argues through his article that cyber attacks should not be utilized as warfare.

Patterson points to the many high-profile cyber attacks that have captured the world's attention.  In the year 2007, Estonia was attacked for three consecutive weeks.  First the government websites were shut down, followed by the websites of  newspapers, television stations, schools, and even banks (Patterson 971).  The impact of the attacks reach much further than the intended target, oftentimes overlapping and impacting the public just as much.

Cyber warfare involves more civilians and non-battle personnel than ever before, causing undue and unjust damage to those impacted.  Ryan Patterson creates a slightly extreme scenario in his introduction, but it is very possible.  While something like this would not happen overnight, it could definitely become reality over time, and once started the effects would snowball.  He paints a picture that illustrates to the reader why cyber warfare should be stopped before it gets out of hand.  If cyber warfare continues, the entire world would be compromised along with any information that was stored in a piece of technology that connects to the Internet.

Kaazim: I think you've overall done a good job with this paper. I combined a couple of paragraphs--yours tend to run short--and added some minor suggestions/comments. You'll need to do 2 semi-major things: one, check your transitions and paragraph order because it feels a little jumpy at times. Two, you'll need a conclusion. Your paper just ends and doesn't explain why you're writing about this topic or why I should care! These two things do detract from the quality of your paper, but are relatively simple to address. B
