Cyberspace is an exceptional, human-made domain that was created for the facilitation of communication and can be characterised as a worldwide inter-connected infrastructure. It has made the free interchange of data via a networked system for more than half of the world’s population possible. Emerging threats in cyberspace pose new hazards and challenges to present societies around the world that has the potential to undermine the safety of their citizens and bring important disruption to political, social, and economic life.
To intellectualise cyberspace security, it is needed to make a difference between two risk magnitudes: risk to cyberspace and risk through cyberspace. The risk of cyberspace can be considered as a threat to the physical infrastructure of communication technologies. The threat through cyberspace, on the other hand, is a danger posed by cyberspace itself and is enabled by the usage of its technologies.
Risks to cyberspace
Even though the Internet was developed to become a mainly strong network, its growth and change of status from a small web of interconnected devices to the global hub of social and economic life introduced a wide range of security vulnerabilities to its physical structure. After being targeted many times with a malicious intent to bring disruption, many states have acknowledged cyberspace as “a key national asset” and have planned to establish special organizations that will protect critical infrastructure, thereby reducing risks to the normal functioning of the network.
It is important to keep in mind that cyberspace is a prerequisite for the existence of universal capitalism in its current form; therefore, emerging risks to cyberspace threaten to undermine international capital marketplaces and disturb prevailing economic order. Consequently, the security needs of cyberspace infrastructure and flow of information coincide with some of the national security essentials and have to be sheltered by government actors. To this end, the Communications Security Establishment Canada (CSEC) and the National Security Agency (NSA) have established national encryption standards and protection protocols
Furthermore, the task of safeguarding critical infrastructure from deliberate attacks and other risks pressed many states to develop policies related to “the offensive operations in cyberspace”.
Risks through cyberspace
The technological burst of the previous decade was related with the creation of civic networks that facilitated to establish social and political activities of numerous nations more efficiently and permitted uncountable entities to prompt their ideas without the assistance of intermediaries like radio and press. New media channels permitted for a substantial shift in the landscape of public discourse by carrying sweeping variations to countries like Egypt. Nevertheless, cyberspace has also been progressively utilised to express the minority opinions of terrorist organizations.
They have utilised information and communication technology for disseminating their military doctrines and promoting extremist activities. Many jihad-oriented groups have been recognised to explore the anonymous nature of cyberspace for radicalization and recruitment amongst different societies. Furthermore, they have also used them for funding terrorist activities and building interaction with radicals all over the world. Additional challenge presented by cyberspace is the ever-increasing criminal activities: online extortion, Distributed Denial of Service (DDoS) attacks, and unauthorised access.
Cyber terrorism in Pakistan
The presence of extremist and radical groups on internet is an old phenomenon as they have been manifesting their appearance in cyber space since their very own inception. However, their dependency in cyberspace operations has extremely expanded since last two decades. The cyber terrorism threat has evolved into a multi-faceted and complex riddle where various conceptual doctrines are changing the world into a cyber-war. By 2000, all terrorist groups virtually had set up their online presence around globe and cyber space activities were conducted by terrorist organizations operating in Pakistan. Terrorist organizations including Islamic State (IS), Jamat Ud Dawa (JuD), Balouch Liberation Army(BLA) and Lashker-e-Tayyaba (LeT) have been showing their presence online and utilizing social media for assistance and execution of terrorist attacks and uploading/sharing videos of their attacks on social media which creates harassment and sense of insecurity amongst people of our country. These organizations use cyber space for fundraising, online recruitment, psychological warfare, propaganda, and information-sharing. Therefore existing cyber laws and national cyber security policy 2021 should be implemented in Pakistan efficiently and effectively for curbing, controlling and coping with modern crimes and potential threats to our people and critical national infrastructure.
The need for a cyber force
Cyber warfare is usually defined as a cyber-attack or series of attacks that target a country. It has the potential to wreak havoc on government and civilian infrastructure and disrupt critical systems, resulting in damage to the state and even loss of life.
According to the Cyber security and Infrastructure Security Agency, the goal of cyber warfare is to "weaken, disrupt or destroy" another nation.
A cyber-army is a group of soldiers highly skilled in information technology with cyber skills. Cyber-armies are the unseen military cyber power which countries should employ to maintain national cyber security.
The establishment of National Centre for Cyber Security (NCCS), PECA-2016, FIA NR3C, CERT, and National Cyber Security Policy of Pakistan are valuable initiatives of our government to curb, control and cope with potential threats of cyber-crimes in Pakistan. The United States Cyber Command (USCYBERCOM) is a United States Armed Forces Unified Combatant Command.
Numerous risks to cyberspace and through cyberspace result in a long-term negative impact on business, development, defence and government activities; therefore, all cyber threats have to be properly addressed by security agencies and other organizations by proper implementation of cyber laws along with policies, risk and vulnerability assessment frameworks, awareness amongst the common people.
(The author is a researcher and PhD scholar in the field cyber security and cybercrime.)