mutually assured distruction

...now browsing by tag

 
 

Response to “Thinking about cyber offensive capabilities”

Thursday, September 17th, 2009

MAD

http://threatchaos.com/2009/09/thinking-about-cyber-offensive-capabilities/

Should the US engage in offensive cyber attacks?

All warfare is based on deception….

With the NSA’s acquisition of cybercommand, we have a fair indicator of the nation’s digital offensive capability and direction. Cyber attacks such as denial of service are much too public for the intelligence community.  The cyber offensive will come in the form of information collection and subversion of the enemy population, the infowar. Psychological operations will continue to be carried out as they have been for decades, only now with a massive influx of skilled technologists to maintain the competitive electronic edge. Kinetic attacks are also very much a reality. Such was the case when Russia acquired a piece of software corrupted by western intelligence, which caused damage to a pipeline.

“”The result was the most monumental non-nuclear explosion and fire ever seen from space,” he recalls, adding that U.S. satellites picked up the explosion. Reed said in an interview that the blast occurred in the summer of 1982.”

http://www.msnbc.msn.com/id/4394002

Without an external botnet to control, undue stress would be placed on the networks. However, it is likely that the command and control of existing botnets could be subverted by the cybercommand and used to against remote targets. Reflecting on the historical nature of nuclear, biological, and chemical warfare, it does not seem to be a stretch of the imagination to believe that governments would be willing to develop new attacks. By utilizing offensive tactics such as worms, viruses, and even electromagnetic pulse attacks to achieve some objective, suddenly we have a new threat of cyber collateral damage. There is already a precedent for clandestine cyber warfare, and one can only imagine this will continue to escalate.

Will we see cyber Mutually Assured Destruction, the “Deterrence by in-kind response”?

That seems to be how these things reach their apex.  Only by fully developing offensive capability will a nation no longer be subject to a major attack. Or at least that’s the logic behind it.  MAD is the old school way of thinking, and sometimes it’s hard for the old war dogs to learn new tricks. Perhaps through education and training at the local level, a holistic approach to national cyber defense can be effective, this as opposed to relying on government and corporate entities to assume the whole of the burden. One thought on a sort of cyber homeland security is to offer the civilians an opportunity to participate in the federal botnet, offering up their systems willingly to fight the “enemy”.  Learning the lesson from America’s forefathers and establishing a well armed militia for the defense of the nation.

Attacks should not be used as a deterrent, after all the best offense is a good defense, and the enemy could use an event to draw their opponent into a conflict where they possess the higher ground.  One should make their position unassailable, and wait for their opponents to reveal themselves and with it their weakness.

The 24th airborne are training for cyber operations. They are learning to deploy physical assets to defend communications lines, and methods of attack on various targets such as networks, industrial control systems, radio, and air defense. True cyber war will be the combination of traditional combat blended with advanced technological attacks by ‘hacking’ the enemy in the field as a means to gain and advantage. Realistically speaking this is nothing new. ‘Hackers’, and more specifically ‘Crackers’, have played a significant and decisive role in warfare for decades.  Without the employment of these skilled technologists, the result of the Second World War may have been quite different. The connection between cyber war and the NSA is quite clear. By compromising the enemy’s communications, obtaining their documents, and influencing their actions. The outcome of a conflict can be predicted before the first move has ever been made.

On the netcentric battlefield, can there be anything other then western dominance?  The irony there is that there does not seem to be someone their own size to pick on, and they fall victim to the same guerilla warfare that acted as their own midwife into existence. The west owns space, the sky, the airwaves, and the technology. The netcentric warfighter is progressing into the future with little to no opposition, yet continues to fall prey to primitive attacks (though perhaps that’s what the British said about the colonists). I suppose one could envision a future battlefield where technologists play a game of virtual chess, attempting to outhack each other before the first shot is fired.

A cyber Geneva Convention, some UN mandated rules of engagement, would be totally ineffective on the virtual battlefield. Control of the media, political spin, and the very nature of cyber combat, will maintain the air of plausible deniability for any sort of electronic offensive. Protected by secrecy they will be able to carry out operations that supersede any national or international laws.  Privacy, property, and speech have long since fallen victim to this system.

We need to keep in mind the division of roles between the military cybercommand and Homeland cyber security.  Any offensive actions would come from the military.  The protection of non-military government and critical infrastructure systems is the function of Homeland Security.  The protection of the civilian end user of the internet has been delegated to the corporate sector.

So with that perspective, the cybercommand has no role other then military defense of its own networks and to carry out attacks against the enemy. The defense of infrastructure is completely separate. It has less to do with protecting the people, and more focused on defending the critical infrastructure which the government relies upon to operate. In other words, if an attack only affects non-critical sites such as mybook or twitterface, then the general public must look to the corporations to resolve this issue.

The US will continue to conduct intelligence operations against foreign and domestic targets using the most advanced technology and best available labor. Ground forces have been appropriated for kinetic operations. We can call this cyberwar if you wish.

Twitter links powered by Tweet This v1.8, a WordPress plugin for Twitter.

Get Adobe Flash player