Strategists must be aware that part of every political and military conflict will take place on the internet, says Kenneth Geers.
Practically everything that happens in the real world is mirrored in cyberspace.
For national security planners, this includes propaganda, espionage, reconnaissance, targeting, and – to a limited extent – warfare itself.
Strategists must be aware that part of every political and military conflict will take place on the internet, whose ubiquitous and unpredictable characteristics mean that the battles fought there can be just as important, if not more so, than events taking place on the ground.
Aggressive cyberwarfare strategies and tactics offer many advantages to their prospective employers, and current events demonstrate that cyber conflict is already commonplace around the world. As a consequence, national security leadership must dramatically improve its understanding of the technology, law, and ethics of cyber attack and defense, so that it can competently factor cyberwarfare into all stages of national security planning.
The internet's imperfect design allows hackers to surreptitiously read, delete, and/or modify information stored on or traveling between computers. There are about 100 additions to the Common Vulnerabilities and Exposures (CVE) database each month.1 Attackers, armed with constantly evolving malicious code, likely have more paths into your network and the secrets it contains than your system administrators can protect.
The objectives of cyberwarfare practitioners speak for themselves: the theft of research and development data, eavesdropping on sensitive communications, and the delivery of powerful propaganda deep behind enemy lines (to name a few). The elegance of computer hacking lies in the fact that it may be attempted for a fraction of the cost – and risk – of any other information collection or manipulation strategy.
Cyberdefense is still an immature discipline. Traditional law enforcement skills are inadequate, and it is difficult to retain personnel with highly marketable technical skills. Challenging computer investigations are further complicated by the international nature of the internet. Finally, in the case of state-sponsored computer network operations, law enforcement cooperation will be either Potemkin or nonexistent.
The maze-like architecture of the internet offers cyber attackers a high degree of anonymity. Smart hackers can route attacks through countries with which the victim's government has poor diplomatic relations and no law enforcement cooperation. Even successful investigations often lead only to another hacked computer. Governments today face the prospect of losing a cyber conflict without ever knowing the identity of their adversary.
Nation-states endeavor to retain as much control as they can over international conflict. However, globalization and the internet have considerably strengthened the ability of anyone to follow current events, as well as the power to shape them. Transnational subcultures now spontaneously coalesce online, and influence myriad political agendas, without reporting to any chainofcommand. A challenge for national security leadership is whether such activity could spin delicate diplomacy out of control.
Increasingly, governments around the world complain publicly of cyber espionage.2 On a daily basis, anonymous computer hackers secretly and illegally copy vast quantities of computer data and network communications. Theoretically, it is possible to conduct devastating intelligencegathering operations, even on highly sensitive political and military communications, remotely from anywhere in the world.
Cheap and effective, propaganda is often both the easiest and the most powerful cyber attack. Digital information, in text or image format –and regardless of whether it is true – can be instantly copied and sent anywhere in the world, even deep behind enemy lines. And provocative information that is removed from the Web may appear on another website in seconds.
The simple strategy behind a DoS attack is to deny the use of a computer resource to legitimate users. The most common tactic is to flood the target with so much superfluous data that it cannot respond to real requests for services or information. Other DoS attacks include physical destruction of computer hardware and the use of electromagnetic interference, designed to destroy unshielded electronics via current or voltage surges.3
Data modification is extremely dangerous, because a successful attack can mean that legitimate users (human or machine) will make an important decision(s) based on maliciously altered information. Such attacks range from website defacement (often referred to as “electronic graffiti,” but which can still carry propaganda or disinformation) to database attacks intended to corrupt weapons or Command and Control (C2) systems.
National critical infrastructures are, like everything else, increasingly connected to the internet. However, because instant response is often required, and because associated hardware may have insufficient computing resources, security may not be robust. The management of electricity may be especially important for national security planners to evaluate, because electricity has no substitute, and all other infrastructures depend on it.4 Finally, it is important to note that almost all critical infrastructures are in private hands.
Much more at:
http://www.scmagazineus.com/Cyberspace- ... le/115929/