On the Cyberwar Path -- Security Today

On the Cyberwar Path

Will the next major hack attack be casus belli for a traditional act of war?

By Ronnie Rittenberry
Sep 01, 2011

If, like me, you’re geeky enough to still recall certain scenes from 1983’s “WarGames” (and right now I can still pretty clearly see Barry Corbin as the general saying to Dabney Coleman’s character, “After very careful consideration, sir, I’ve come to the conclusion that your new defense system sucks”), then the news permeating the summer about the Pentagon publishing (in part) its first formal cyberwar strategy probably was no big surprise. In fact, the only eye-opening part might have been that prior to this summer it didn’t already have one.

It’s no secret that cyber attacks against U.S. networks have been on the rise the past few years, and most experts agree that the next major conflict will involve a cyber element. We’re not talking about some lone loser hacking into a department store’s system to steal credit card numbers, though those incidents are clearly on the rise, too. Rather, we’re talking about hacking on a grand, international scale—hacking designed to bring down electrical grids, halt transportation systems, stymie stock markets and otherwise bring a nation to its knees. We’re talking espionage, sabotage and terrorism.

Cyberwarfare has been called the new domain in warfare—the fifth domain, alongside those of land, sea, air and space. Anyone who does not recognize it as such has not given the matter enough thought, has not considered how deeply dependent our lives now are on computer networks and communication links in general, nor what a breach or break in those links could mean. From our power sources and food processing procedures to our banking transactions, weapons production and more—all is on the grid and thus subject to risk.

Rules of Engagement
In June, the news came out that President Obama had, sometime in May, signed executive orders outlining global ground rules for U.S. military commanders in carrying out cyber attacks against other countries. In addition to spelling out the conditions under which the U.S. military can respond to a cyber attack by blocking cyber intrusions and taking down servers in other countries, the guidelines allow the military to transmit computer code to another country’s network to test the route and make sure connections work in preparation for an actual assault.

In the wake of this news, security experts came out of the woodwork, and many of them were scratching their heads. Kenneth Wisnefski, founder and CEO of Internet security firm WebiMax, for example, appeared on FOX News in June and said he found the new White House orders “curious” at best and “counterproductive” at worst.

“I find it hard to believe that there are rules of engagement to really put in place for this,” he said. “If you’re interested in doing some type of cyber attack, I think part of it would be to not announce it. It gives somebody time to prepare for it, much like any type of military strike would.

“The interesting point that I thought about when this all came into play is that the face of warfare, if you will, has really changed from the iconic images you saw during World War II and Vietnam to potentially [now] someone in a dark room with a soda next to him typing away at his computer. So it’s really changed just the mindset and maybe the mentality of what really is going to take place moving forward.”

The China Syndrome
Enemies in cyberspace could certainly include a “lone gunman” with a soda in a dark room, but the Pentagon’s strategy seems much more focused on the concerted efforts of adversarial nation-states interested in harming U.S. national interests. Chief among those adversaries is China, with Russia and Iran racing to catch up.

Though Chinese officials deny involvement, China is widely thought to be behind the cyber attacks earlier this year at Lockheed Martin, Northrop Grumman, and other U.S. government contractors. China is also the top suspect in a phishing attack against Gmail accounts Google announced in early June. Former U.S. national security official Richard Clarke says such actions are part of the “daily guerrilla cyberwar” between the two countries that has been going on for years.

“Senior U.S. officials know well that the government of China is systematically attacking the computer networks of the U.S. government and American corporations,” Clarke wrote in a June 15 op-ed piece for the Wall Street Journal. “Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledgebased economies, Chinese cyberoperations are eroding America’s advantage.”

What’s more, Clarke wrote, the U.S. government “has no strategy to stop the Chinese cyberassault.”

If that was true at the time Clarke wrote the piece, it was less true a month later, when, in mid-July, the Pentagon unveiled its cyber plan—or, in any case, the unclassified version of it. That version is a discussion in general terms of the strategy, calling for partnerships with other U.S. government departments and the private sector while also building relationships with U.S. allies and international partners to “leverage U.S. expertise through promotion of a cyber workforce and technological innovation.”

The unclassified version of the document does not make clear when a cyber attack would trigger a conventional military response—or if, in other words, when a country tries to infiltrate U.S. infrastructure, the U.S. military has clearance to put a missile down the smokestacks of the perpetrator, as one Pentagon official allegedly said would be the case. But in releasing the strategy, Deputy Defense Secretary William Lynn said, “The United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of its choosing.”

Not surprisingly, China, for its part, is telling its citizenry that the United States is the leading aggressor on the cyberspace battleground. “The U.S. military is hastening to seize the commanding military heights on the Internet, and another Internet war is being pushed to a stormy peak,” the Chinese military wrote in its official newspaper, Liberation Army Daily. “Their actions remind us that to protect the nation’s Internet security, we must accelerate Internet defense development and accelerate steps to make a strong Internet army.”

In the face of such rhetoric, it’s hard not to think the winds of cyberwar are swirling. It also makes one hope our leaders are devoting enough focus and forces to maintain a virtual firewall that is in all ways more effective than the actual fence they’re maintaining on the U.S.-Mexico border.

This article originally appeared in the September 2011 issue of Security Today.

Featured

Generative AI, Cybersecurity Among Top Risks for Healthcare Provider Organizations in 2025

Overseeing the use of generative artificial intelligence, enhancing cybersecurity and ensuring compliance with a host of federal healthcare regulations headline the Top Risks health systems face in 2025, according to an annual study by Kodiak Solutions. Read Now
- Hospital
Wisconsin Shooting Likely a 'Combination of Factors'

Following the deaths of a teacher and student at Abundant Life Christian School in, Madison, Wisc., police chief Shon Barnes indicated that the motive appears to be a “combination of factors” for a 15-year-old female student’s attack on a study hall. Read Now
- Active Shooter
- Incident Response
Louisville Muhammad Ali International Airport Transforms Operations Using Data Insights

Genetec Inc., provider of enterprise physical security software, recently announced that Louisville Muhammad Ali International Airport (SDF), a civil and military airport in Kentucky, USA is using Genetec Security Center to drive operational improvements to enhance efficiency and security while improving customer experience. Read Now
- Airport Security
Two Killed During Shooting at Wisconsin Christian School

Two people were killed and five injured during a shooting at the Abundant Life Christian School in Madison, Wis. on Monday. Read Now
- Education Security

Webinars

Building a Unified Approach to School Safety
The Center for Safe and Resilient Schools and Workplaces

Precovery in Action: Proactive Strategies to Promote School Safety and Mass Violence Prevention
Hanwha Vision (formerly Hanwha Techwin), NAPCO Security Technologies, Inc.

Getting Control of your Access

Whitepapers

Salient Systems

A Model for Community Security
Genetec

State of Physical Security 2025
Winsted Corporation

Sit/Stand Consoles: Helping Increase Productivity

New Products

Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3
AC Nio

Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3
FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3