On The Cyberwar Path

On the Cyberwar Path

Will the next major hack attack be casus belli for a traditional act of war?

If, like me, you’re geeky enough to still recall certain scenes from 1983’s “WarGames” (and right now I can still pretty clearly see Barry Corbin as the general saying to Dabney Coleman’s character, “After very careful consideration, sir, I’ve come to the conclusion that your new defense system sucks”), then the news permeating the summer about the Pentagon publishing (in part) its first formal cyberwar strategy probably was no big surprise. In fact, the only eye-opening part might have been that prior to this summer it didn’t already have one.

It’s no secret that cyber attacks against U.S. networks have been on the rise the past few years, and most experts agree that the next major conflict will involve a cyber element. We’re not talking about some lone loser hacking into a department store’s system to steal credit card numbers, though those incidents are clearly on the rise, too. Rather, we’re talking about hacking on a grand, international scale—hacking designed to bring down electrical grids, halt transportation systems, stymie stock markets and otherwise bring a nation to its knees. We’re talking espionage, sabotage and terrorism.

Cyberwarfare has been called the new domain in warfare—the fifth domain, alongside those of land, sea, air and space. Anyone who does not recognize it as such has not given the matter enough thought, has not considered how deeply dependent our lives now are on computer networks and communication links in general, nor what a breach or break in those links could mean. From our power sources and food processing procedures to our banking transactions, weapons production and more—all is on the grid and thus subject to risk.

Rules of Engagement
In June, the news came out that President Obama had, sometime in May, signed executive orders outlining global ground rules for U.S. military commanders in carrying out cyber attacks against other countries. In addition to spelling out the conditions under which the U.S. military can respond to a cyber attack by blocking cyber intrusions and taking down servers in other countries, the guidelines allow the military to transmit computer code to another country’s network to test the route and make sure connections work in preparation for an actual assault.

In the wake of this news, security experts came out of the woodwork, and many of them were scratching their heads. Kenneth Wisnefski, founder and CEO of Internet security firm WebiMax, for example, appeared on FOX News in June and said he found the new White House orders “curious” at best and “counterproductive” at worst.

“I find it hard to believe that there are rules of engagement to really put in place for this,” he said. “If you’re interested in doing some type of cyber attack, I think part of it would be to not announce it. It gives somebody time to prepare for it, much like any type of military strike would.

“The interesting point that I thought about when this all came into play is that the face of warfare, if you will, has really changed from the iconic images you saw during World War II and Vietnam to potentially [now] someone in a dark room with a soda next to him typing away at his computer. So it’s really changed just the mindset and maybe the mentality of what really is going to take place moving forward.”

The China Syndrome
Enemies in cyberspace could certainly include a “lone gunman” with a soda in a dark room, but the Pentagon’s strategy seems much more focused on the concerted efforts of adversarial nation-states interested in harming U.S. national interests. Chief among those adversaries is China, with Russia and Iran racing to catch up.

Though Chinese officials deny involvement, China is widely thought to be behind the cyber attacks earlier this year at Lockheed Martin, Northrop Grumman, and other U.S. government contractors. China is also the top suspect in a phishing attack against Gmail accounts Google announced in early June. Former U.S. national security official Richard Clarke says such actions are part of the “daily guerrilla cyberwar” between the two countries that has been going on for years.

“Senior U.S. officials know well that the government of China is systematically attacking the computer networks of the U.S. government and American corporations,” Clarke wrote in a June 15 op-ed piece for the Wall Street Journal. “Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledgebased economies, Chinese cyberoperations are eroding America’s advantage.”

What’s more, Clarke wrote, the U.S. government “has no strategy to stop the Chinese cyberassault.”

If that was true at the time Clarke wrote the piece, it was less true a month later, when, in mid-July, the Pentagon unveiled its cyber plan—or, in any case, the unclassified version of it. That version is a discussion in general terms of the strategy, calling for partnerships with other U.S. government departments and the private sector while also building relationships with U.S. allies and international partners to “leverage U.S. expertise through promotion of a cyber workforce and technological innovation.”

The unclassified version of the document does not make clear when a cyber attack would trigger a conventional military response—or if, in other words, when a country tries to infiltrate U.S. infrastructure, the U.S. military has clearance to put a missile down the smokestacks of the perpetrator, as one Pentagon official allegedly said would be the case. But in releasing the strategy, Deputy Defense Secretary William Lynn said, “The United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of its choosing.”

Not surprisingly, China, for its part, is telling its citizenry that the United States is the leading aggressor on the cyberspace battleground. “The U.S. military is hastening to seize the commanding military heights on the Internet, and another Internet war is being pushed to a stormy peak,” the Chinese military wrote in its official newspaper, Liberation Army Daily. “Their actions remind us that to protect the nation’s Internet security, we must accelerate Internet defense development and accelerate steps to make a strong Internet army.”

In the face of such rhetoric, it’s hard not to think the winds of cyberwar are swirling. It also makes one hope our leaders are devoting enough focus and forces to maintain a virtual firewall that is in all ways more effective than the actual fence they’re maintaining on the U.S.-Mexico border.

This article originally appeared in the September 2011 issue of Security Today.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3