On The Cyberwar Path

On the Cyberwar Path

Will the next major hack attack be casus belli for a traditional act of war?

If, like me, you’re geeky enough to still recall certain scenes from 1983’s “WarGames” (and right now I can still pretty clearly see Barry Corbin as the general saying to Dabney Coleman’s character, “After very careful consideration, sir, I’ve come to the conclusion that your new defense system sucks”), then the news permeating the summer about the Pentagon publishing (in part) its first formal cyberwar strategy probably was no big surprise. In fact, the only eye-opening part might have been that prior to this summer it didn’t already have one.

It’s no secret that cyber attacks against U.S. networks have been on the rise the past few years, and most experts agree that the next major conflict will involve a cyber element. We’re not talking about some lone loser hacking into a department store’s system to steal credit card numbers, though those incidents are clearly on the rise, too. Rather, we’re talking about hacking on a grand, international scale—hacking designed to bring down electrical grids, halt transportation systems, stymie stock markets and otherwise bring a nation to its knees. We’re talking espionage, sabotage and terrorism.

Cyberwarfare has been called the new domain in warfare—the fifth domain, alongside those of land, sea, air and space. Anyone who does not recognize it as such has not given the matter enough thought, has not considered how deeply dependent our lives now are on computer networks and communication links in general, nor what a breach or break in those links could mean. From our power sources and food processing procedures to our banking transactions, weapons production and more—all is on the grid and thus subject to risk.

Rules of Engagement
In June, the news came out that President Obama had, sometime in May, signed executive orders outlining global ground rules for U.S. military commanders in carrying out cyber attacks against other countries. In addition to spelling out the conditions under which the U.S. military can respond to a cyber attack by blocking cyber intrusions and taking down servers in other countries, the guidelines allow the military to transmit computer code to another country’s network to test the route and make sure connections work in preparation for an actual assault.

In the wake of this news, security experts came out of the woodwork, and many of them were scratching their heads. Kenneth Wisnefski, founder and CEO of Internet security firm WebiMax, for example, appeared on FOX News in June and said he found the new White House orders “curious” at best and “counterproductive” at worst.

“I find it hard to believe that there are rules of engagement to really put in place for this,” he said. “If you’re interested in doing some type of cyber attack, I think part of it would be to not announce it. It gives somebody time to prepare for it, much like any type of military strike would.

“The interesting point that I thought about when this all came into play is that the face of warfare, if you will, has really changed from the iconic images you saw during World War II and Vietnam to potentially [now] someone in a dark room with a soda next to him typing away at his computer. So it’s really changed just the mindset and maybe the mentality of what really is going to take place moving forward.”

The China Syndrome
Enemies in cyberspace could certainly include a “lone gunman” with a soda in a dark room, but the Pentagon’s strategy seems much more focused on the concerted efforts of adversarial nation-states interested in harming U.S. national interests. Chief among those adversaries is China, with Russia and Iran racing to catch up.

Though Chinese officials deny involvement, China is widely thought to be behind the cyber attacks earlier this year at Lockheed Martin, Northrop Grumman, and other U.S. government contractors. China is also the top suspect in a phishing attack against Gmail accounts Google announced in early June. Former U.S. national security official Richard Clarke says such actions are part of the “daily guerrilla cyberwar” between the two countries that has been going on for years.

“Senior U.S. officials know well that the government of China is systematically attacking the computer networks of the U.S. government and American corporations,” Clarke wrote in a June 15 op-ed piece for the Wall Street Journal. “Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledgebased economies, Chinese cyberoperations are eroding America’s advantage.”

What’s more, Clarke wrote, the U.S. government “has no strategy to stop the Chinese cyberassault.”

If that was true at the time Clarke wrote the piece, it was less true a month later, when, in mid-July, the Pentagon unveiled its cyber plan—or, in any case, the unclassified version of it. That version is a discussion in general terms of the strategy, calling for partnerships with other U.S. government departments and the private sector while also building relationships with U.S. allies and international partners to “leverage U.S. expertise through promotion of a cyber workforce and technological innovation.”

The unclassified version of the document does not make clear when a cyber attack would trigger a conventional military response—or if, in other words, when a country tries to infiltrate U.S. infrastructure, the U.S. military has clearance to put a missile down the smokestacks of the perpetrator, as one Pentagon official allegedly said would be the case. But in releasing the strategy, Deputy Defense Secretary William Lynn said, “The United States reserves the right, under the laws of armed conflict, to respond to serious cyber attacks with a proportional and justified military response at the time and place of its choosing.”

Not surprisingly, China, for its part, is telling its citizenry that the United States is the leading aggressor on the cyberspace battleground. “The U.S. military is hastening to seize the commanding military heights on the Internet, and another Internet war is being pushed to a stormy peak,” the Chinese military wrote in its official newspaper, Liberation Army Daily. “Their actions remind us that to protect the nation’s Internet security, we must accelerate Internet defense development and accelerate steps to make a strong Internet army.”

In the face of such rhetoric, it’s hard not to think the winds of cyberwar are swirling. It also makes one hope our leaders are devoting enough focus and forces to maintain a virtual firewall that is in all ways more effective than the actual fence they’re maintaining on the U.S.-Mexico border.

This article originally appeared in the September 2011 issue of Security Today.

Featured

  • Maximizing Your Security Budget This Year

    7 Ways You Can Secure a High-Traffic Commercial Security Gate  

    Your commercial security gate is one of your most powerful tools to keep thieves off your property. Without a security gate, your commercial perimeter security plan is all for nothing. Read Now

  • Busy South Africa Building Integrates Custom Access Control System

    Nicol Corner, based in Bedfordview, Johannesburg, South Africa, is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. This is the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption. Nicol Corner (Pty) LTD has developed a landmark with sophisticated design and unique architecture by collaborating with industry-leading partners and specifying world-class equipment throughout the project. This includes installing a high-spec, bespoke security and access control system. Read Now

  • Only 13 Percent of Research Institutions Are Prepared for AI

    A new survey commissioned by SHI International and Dell Technologies underscores the transformative potential of artificial intelligence (AI) while exposing significant gaps in preparedness at many research institutions. Read Now

  • Survey: 70 Percent of Organizations Have Established Dedicated SaaS Security Teams

    Seventy percent of organizations have prioritized investment in SaaS security, establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions. This was a key finding in the fourth Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities released today by the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises. 3