The modern military has a broad spectrum of operations. We have the ability to wage war on land, sea, air, in space and now via the Internet. The weaponry and strategies accompanying this spectrum was expanded with the introduction of cyber weapons into the modern day arsenal. From humanitarian assistance and peace keeping operations to unlimited warfare using nuclear weapons, cyber attacks span the entire operational spectrum. The utility of offensive cyber weapons provides conflict commanders with options that are unavailable with conventional and nuclear weapons.
That being said, they do have a significant drawback: reliability. Given the unique capabilities of cyber weapons, current doctrinal development must depart from thinking of warfare in purely linear terms in order to incorporate cyber capabilities into current military strategies.
State and non-state actors increasingly have access to advanced cyber weapons technology that makes them more dangerous by giving them global reach. Cyber weapons are easily acquired, inexpensive and strike at the speed of light with little warning. This new class of weapons provide somewhat of a leveling effect across state and non-state adversaries as well as activist and terrorist groups, organized crime and even lone actors. Current detection capabilities can only be described as limited to moderate given several attacks have gone undetected for years. However, cyber weapons are not the panacea that many believe. There are shortcomings to this new class of weapons. When launching a cyber weapon (other than DDoS) it is difficult to calculate just when the cyber attack will be effective, if it is effective at all. It is equally as difficult to control the spread of some forms of cyber attack techniques as well.
The status quo is acceptable. The military institution has received a fair amount of criticism for their thinking that has be characterized as preparing to fight the last war. Today’s strategic threat environment is unpredictable. Our threat environment can be accurately characterized as highly complex, rapidly developing and initiated at a moment’s notice. The mindset, doctrines and training programs that were primarily designed to address conflict with Warsaw Pact forces must be radically changed. Therefore, our defense forces and strategies must be able to provide a broad range of viable military capabilities available globally at short notice. The position of the United States and how we achieve broad spectrum influence requires significant examination done within the context of acts of cyber aggression. The U.S. must rapidly develop integrated operational strategies that leverage our digital advantages that will provide support to virtually all aspects of our offensive, defensive and intelligence collection capabilities. The scale and sophistication of the recent cyber attacks on Google (and others) was a watershed event and should be seen as a wake-up call. Measuring the effective integration of cyber operations into virtually every aspect of modern military doctrine and continuous updating our doctrine and strategy as cyber weapons rapidly evolve, must become a routine part of senior command activities. Failure to do so could have disastrous consequences.
{ 39 comments… read them below or add one }
cant our govt, just plant viruses and worms that attack and spread fast in juicy looking intelligence areas to hammer chinese and arab hackers?
Absolutely, cyber weapons really fall well into the hands of terrorists and nation states that won't face America head on, but would not think twice about trying to attack infrastructure through electronics means.
The price of armed conflict has gone up so much that war is becoming cost prohibited. Many nations are not as willing to commit troops and armor as they used to be. Cyberwar is much more cost effective for these nations than trying to build state of the art weaponry, like stealth fighters, and the nature of the internet offers them plausible deniability. Cyber war just makes sense.
If we have not done so yet, I always thought that America should develop a Cyber "Seal Team Six", mapping enemy systems, actively penetrating them and being ready at a moment’s notice to take them down in times of war.
What makes you think the U.S. does not have cyber seal teams and continuously map our enemies systems and are ready to strike?
Seems to me that certain people are 'talking up the threat to scare more money out of US taxpayers,. Well i guess if they are stupid enough to keep falling for it, I mean there was the missile gap, then the bomber gap etc, they deserve to die begging for Medicare.
More utter nonsense from Kevin Coleman. Leave the "cyber" (idiotic term) operations to the CIA/NSA. The military is not the right tool for the job. This entire post is complete hyperbole, and downright dangerous if taken seriously by anyone that matters.
NULL
Your response is unprofessional. Disagreement with rational justification is helpful to the blog but your posting is not!
Kevin’s writing in itself should be considered a cyber terrorism. Somewhere in the middle of the marketing dirge of tedious rhetoric and dubious innuendo I know I was willing to do anything to make it stop.
But usually the most basic concepts pushed such as Cyber terrorism don’t stand up to 30 seconds of analysis.
“imagine for a minute the leadership of Al-Qaeda sitting in a cave somewhere, plotting the next move of the jihad against the United States. One of the leaders jumps up and exclaims: “ I have an idea! We’ll disable their e-mail”” – Bruce Schneier
Cyber Terrorism is bunk because it doesn’t generate terror – “the whole purpose of terrorism”. Little wonder that the terrorists stick to C4.
Cyberwar is just another .com consultant con job. Anybody who knows anything about war and networks knows that. Washington is full of consultants trying to feed from the DoD trough based on FUD – it not like Technolytics is special there. But they could learn something from the terrorists since they are both relying on fear to do business.
You may want to readt this.
http://www.alfa-redi.org/documentos/v-mundial/cyber_atta...
If you can read?
The article was all right, even if it was written in IT buzzwords, especially toward the end. Regardless of how well it was written, the point remains–America has become very heavily dependent on IT, militarily and economically. Security researchers are still finding vulnerabilities, such as the Windows kernel one found last week that's been around for 13 years. "Cyber-SEALs" notwithstanding, U.S. military and civilian agencies need to be at the forefront of finding such vulnerabilities for use on offense and on defense. Right now they aren't, and that puts internet infrastructure at risk from Russian organized crime, Chinese maybe-government espionage, and to a lesser extent, Islamic fundamentalist hackers.
Thanks for the PPT Teddy!
While criticism of fear mongering, etc., certainly needs to be a part of the debate, I do think the reporting by Kevin is appropriate. Specifically his point is that future conflict will occur (has occurred) in cyberspace and ignoring or downplaying the threat has consequences.
For me the one real point that is always a bit concerning to me is the cost effectiveness of a cyber attack. I don't have to spend a million (or two) on a missile when I can just shut down a water plant, etc. with just an email, etc.
Maybe for now the threat is greater than the reality, but is seems to me that a proactive stance may be warranted.
Agreed. Kevin is squared-away, but I wish he'd talk to us like we were face-to-face with him.
I've put myself in a DMZ, at home, and watched as Wireshark dumped hack attempts against my Ubuntu box. The traceroute stopped in Japan. It's really freaky to have it happen to you, for real. I'm sure that businesses are quite the target for industrial espionage.
I wish I could discuss the details on this blog, but suffice to say it is more than possible to bring a hi-tech army to a halt with a few computer viruses.
I will work on the face-to-face dialog. Question – did your traceroute go back one hope or were you able to make several hops back?
I think that this is a wonderful time to do this.
And none to soon.
I think that the admin. is a short sighted idiot.
I still think that the admin is a short sighted idiot.
How long do you think that this game can go on?
Thank you!
but.
like
009
Zandor is a heroe why has he been banned by some Nazi admin?
b
2
J
II
They forgot the big screen like the one in HULU.com
Sure TMB… and follow that virus up with a baking soda and vinegar bomb, perhaps?
Or the three stooges attack to the eyes, that is always very effective!
It's probably not "easy" to stop a hi-tech army with viruses, but DDoS attacks and/or targeted attacks against undocumented vulnerabilities are a threat that needs to be accounted for. Just about all of SIPR and NIPR are made of COTS stuff, a hodgepodge of AD/Exchange, Solaris/Linux, Oracle databases, etc. etc. IIRC the services are having to survey NIPRnet because they don't even know what's hooked up to it. There are also other uncountable other networks at various levels of sensitivity, run by individual commands, that are also mostly COTS.
Don't get me wrong, on average all of these networks are far more secure than your typical commercial network. The government is pretty good at documenting and enforcing good security policies. But: it's all still commercial IT equipment, and there are surely security vulnerabilities that are yet unknown by the white hat community. If the Chinese (for example) have an exploit that no one else knows about, they could wreak a certain amount of havoc with government systems, and it would happen so quickly that there wouldn't be time to get Microsoft (or whoever) to develop a fix and then roll the fix out to all the zillions of machines that have the vulnerability.
As for "cyberterror" specifically, I'd worry less about federal government systems and worry a lot more about what state/local government and utilities are running. Lots of them are on par with the feds, but I've also seen some critical systems basically hooked up directly to the internet and left unpatched. Ergh.
Yeah Matt, usually when white hat hackers find a vulnerability, they notify Microsoft, or whoever, and will wait until a patch is released before they release the exploit code.
Like you said, I am pretty sure Chinese, or Russian hackers wouldn't be quite as nice…
Good question; if I remember correctly, it was multiple hops ending in timeouts. I may still have the screenshot of it. I was on Comcast's network (Portland) at the time.
You probably hit a firewall that is blocking the traceroute ICMP packets. I think I remember seeing a utility that uses modified ports/packets to bypass the ICMP block.
Oh boy! Let me remind you of the threat analysis during the run-up op's to the 1st Gulf War. The leadership in charge of the 'Red' team was able to luanch it's (Simulated) assult by using runners, and landlines. The opening barage was so devestating to the 7th fleet that the organizers decided to 'Just start over'.
The lesson then was, "Don't rely on high tech to completely win the day!" Flash fwd: to 2010…next Gen UAV's, remote shake-n-bake sensors…didn't we learn the first lesson? Now we have Al Quacky hacking into UAV feed's!! Not good!
The bottom line is we don't know what a total all out assult on our infrustructure (the presumed first strike) would do to us, but the real question is (and the one nobody here is asking) do our enemies?
Spec Boat, several US experts have stated publicly that if we are ever in a war with China, our power will go out. They have actively and noisily, targeted our electrical infrastructure. Where China does not seem to care if they are detected, Russia is a lot more covert in their penetration attempts.
Many critical government facilities have installed backup generators to complement battery backup. But we as a nation are so reliant on power that this would be a huge problem if the lights go out.
Kevin has access to other sources that are not public, so he would have a better view of the full picture on this.
Ptsfp
Do you have any idea how many computers the US Army uses? Or how many command and control systems have USB ports? You don't need to kill anyone to stop an army. Launch a DDoS attack on the websites we use to order spare parts with compromised passwords, email a virus and wait for some dumb soldier copy it from his yahoo account onto his SIPR computer, or from his home computer to the computer attached to the entire post's network. Figure out how to phish the identities of a divison's worth of troops before they're supposed to deploy. For those of you poking fun, use some imagination and consider the possibilities.
Please do not underestimate the threat of Cyber warefare, it is real and I see it every day.
Cyberwar is the US government getting into the cyber crime business.
So while the US software and hardware industry tries to sell companies products that they claim are safe and secure, the US government will be doing it’s best to destroy the market by mandating trapdoors and building phishing schemes into American products.
The Google case is quite instructive where things are headed, for millions of Chinese businesses Google has transformed itself overnight from a trusted vendor into untrustworthy agent of a hostile foreign power. A market cannot exist if it is turned into a battlefield and Google is basically doomed now in the worlds largest internet market.
Its all real simple folks- "cyber warfare" is not warfare in and of itself. It is merely one aspect of total warfare. It is easier to think of this and liken it to attacking and defending supply routes. Any system can be targeted, but who cares if its carrying letters from home instead of rations and ammunition? And even if it is, it would be far better to turn that data to suit your means – similar to the what the Allies did with the Nazi encryptions- let the data flow without the enemy knowing you are watching what is going where- much more valuable than resource denial. And of course, one would have to devote resource to preventing the same from being used against us- especially since most of our current/active enemies are less technologically enabled than we are- they would have far more to gain from cyber snooping than we.