Summary: Here’s a brief look at the state of cyber-conflicts. The first ones have run their course; from them we can guess at the outlines of the larger ones to come. As with nukes and drones, America has laid a path for others to follow. We’ve been bold and innovative, but lawless. We might regret this when others imitate us.ย {2nd of 2 posts.}
Cyberspace: a global dynamic environment created by interlocking networks linking people and computers for communication, control, and trade. Like other human domains, it consists of multiple levels — from purely conceptual (e.g., laws, designs) down to the hardware and people that are its material substrate. The term coined by William Gibson in his 1982 story “Burning Chrome“.
Contents
- Battlefields of the future.
- The first cyber conflict.
- Playing defense.
- Are we beleaguered in cyberspace?
- For More Information.
(1)ย Battlefields of the future
We have entered a transitional period in the art of war much like that between WWI and WWII, when a new form of war (the 3rd generation) slowly emerged, but military institutions kept their eyes turned to the past. Many armies were slow to develop innovative tactics for their new internal combustion driven engines. Their cavalry units were symbols of this retrovision. Navies lavished their greatest attention on battleships, not the submarines, escorts, and carrier-borne aircraft that would dominate WWII (e.g., aircraft were the “eyes of the fleet”, not its teeth). Communications technology rapidly improved, but the senior officers paid relatively little attention to cryptography and signals intelligence.
Today war-as-usual continues in the emerging nations, but in the developed world it has moved into new realms — with the cutting edge in cyberspace. It’s the age of 4th generation war, waged among state and non-state actors in shifting coalitions, taking many forms…
- Hacking: probes and parries by people exploring the nature and uses of cyberspace, rapidly expanding in scale, sophistication, and consequences.
- Raids: the Sony hack and Stuxnet.
- Conflicts for control: Pirate Bay and the Silk Road.
(2)ย The first cyber conflict
“Crossing the Rubicon” — aka uncorking the genie — is a core behavior of our military, and so America has taken the lead in both building and using cybertech, as we did with nukes and drones. The best way to learn about new tools is use them against weak opponents, as the NAZIs did by helping the Fascists in the Spanish Civil War (the Condor Legion). So the US staged the first “electronic Pearl Harbor” by unleashing Stuxnet on Iran’s nuclear installations. It’s behavior that in an earlier time we called that of “a day which will live in infamy”, as we neither gave a declaration of war nor obtained a ruling on Iran’s guilt by the UN.
We are like Germany and Japan in the interwar years, as America’s military appears to seek dominance in cyberspace as great as (or more so) than we have in the air and the blue water seas. Combining America’s powerful technology industry with the almost unimaginable stream of defense spending — who can say what might be accomplished? So far we’ve been the attacker in cyberspace, and have enjoyed the experience.
We blaze a path without restraint or forethought about rules. Others will follow, doing things we’ve made respectable. That boldness almost destroyed the world in the nuclear arms race. We have yet to see the consequences with cyberweapons (and drone assassins). But it seems likely scale of these conflicts will grow. Following our lead, they’ll grow without restraint.
(3)ย Playing defense
Although the military sets American’s pulses racing, as with the destruction of al Qaeda, it’s the law enforcement and intelligence agencies that often get the job done. When defending in cyberspace the US has followed a traditional path, relying on internationally coordinated law enforcement mechanisms to destroy the Pirate Bay website (free distribution of entertainment products, whether copyrighted or illegal) and the Silk Road (an online network for trading goods and services, legal and illegal). This provides decisive rebuttals to those who believed that the e-world offers escape from government power.
An organization can take its operations into cyberspace, but its weak links remain its Earth-bound hardware and people, as seen in the operations against the Silk Road.
- “How the Feds Took Down the Silk Road Drug Wonderland” by Kim Setter, Wired.
- “Ross Ulbricht, Creator of Silk Road Website, Is Sentenced to Life in Prison“, NYT.
- Note that the government used accusations of murder to trash his reputation and deny bail, but never charged him with murder (details here). Also note the corrupt behavior of the DEA investigators.
About money: DoD boasts that we’re beleaguered in cyberspace
As it did so successfully during the Cold War’s bomber gap and missile gap, DoD trumpets America’s inferior and vulnerable position in this new form of war — hence the need to give it even more funds. Now as then these stories are ludicrously implausible (we’re outmatched by North Korea and Iran?), but Americans respond as reliably as Pavlov’s dogs.
- “Cyber Commandโs exploding budget, in 1 chart“, Washington Post.
- “The Militaryโs Cybersecurity Budget in 4 Charts“, DefenseOne.
While Cyber Command leaders’ speak about the importance of defense (as in this speech by General Alexander) and the vulnerability of our systems (accurately), their actions on the world stage suggest that much of their effort goes to attacking. That’s natural for the military, but suggests an absence of civilian leadership. Such neglect of their responsibility during the early years of the Cold War allowed the arms race to run wild, with brinksmanship several times bringing the world close to Armageddon. Let’s learn from that experience — not repeat it.
For More Information
Some good books about these cutting edge phenomena…
- Kevin Mitnickโs Ghost in the Wires: My Adventures as the Worldโs Most Wanted Hacker
,
- Andy Greenbergโs This Machine Kills Secrets: How WikiLeakers, Cypherpunks, and Hacktivists Aim to Free the Worldโs Information
,
- Brian Krebsโ Spam Nation: The Inside Story of Organized Cybercrime-from Global Epidemic to Your Front Door
.
- Kim Zetterโs Countdown to Zero Day: Stuxnet and the Launch of the Worldโs First Digital Weapon
, describing the new era of war and preparing you for the next attack (see a review here).
If you liked this post, like us on Facebook and follow us on Twitter. See all posts about cyberconflict and cybercrime, and especially these…
- Identifying the guilty: tying nation states to cyber espionage.
- Cybercrime: Now More Profitable Than The Drug Trade.
- Bitcoin, the deep web, & the big conflicts of the 21st C.
Check back on what I said, what a couple of years ago.
The whole NSA (etc) thing is the greatest threat to US (and others aligned to it) national security ever created. Collect it all. Weaken commercial and other security;. heck open doors in Cisco routers and all the rest.
Meanwhle, in the usual US way this is being done by contractors, part timers, foreign workers and all the rest.
I predicted that this was opening back doors into US security. Now this is being exposed. This is only the tip of the iceberg, everything has been exposed already.To foreign countries, Israel, Russa, China, etc. Corportations, organised crime, inside politicians. wanting dirt on enemies and all the rest.
Classic self desctructive behaviour. Some call it interal sociopath fights. The ‘senile elites’ as The Archdruid Report calls them…..
I used the example of the 750,000 to 1 million people that have access to all this. How many have been bought out or subverted and are passing data onto to others? A heck of a lot of course, probably more everyday as people get fired for replacement temp visa people, as wages and conditions get cut….
Hubris beyond belief as well. After decades of weakening commercial and personal data security…”oh shock horror someone is taking advantage of that, only We were supposed to be
able to do that”…… More Hubris …”we did Stuxnet” oh how terrible if it gets used against us”…
You NSA morons you have spent decades weakening data and systems security. If the NSA had spent a 100th of that effort making things more secure then there would be no risk.
There is another message, corruption is for the big guys. yes we can take the money (like the ex NSA head…and all the rest), but you low down cannot.
Well maybe they will just take the money too….. If your boss is corrupt (and they are) then why not grab your share since the boss is so stupid so as not to pay you well……. and evrerytime he looks at you you know he is thinking about replacing you with a cheaper ‘working visa’ foreign person at a lower price..
Such is collapse…..
Lisa.
“I predicted that this was opening back doors into US security.”
Can you give a bit more pointing to this “prediction”. Color me skeptical.
The NSA has already lost a major battle in the cyberwar with the hacking of the Office of Personnel Management – as the Background Investigation data of 4 million past and current Federal employees has been compromised. See John Schindler’s blog for his take on it:
http://20committee.com/2015/06/08/hacking-as-offensive-counterintelligence/
Aritstonicus,
Great point! I have not looked at this in detail. Reports differ on exactly what was taken, and on whom. The Federal government has 2.7 million people (plus 1.4 in uniform); reports say records on 4 million were taken.
Why is this a defeat for the NSA? They are not responsible for OPM’s security. Do we know NSA employee data was taken?
Pingback: Prepare for cyberwar: todayโs are small compared to whatโs coming | cyber war desk
Admittedly, it wasn’t the NSA’s battle to lose; but the US Intelligence Community now has major problems as a result:
“Whoever now holds OPMโs records possesses something like the Holy Grail from a CI perspective. They can target Americans in their database for recruitment or influence. After all, they know their vices, every last one โ the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side (perhaps with someone of a different gender than your normal partner) โ since all that is recorded in security clearance paperwork (to get an idea of how detailed this gets, you can see the form, called an SF86, here).
Do you have friends in foreign countries, perhaps lovers past and present? They know all about them. That embarrassing dispute with your neighbor over hedges that nearly got you arrested? They know about that too. Your college drug habit? Yes, that too. Even what your friends and neighbors said about you to investigators, highly personal and revealing stuff, thatโs in the other sideโs possession now.
Perhaps the most damaging aspect of this is not merely that four million people are vulnerable to compromise, through no fault of their own, but that the other side now so dominates the information battlespace that it can halt actions against them. If they get word that a American counterintelligence officer, in some agency, is on the trail of one of their agents, they can pull out the stops and create mayhem for him or her: run up debts falsely (they have all the relevant data), perhaps plant dirty money in bank accounts (they have all the financials too), and thereby cause any curious officials to lose their security clearances. Since that is what would happen.”
This John Schindler seems to know what he is talking about; judging from his writings he is still a company man through and through.
NYT link on the story:
http://www.nytimes.com/2015/06/06/us/chinese-hackers-may-be-behind-anthem-premera-attacks.html?smid=nytcore-ipad-share&smprod=nytcore-ipad&_r=1
Astroncius,
The NYT story might be correct. On the other hand, government officials predicted horrific consequences from the Manning leaks, and then again from the Snowden leaks. In fact there were few or no consequences.
Time will tell.
Pingback: Prepare for Cyberwar | Bill Totten's Weblog
Pingback: Prepare for CyberWar | TRUTH TIME