The Pandora’s Box of Cyber Warfare
Last week, the New York Times scooped a story that the Obama administration “intensely debated” plans to use cyber warfare as part of the March 2011 military intervention in Libya and in the May 2011 operation in Pakistan that led to the death of Osama Bin Laden. The tactics under consideration were completely military in scope – both planned cyber missions involved disrupting radar communications through military networks, ie not disabling power or other services that would have affected civilians. Still, the act of openly deploying cyber tactics in a war theater is a bold step that has yet to be taken, despite the fact that many nation states already openly possess a structured cyber military command.
The Pentagon was actually in the middle of the pack when it merged the JTF-GNO and 24th Air Force with other DoD components to form US Cyber Command at the turn of the fiscal year on October 1, 2010, after Russia, Israel, Iran, and North Korea had already formed similar commands in their militaries. In June 2011, the Pentagon released details of its cyber warfare strategy, which cited that it considered cyber an operational domain – akin to sea, air, land, and space as a place where war is fought and where defensive and offensive posturing and operations are required.
While there have already been subversive and unclaimed cases of nation state backed cyber operations (most notably the Stuxnet worm and the Comodo and DigiNotar hacks), no country has yet to openly utilize cyber warfare in battle scenarios such as the ones considered by the Pentagon in the Libya and Pakistan missions. The Pentagon decided to refrain from breaking this seal just yet, likely because the geopolitical ramifications of such a move are still largely unknown.
Expanding the concept of warfare to include cyber operations is dicey business, and work on the legal and political front can make the actual hacking involved seem like the easy part. The few precedents that exist on the topic of new forms of warfare involve tactics with highly negative connotations (like nuclear, biological, and chemical weapons). Aside from the 100 year old Hague Conventions, there is no single governing body or document that sets the standards or rules of engagement for international warfare. Still, nations have already clocked years carefully issuing statements and declarations, filing briefs with international courts, and working press and political machines to further their cyber agenda.
In response to the Times story, the Pentagon has been gracefully explaining how the debated cyber strikes against enemy radar systems are not offense plays but rather an ‘active defense’ tactic, akin to jamming radar through more conventional means.
The Pentagon makes a compelling argument. One must weigh how different the proposed cyber strikes would be compared to the widely accepted use of radar jamming technology like the EF-111A Raven jet, which served as an unarmed electronic warfare platform from 1983 until 1995 and was deployed in the 1986 strikes against Libya ordered by President Reagan. The planned cyber operation, very likely against the exact same radar installations as in 1986, achieves the same effect – a temporary loss of readout on a command center’s radar screen – only without the risk and expense of sending a pilot and jet into the war zone. It also avoids the alternative option of delivering a radar-seeking AMG-88 HARM missile to the installation, destroying both the facility and the people inside.
This is endemic of what the Pentagon and White House face when deciding to pull the trigger on a cyber weapon. Deploying cyber tactics can and will conserve significant costs and, more importantly, save lives and protect soldiers. Adversaries however, will see the gates of cyber warfare being thrown open and could use that narrow fact as license to openly attack military and civilian infrastructure at will.
It is no secret that the most sensitive cyber target in North America is the fragile and interdependent electrical grid that provides power to the entire Eastern Seaboard. In utility terms this stretches from Toronto, Canada to Charlotte, NC – while a similar vulnerable grid region exists on the west coast, running from Southern California to Phoenix, AZ. CBS reported in 2010 that a highly plausible cyber attack on either infrastructure would create a cascading effect that could black out the region for months, devastate the civilian population, grind the national economy to a halt, and leave the continent highly vulnerable to invasion.
The report also cited two events in Brazil where hackers succeeded in causing massive blackouts in major cities that lasted for days, and displayed shocking video footage from a US government test at Sandia National Laboratories where SCADA controllers for a 10,000 watt power generator were hacked into by a penetration testing team and rigged the generator to destroy itself. The video shows the generator billowing black and white smoke after an implosion that lifted the entire platform inches off the ground.
The speed with which development of cyber warfare capability has emerged is certainly impressive, and demonstrates the ease of entry into the game. Unlike nuclear technology, cyber capabilities aren’t constrained by the need for rare earth materials, time-consuming enrichment, expensive development processes, or advanced science techniques. For better or worse, information technology always lives up to its promise of taking previously impossible tasks and making them incredibly easy to accomplish on an immensely fast timeframe.
The five capabilities of Information Operations and the three activities of Computer Network Operations
Source: United States Joint Chiefs of Staff Publication 3-13
Practitioners of Computer Network Attack (CNA) can be successful using simple ingenuity instead of high technology. Computing power can be harnessed via botnets or cloud environments instead of purchased and assembled in expensive (and traceable) datacenters. Inversely, access to compromised systems on sensitive networks can be quickly purchased or traded via online black markets. Entire exploit techniques, advancements, and even specific exploit code can be borrowed, stolen, or plagiarized online and quickly put to use before discovery and remediation efforts take place by practitioners of Computer Network Defense (CND).
Isreal and Iran appear to be already covertly engaged in the deep chess game of Computer Network Exploitation (CNE), defined by technical gurus and war colleges alike as the practice of gathering and sustaining cyber attack readiness. The exchange is demonstrative of how cyber assets are much more fluid than tangible weaponry, and how even entire capabilities can be lost as quickly as they are gained, without warning. This flies in the face of war strategies and tactics that have persevered for literally thousands of years, and to many seasoned practitioners of traditional warfare, cyber CNE is akin to playing chess on a three dimensional board with no rules, where fortunes can drastically change in an instant.
The emergence of cyber warfare is without a doubt the most drastic game changer the world has seen since the atomic bomb devastatingly went public over 65 years ago. The cyber era that secretly began in the last decade is now publicly upon us, and will undoubtedly progress from covert cyber operations to open battle tactics and onward to the very plausible, some say inevitable, cyber-induced large scale catastrophe.
The ease of entry and immensely destructive potential of cyber attacks has ushered in the reality of cyber proliferation, as many nations are very carefully posturing their cyber warfare policies while the covert undercurrent of cyber asset possession and loss is already churning. The Cold War era will prove to be a great practice run, as the future will undoubtedly see the concepts and controversies of nuclear proliferation applied to the geopolitical issues surrounding the cyber warfare ‘question’.
Further complicating matters is the fact that nation state backing is not required to engage in devastating cyber warfare tactics. Rogue groups or even individuals can play in this space as well, leaving the door open for small, radical entities to inflict large scale damage.
If left unchecked, the cyber threat can become the proverbial Achilles Heel of any nation – this one fact drives the origin and persistence of cyber proliferation, and will continue doing so for decades to come.
ALEA IACTA EST
“The die has been cast.”
– Julius Caesar, 49BC