A New Age of Warfare

The US is cyber-attacking Russia’s power grid, just as Russia is hacking the US and both are engaged in offensive hacking in ways that are more aggressive than in the past. But Is this hacking really much different from what’s gone on for many years? Does it boost the chances of a cyber arms race or a cyberwar?

One thing is clear: Cyberspace is now seen by senior miltary officers and officials as just another “domain” of warfare, along with air, land, sea, and space. But there’s something different and more dangerous about this domain: 

It takes place out of sight, its operations are so highly classified that only a few people know what’s going on there, and it creates an inherently hair-trigger situation, which could unleash war in lightning speed with no warning. All the major cyber powers, the United States, Russia, China, Israel, France, Britain, and perhaps to some extent, Iran, Syria, and a few others, have been able to hack into one another’s “critical infrastructure” such as, power grids, financial systems, transportation lines, water works, which have been hooked up to computer networks for the past 25 years. From time to time, these countries have actually hacked into these things.

In one sense, these intrusions are no different from any other form of intelligence gathering. In another sense, though, they’re very different. 

With cyber operations, once you’ve hacked into a network, you can disrupt or disable it. Exploring a network and destroying it involve the same technology, personnel, and know-how; it takes just one step, and next to no time, to go from exploring to destroying. In a crisis, one or more of these countries might launch a cyberattack, if just to preempt one of the other countries from doing it first. The very existence of the implants makes a preemptive attack more likely.

There’s another disturbing development in cyberwar: The whole enterprise has slipped out of the oversight and control of our political leaders. 

Last summer, President Donald Trump signed a classified directive giving US Cyber Command leeway to mount cyber offensive operations at its own initiative. Before then, such operations, even tactical operations on the battlefield, had to be personally approved by the president. The premise of the old policy, during the Bush II and Obama administrations, was that cyber weapons were something new: Their effects were somewhat unpredictable and could spiral out of control. 
One consequence is that Cyber Command now feels less constrained about going on the offensive. 

Richard Clarke, the former cybersecurity chief in President Bill Clinton’s White House and co-author of a forthcoming book on cyberwar called The Fifth Domain, said in an email, “The Trump administration may be trying to create a situation of Mutually Assured Destruction, similar to the 1960s strategic nuclear doctrine.” However, Clarke added, “Cyber is different in many ways.” First is the issue of what strategist’s call “crisis instability”, the hair-trigger situation, in which one side might launch an attack, in order to preempt the other side launching an attack. 

There is also the uncertainty of “attribution”, the country attacked might not know for certain who planted the malicious code and might mistakenly strike back at an innocent party, thus triggering an inadvertent war.

US Cyber Command was founded in 2009. It has since grown enormously, in size, scope, mission, and, since last summer’s directive, autonomy. Cyber offensive technology has been around for much longer still. Cyberwar technology has evolved far more quickly than the thinking about how to use the technology in wartime. 

With last summer’s directive taking its use out of the control and supervision of our political leaders, the decisions to use it will be made entirely by the military officers who developed the technology, and whose budgets depend, in part, on its growing prominence.

Slate:           I-HLS:

You Might Also Read:

The ‘Rules’ Of Modern Warfare Are Being Rewritten:

 

 

« Cyber Criminals Have Created An Invisible Internet
Russia's National AI Strategy Takes Shape »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Security Compass

Security Compass

Security Compass, the Security by Design Company, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows.

Qolcom

Qolcom

Qolcom is a leading UK based integrator of secure wireless network and mobile device management solutions.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

QOMPLX

QOMPLX

QOMPLX integrate, contextualize, and analyze data from virtually any source to help you identify operational risk and inefficiencies throughout the enterprise.

Cyber@StationF

Cyber@StationF

Cyber@StationF is an up to 6 months international startup acceleration programme, whose members provide solutions for the Cybersecurity industry.

Inceptus

Inceptus

Inceptus is a next generation Managed Security Service Provider (MSSP). We are dedicated to keeping our customers safe, secure and protected while doing business on the Internet.

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

AVANTEC

AVANTEC

AVANTEC is the leading Swiss provider of IT security solutions in the areas of cloud, content, network and endpoint security.

Comparitech

Comparitech

Comparitech strives to promote cyber security and privacy for all. We are committed to providing detailed information to help our readers become more cyber secure and cyber aware.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

SecureChain AI

SecureChain AI

SecureChain are combining blockchain and AI technology to create a smarter blockchain platform especially in terms of security.

QEDIT

QEDIT

QEDIT is leading the standardization of Zero-Knowledge Proofs through the ZKProof.org Workshops, and builds production-grade ZKP systems for blockchain.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.