‘Cyber War’ Is Fast Becoming Just ‘War’

Uploaded on 2017-03-03 in NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

The next great conflict will play out not just on physical terrain but also in the electrical pulses of cyberspace and the electronic spectrum.

But while anonymous enemies like ISIS or Russia’s “little green men” are free to use the digital space as they like, US Army leaders say legal requirements and a pre-digital structure of rules complicate their response.

That’s why, for the last 18 months, the Army has been experimenting with different concepts of operations for the cyber units that will be on the front lines of tomorrow’s fights.

The Army, which already has 30 teams at full operational capability and 11 more at initial operating capability, is aiming to have 41 fully operational Army teams by year’s end.

“As soon as we create them they are in operational use” in both offense and defense, said Brig. Gen. J.P. McGee, the deputy for operations for Army Cyber Command. “We have Army soldiers delivering effects against ISIS and ISIL.”  

Last April, the New York Times reported that military cyber teams are helping Iraqi Security Forces and Kurds fight ISIS by working, “to alter [ISIS fighters’] messages, with the aim of redirecting militants to areas more vulnerable to attack by American drones or local ground forces.”

Offensive cyber-weapons are a key interest of the new administration. President Trump’s team reently added a “Making Our Military Strong Again” page to the White House’s website: “We will make it a priority to develop defensive and offensive cyber capabilities at our US Cyber Command.”

Yet the definitions of cyber weapons and cyber-warfare are not much more precise today than in 2010 when the Stuxnet worm shut down Iran’s Natanz nuclear enrichment facility. In 2011, the Pentagon acknowledged a secret list of cyber weapons but did not detail what they were.

Of course, the United States has been using various cyber espionage tactics as part of real operations for years.

In his book @War: The Rise of the Military-Internet Complex, Shane Harris describes the work of NSA hackers embedded with military squads fighting in Iraq after the fall of Saddam Hussein.

“The US hackers sent fake text messages to insurgent fighters and roadside bombers,” Harris writes. “The messages would tell the recipient, in effect, ‘Meet at this street corner to plan the next attack,’ or ‘Go to this point on a road and plant your device.’ When the fighter got there, he’d be greeted by US troops, or perhaps the business end of a Hellfire missile, fired from a drone aircraft, thousands of feet above.”

Today, the Army is putting those ideas to work at the National Training Center, where soldiers and technical experts are working out formal concepts and plans for deploying cyber weapons on the battlefield. The key is to use them with precision, predictability, and maximum effect, while also defending Army networks and communications.

“What it looks like is the ability to go there and, first off … map out the cyber and electromagnetic terrain. So, where is everything? Where are wireless points? Where are the cellphone towers? What does that look like?” McGee told reporters Wednesday at the Pentagon.

This new dimension of war demands changes to the Army’s tables of organization. To guard tactical networks, for example, every brigade combat team will have a warrant officer and a non-commissioned officer to mind what the Army is calling a “cyber first line of defense.”

The Army’s tactical operations centers will also get a cyber advisor to guide commanders in deploying information weapons, just as the artillery experts guide fires.

Then there are the tactical questions. If the Army’s hackers can gain access to an enemy’s wireless communications points, what should they do to them? McGee said one option is to shut down nearby civilian networks when a US patrol passes through the area, to prevent insurgents from calling in aid. “Now you might ask, why not close it down completely, just put a bomb in it?” he said. “Well, potentially, that’s just a place we can collect [intelligence] later on.”

Commanders must also understand the legal consequences of disrupting or bugging a civilian network. Navigating the legal environment can be much more complex than just blasting a target with a howitzer.

“We have to develop a framework and a model that allows us to describe how we can break down these authorities in terms of the effects that they would have,” McGee said. “Originally, the thought of doing cyberspace operations was that everything had to be controlled by the president…We are discovering that we can have a localised, discriminating effect.”

Currently, even basic and relatively simple actions like mapping the digital networks and nodes around a battlespace can get snarled in bureaucracy.

“How do we visualise that environment … also from the electromagnetic spectrum angle, what kind of signatures are we emitting? How can we see the enemy?” said Brig. Gen. Patricia Frost, who runs the Army’s Cyber Directorate. “The commander has [to have] a complete visualisation of the domain. That’s really important. That should not take an authority granted by the SecDef.”

The Army has a tactical field manual for cyber and EW effects, but has not yet laid out, at least in public, an explicit policy for how, when, and under what circumstances it will use offensive cyber weapons.

The public understanding of these questions hasn’t much advanced since two years ago, when the head of US Cyber Command, Adm. Michael Rogers, has said cyber weapons should be governed by the same rules of engagement as other weapons.

“Remember, anything we do in the cyber arena…must follow the law of conflict. Our response must be proportional, must be in line with the broader set of norms that we’ve created over time. I don’t expect cyber to be any different,” Rogers said in 2015.

Future adversaries won’t operate under the same constraints.

“If you don’t have to worry about authorities … you can be very effective,” she said. “We look at it differently. The State Department, when we are not at war, we defer to them on information operations. It’s a different approach.”

Cyber operations are also a lot easier if you “don’t look at it through a Western lens in terms of protecting citizens’ privacy rights, also not having to be completely honest in the press,” Frost said. “That ability to use technology and be untruthful, it’s not something we would do. You’re playing on a different field. They already have an upper hand because” they can play by different rules.

The Army plans to run exercises with different legal teams to see if the soldiers of today and tomorrow need extra legal authorities in battle. Getting those proper authorities and related issues ironed out can add delays, Frost acknowledges. She says that she is “satisfied with the pace” of getting those permissions in place but added that it’s “never fast enough” if you’re the soldier in the fight.

For McGee, a bigger concern is his inability to know enough his adversary’s capabilities, a unique feature of digital weapons. There are lot of ways to figure out the size of a conventional force, and the number of soldiers and bombs it has. But cyber capabilities, by virtue of their ethereal nature, are also opaque.

“If you look back at the Cold War, we had a rough idea of what the Warsaw Pact [the Soviet Union and its satellite countries] had in terms of divisions, ships, planes,” McGee said.

“We were probably off but not by a tremendous amount. In cyberspace it’s very hard to have that degree of certainty. The possibility of unknowns in this operational space is huge. It’s impossible for us to scale what we know and don’t know.”

DefenseOne

Technology, Multilateralism, War & Peace:        Cyberwarfare: Borders Offer No Defense:

 

« Fake Microsoft Phishing Scam
Facebook Wants To Eliminate Racially Targeted Advertising »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

Inter-American Cooperation Portal on Cyber-Crime

Inter-American Cooperation Portal on Cyber-Crime

The Inter-American Cooperation Portal on Cyber-Crime was created to facilitate and streamline cooperation and information exchange among government experts from OAS member states.

GreyCortex

GreyCortex

GreyCortex uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

Simply Hired

Simply Hired

Simply Hired is a job search engine that collects job listings from all over the web, including company career pages, job boards and niche job websites.

Cyberspace Solarium Commission (CSC)

Cyberspace Solarium Commission (CSC)

The Cyberspace Solarium Commission was established to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

Wisetek

Wisetek

Wisetek is a global provider of end-to-end IT Asset Disposition (ITAD), reuse and secure data destruction management services to the world’s leading IT Corporations, data centres and manufacturers.

Allentis

Allentis

Allentis provide adapted solutions to ensure the security and performance of your information system.

Ciphertex Data Security

Ciphertex Data Security

Ciphertex is a leading data security company that specializes in portable data encryption and privacy protection storage systems.

Eunetic

Eunetic

Eunetic IT security solutions - we secure your websites, emails, domains and data.

EDGE Group

EDGE Group

EDGE is one of the world’s leading advanced technology groups, established to develop agile, bold and disruptive solutions for defence and beyond.

MiDO Technologies

MiDO Technologies

MiDO Technologies has a mission to change the narrative around digital enabling tools on the continent of Africa and prepare African youth.

CelcomDigi

CelcomDigi

CelcomDigi aspire to be Malaysia’s top Telco-Tech company, transforming beyond core connectivity to lead digitalization and innovation as part of nation-building.