‘Cyber War’ Is Fast Becoming Just ‘War’

The next great conflict will play out not just on physical terrain but also in the electrical pulses of cyberspace and the electronic spectrum.

But while anonymous enemies like ISIS or Russia’s “little green men” are free to use the digital space as they like, US Army leaders say legal requirements and a pre-digital structure of rules complicate their response.

That’s why, for the last 18 months, the Army has been experimenting with different concepts of operations for the cyber units that will be on the front lines of tomorrow’s fights.

The Army, which already has 30 teams at full operational capability and 11 more at initial operating capability, is aiming to have 41 fully operational Army teams by year’s end.

“As soon as we create them they are in operational use” in both offense and defense, said Brig. Gen. J.P. McGee, the deputy for operations for Army Cyber Command. “We have Army soldiers delivering effects against ISIS and ISIL.”  

Last April, the New York Times reported that military cyber teams are helping Iraqi Security Forces and Kurds fight ISIS by working, “to alter [ISIS fighters’] messages, with the aim of redirecting militants to areas more vulnerable to attack by American drones or local ground forces.”

Offensive cyber-weapons are a key interest of the new administration. President Trump’s team reently added a “Making Our Military Strong Again” page to the White House’s website: “We will make it a priority to develop defensive and offensive cyber capabilities at our US Cyber Command.”

Yet the definitions of cyber weapons and cyber-warfare are not much more precise today than in 2010 when the Stuxnet worm shut down Iran’s Natanz nuclear enrichment facility. In 2011, the Pentagon acknowledged a secret list of cyber weapons but did not detail what they were.

Of course, the United States has been using various cyber espionage tactics as part of real operations for years.

In his book @War: The Rise of the Military-Internet Complex, Shane Harris describes the work of NSA hackers embedded with military squads fighting in Iraq after the fall of Saddam Hussein.

“The US hackers sent fake text messages to insurgent fighters and roadside bombers,” Harris writes. “The messages would tell the recipient, in effect, ‘Meet at this street corner to plan the next attack,’ or ‘Go to this point on a road and plant your device.’ When the fighter got there, he’d be greeted by US troops, or perhaps the business end of a Hellfire missile, fired from a drone aircraft, thousands of feet above.”

Today, the Army is putting those ideas to work at the National Training Center, where soldiers and technical experts are working out formal concepts and plans for deploying cyber weapons on the battlefield. The key is to use them with precision, predictability, and maximum effect, while also defending Army networks and communications.

“What it looks like is the ability to go there and, first off … map out the cyber and electromagnetic terrain. So, where is everything? Where are wireless points? Where are the cellphone towers? What does that look like?” McGee told reporters Wednesday at the Pentagon.

This new dimension of war demands changes to the Army’s tables of organization. To guard tactical networks, for example, every brigade combat team will have a warrant officer and a non-commissioned officer to mind what the Army is calling a “cyber first line of defense.”

The Army’s tactical operations centers will also get a cyber advisor to guide commanders in deploying information weapons, just as the artillery experts guide fires.

Then there are the tactical questions. If the Army’s hackers can gain access to an enemy’s wireless communications points, what should they do to them? McGee said one option is to shut down nearby civilian networks when a US patrol passes through the area, to prevent insurgents from calling in aid. “Now you might ask, why not close it down completely, just put a bomb in it?” he said. “Well, potentially, that’s just a place we can collect [intelligence] later on.”

Commanders must also understand the legal consequences of disrupting or bugging a civilian network. Navigating the legal environment can be much more complex than just blasting a target with a howitzer.

“We have to develop a framework and a model that allows us to describe how we can break down these authorities in terms of the effects that they would have,” McGee said. “Originally, the thought of doing cyberspace operations was that everything had to be controlled by the president…We are discovering that we can have a localised, discriminating effect.”

Currently, even basic and relatively simple actions like mapping the digital networks and nodes around a battlespace can get snarled in bureaucracy.

“How do we visualise that environment … also from the electromagnetic spectrum angle, what kind of signatures are we emitting? How can we see the enemy?” said Brig. Gen. Patricia Frost, who runs the Army’s Cyber Directorate. “The commander has [to have] a complete visualisation of the domain. That’s really important. That should not take an authority granted by the SecDef.”

The Army has a tactical field manual for cyber and EW effects, but has not yet laid out, at least in public, an explicit policy for how, when, and under what circumstances it will use offensive cyber weapons.

The public understanding of these questions hasn’t much advanced since two years ago, when the head of US Cyber Command, Adm. Michael Rogers, has said cyber weapons should be governed by the same rules of engagement as other weapons.

“Remember, anything we do in the cyber arena…must follow the law of conflict. Our response must be proportional, must be in line with the broader set of norms that we’ve created over time. I don’t expect cyber to be any different,” Rogers said in 2015.

Future adversaries won’t operate under the same constraints.

“If you don’t have to worry about authorities … you can be very effective,” she said. “We look at it differently. The State Department, when we are not at war, we defer to them on information operations. It’s a different approach.”

Cyber operations are also a lot easier if you “don’t look at it through a Western lens in terms of protecting citizens’ privacy rights, also not having to be completely honest in the press,” Frost said. “That ability to use technology and be untruthful, it’s not something we would do. You’re playing on a different field. They already have an upper hand because” they can play by different rules.

The Army plans to run exercises with different legal teams to see if the soldiers of today and tomorrow need extra legal authorities in battle. Getting those proper authorities and related issues ironed out can add delays, Frost acknowledges. She says that she is “satisfied with the pace” of getting those permissions in place but added that it’s “never fast enough” if you’re the soldier in the fight.

For McGee, a bigger concern is his inability to know enough his adversary’s capabilities, a unique feature of digital weapons. There are lot of ways to figure out the size of a conventional force, and the number of soldiers and bombs it has. But cyber capabilities, by virtue of their ethereal nature, are also opaque.

“If you look back at the Cold War, we had a rough idea of what the Warsaw Pact [the Soviet Union and its satellite countries] had in terms of divisions, ships, planes,” McGee said.

“We were probably off but not by a tremendous amount. In cyberspace it’s very hard to have that degree of certainty. The possibility of unknowns in this operational space is huge. It’s impossible for us to scale what we know and don’t know.”

DefenseOne

Technology, Multilateralism, War & Peace:        Cyberwarfare: Borders Offer No Defense:

 

« Fake Microsoft Phishing Scam
Facebook Wants To Eliminate Racially Targeted Advertising »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Privacy Professor

Privacy Professor

Privacy Professor provides information privacy, security and compliance services, tools and products to organizations in a wide range of industries.

Clusit

Clusit

Clusit is the Italian Association for Information Security, a nonprofit organization devoted to promoting every aspect of information security.

European Recruitment

European Recruitment

European Recruitment is an award-winning, international recruitment agency specialising in niche technology areas including Cyber Security.

Southwest Research Institute (SwRI)

Southwest Research Institute (SwRI)

Southwest Research Institute SwRI are R&D problem solvers providing independent services to government and industry clients. Areas of expertise include Cybersecurity, Intelligent Networks and IoT.

Jobsora

Jobsora

Jobsora is an innovative job search platform in the UK and more than 35 other countries around the world. Sectors covered include IT and cybersecurity.

Nihon Cyber Defense

Nihon Cyber Defense

Nihon Cyber Defence’s mission is to provide robust solutions, services and support to governments, corporates and organisations in order to protect them from all forms of cyber warfare.

Calypso AI

Calypso AI

Calypso AI build software products that solve complex AI risks for national security and highly-regulated industries.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

Inpher

Inpher

Inpher has pioneered cryptographic Secret Computing® that enables advanced analytics and machine learning while keeping data private, secure, and distributed.

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

Cyber Protection Group (CPG)

Cyber Protection Group (CPG)

Cyber protection Group specialize in Penetration Testing. We work with enterprise level companies as well as small to medium sized businesses.

Spotit

Spotit

Spotit offers a wide-ranging portfolio of technologies and services, from consultancy, assessments and pentesting to the set up of completely new security and network infrastructures.

Cyberi

Cyberi

Cyberi provide specialist technical consultancy and cyber advisory services, from penetration testing and assurance to incident management and response, and technical security research.

Custard Technical Services

Custard Technical Services

Custard provide Network Security for all types of businesses across many industries, helping to keep them safe and secure.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

V2X

V2X

V2X delivers IT support, networking, and cybersecurity solutions that ensure optimal mission support and performance.