‘Cyber War’ Is Fast Becoming Just ‘War’

The next great conflict will play out not just on physical terrain but also in the electrical pulses of cyberspace and the electronic spectrum.

But while anonymous enemies like ISIS or Russia’s “little green men” are free to use the digital space as they like, US Army leaders say legal requirements and a pre-digital structure of rules complicate their response.

That’s why, for the last 18 months, the Army has been experimenting with different concepts of operations for the cyber units that will be on the front lines of tomorrow’s fights.

The Army, which already has 30 teams at full operational capability and 11 more at initial operating capability, is aiming to have 41 fully operational Army teams by year’s end.

“As soon as we create them they are in operational use” in both offense and defense, said Brig. Gen. J.P. McGee, the deputy for operations for Army Cyber Command. “We have Army soldiers delivering effects against ISIS and ISIL.”  

Last April, the New York Times reported that military cyber teams are helping Iraqi Security Forces and Kurds fight ISIS by working, “to alter [ISIS fighters’] messages, with the aim of redirecting militants to areas more vulnerable to attack by American drones or local ground forces.”

Offensive cyber-weapons are a key interest of the new administration. President Trump’s team reently added a “Making Our Military Strong Again” page to the White House’s website: “We will make it a priority to develop defensive and offensive cyber capabilities at our US Cyber Command.”

Yet the definitions of cyber weapons and cyber-warfare are not much more precise today than in 2010 when the Stuxnet worm shut down Iran’s Natanz nuclear enrichment facility. In 2011, the Pentagon acknowledged a secret list of cyber weapons but did not detail what they were.

Of course, the United States has been using various cyber espionage tactics as part of real operations for years.

In his book @War: The Rise of the Military-Internet Complex, Shane Harris describes the work of NSA hackers embedded with military squads fighting in Iraq after the fall of Saddam Hussein.

“The US hackers sent fake text messages to insurgent fighters and roadside bombers,” Harris writes. “The messages would tell the recipient, in effect, ‘Meet at this street corner to plan the next attack,’ or ‘Go to this point on a road and plant your device.’ When the fighter got there, he’d be greeted by US troops, or perhaps the business end of a Hellfire missile, fired from a drone aircraft, thousands of feet above.”

Today, the Army is putting those ideas to work at the National Training Center, where soldiers and technical experts are working out formal concepts and plans for deploying cyber weapons on the battlefield. The key is to use them with precision, predictability, and maximum effect, while also defending Army networks and communications.

“What it looks like is the ability to go there and, first off … map out the cyber and electromagnetic terrain. So, where is everything? Where are wireless points? Where are the cellphone towers? What does that look like?” McGee told reporters Wednesday at the Pentagon.

This new dimension of war demands changes to the Army’s tables of organization. To guard tactical networks, for example, every brigade combat team will have a warrant officer and a non-commissioned officer to mind what the Army is calling a “cyber first line of defense.”

The Army’s tactical operations centers will also get a cyber advisor to guide commanders in deploying information weapons, just as the artillery experts guide fires.

Then there are the tactical questions. If the Army’s hackers can gain access to an enemy’s wireless communications points, what should they do to them? McGee said one option is to shut down nearby civilian networks when a US patrol passes through the area, to prevent insurgents from calling in aid. “Now you might ask, why not close it down completely, just put a bomb in it?” he said. “Well, potentially, that’s just a place we can collect [intelligence] later on.”

Commanders must also understand the legal consequences of disrupting or bugging a civilian network. Navigating the legal environment can be much more complex than just blasting a target with a howitzer.

“We have to develop a framework and a model that allows us to describe how we can break down these authorities in terms of the effects that they would have,” McGee said. “Originally, the thought of doing cyberspace operations was that everything had to be controlled by the president…We are discovering that we can have a localised, discriminating effect.”

Currently, even basic and relatively simple actions like mapping the digital networks and nodes around a battlespace can get snarled in bureaucracy.

“How do we visualise that environment … also from the electromagnetic spectrum angle, what kind of signatures are we emitting? How can we see the enemy?” said Brig. Gen. Patricia Frost, who runs the Army’s Cyber Directorate. “The commander has [to have] a complete visualisation of the domain. That’s really important. That should not take an authority granted by the SecDef.”

The Army has a tactical field manual for cyber and EW effects, but has not yet laid out, at least in public, an explicit policy for how, when, and under what circumstances it will use offensive cyber weapons.

The public understanding of these questions hasn’t much advanced since two years ago, when the head of US Cyber Command, Adm. Michael Rogers, has said cyber weapons should be governed by the same rules of engagement as other weapons.

“Remember, anything we do in the cyber arena…must follow the law of conflict. Our response must be proportional, must be in line with the broader set of norms that we’ve created over time. I don’t expect cyber to be any different,” Rogers said in 2015.

Future adversaries won’t operate under the same constraints.

“If you don’t have to worry about authorities … you can be very effective,” she said. “We look at it differently. The State Department, when we are not at war, we defer to them on information operations. It’s a different approach.”

Cyber operations are also a lot easier if you “don’t look at it through a Western lens in terms of protecting citizens’ privacy rights, also not having to be completely honest in the press,” Frost said. “That ability to use technology and be untruthful, it’s not something we would do. You’re playing on a different field. They already have an upper hand because” they can play by different rules.

The Army plans to run exercises with different legal teams to see if the soldiers of today and tomorrow need extra legal authorities in battle. Getting those proper authorities and related issues ironed out can add delays, Frost acknowledges. She says that she is “satisfied with the pace” of getting those permissions in place but added that it’s “never fast enough” if you’re the soldier in the fight.

For McGee, a bigger concern is his inability to know enough his adversary’s capabilities, a unique feature of digital weapons. There are lot of ways to figure out the size of a conventional force, and the number of soldiers and bombs it has. But cyber capabilities, by virtue of their ethereal nature, are also opaque.

“If you look back at the Cold War, we had a rough idea of what the Warsaw Pact [the Soviet Union and its satellite countries] had in terms of divisions, ships, planes,” McGee said.

“We were probably off but not by a tremendous amount. In cyberspace it’s very hard to have that degree of certainty. The possibility of unknowns in this operational space is huge. It’s impossible for us to scale what we know and don’t know.”

DefenseOne

Technology, Multilateralism, War & Peace:        Cyberwarfare: Borders Offer No Defense:

 

« Fake Microsoft Phishing Scam
Facebook Wants To Eliminate Racially Targeted Advertising »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

HyTrust

HyTrust

HyTrust specialises in security, compliance and control software for virtualization and cloud environments.

KFSensor

KFSensor

KFSensor is an advanced 'honeypot' intrusion and insider threat detection system for Windows networks.

Muninn

Muninn

At Muninn (aka Wehowsky), we specialize in mitigating potential risks within your network, providing one of the leading network detection and response (NDR) solutions on the market.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

BitSight Technologies

BitSight Technologies

BitSight transforms how companies manage information security risk with objective, verifiable and actionable Security Ratings.

National Cyber Security Centre (NCSC) - Switzerland

National Cyber Security Centre (NCSC) - Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Vector Informatik

Vector Informatik

Vector Informatik is a specialist in automotove electronics and provides services, embedded software and tools for securing embedded systems against cyber-attacks.

Alcon Maddox

Alcon Maddox

Alcon Maddox is a niche recruitment and executive search firm specialised in sourcing exceptional Cyber Security sales and commercial leadership talent. Serving clients across the Middle East & Europe

Path Forward IT

Path Forward IT

Path Forward IT has been troubleshooting, architecting, migrating, protecting, and securing IT environments for businesses across the USA since 2002.

Laminar

Laminar

Laminar provides the only Public Cloud Data Protection solution that provides full visibility and enforcement capabilities across your entire public cloud infrastructure.

North West Cyber Resilience Centre (NWCRC)

North West Cyber Resilience Centre (NWCRC)

The North West Cyber Resilience Centre is a trusted, not-for-profit venture between Greater Manchester Police and Manchester Digital.

Oxeye

Oxeye

Oxeye fills the gap between cloud and code to show exploitable vulnerabilities, and their path from API to code. More visibility. Less noise. More time to build.

Bulletproof Solutions

Bulletproof Solutions

Bulletproof provides IT expert support, services, and guidance to businesses small and large as they grow and adapt to today’s complex IT, cybersecurity, and compliance needs.

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre is the jurisdiction's Cyber Emergency Response Team (CERT) and national technical authority for cyber security.

Ncontracts

Ncontracts

Our mission at Ncontracts is to continually improve our clients’ ability to manage risk and compliance.