Cyber War Pre-emption Is The Key to Defense

The United States' best defense against a crippling cyber attack could be a more visible offense, military leaders and other experts recently suggested at the Army War College in Carlisle. Then they stopped talking.
The nation's cyber attack capabilities are so cloaked in secrecy that they could not say anything specific in an unclassified forum — even an invitation-only, closed-door strategy session.

That mystery could be a problem for deterring adversaries, says Mark Troutman, a participant in the forum and director of the Center for Infrastructure Protection and Homeland Security at George Mason University in Fairfax, Va.
“If you want a deterrent effect, the capability has to be known,” Troutman said, “and there has to be the perception that the resolve is there to use it.”

Or as Dr. Strangelove put it in Stanley Kubrick's Cold War thriller: “The whole point of the doomsday machine is lost if you keep it a secret. Why didn't you tell the world, eh?”
Increasingly, top security officials worry about computer attacks that could shut down the nation's systems for energy, banking, communications and more. A computer problem last month — which might or might not have been triggered by Anonymous hackers — closed the New York Stock Exchange for more than three hours.
Many former Cold War warriors believe prevention should start with the computer-age equivalent of nuclear deterrence and a promise of mutually assured destruction.
“The deterrence issue here is harder,” said Paul Kaminski, chairman of the Defense Science Board. “We have to give this more thought. As complicated as nuclear deterrent was, this is more complicated because there's less clarity in the actions.”
He and some others interviewed for this story were not at the war college talks.
After World War II, no one doubted that the United States possessed atomic power and would use it with devastating effect, experts said.
“Remember, the nuclear deterrent involved catastrophic weapons, and so nobody was fooling around with nuclear weapons, not even in tiny wars,” said Patrick Morgan, former Tierney Chair for Peace & Conflict at the University of California, Irvine. “But in cyber, we get attacks all the time. ... The rate at which cyber attacks go on is just astronomical.”
No rules is the rule

Cyber attacks often are more similar to intelligence operations or crimes than acts of war by the military, said Will Goodman, vice president for policy at the National Defense Industrial Association, an Arlington, Va., trade group.
“What the cyber domain needs most is a clear set of normative behaviors ... that, by custom or agreement, are allowed and not allowed,” Goodman said.

It's not clear what the United States can do online or how it will respond to specific attacks. Last month, National Intelligence Director James Clapper said the country lacks the substance and the psychology of deterring cyber incidents.
“Until such time as we come up with a form of deterrence that works, we're going to have more and more (computer attacks),” he said at The Aspen Institute's annual security forum in Colorado.
When word of possible exploits leaks out — such as the Stuxnet attack on Iran's uranium enrichment program — the nation's leaders avoid taking credit.

Even after President Obama blamed North Korea for hacking into computers at Sony Entertainment last year, the nation's response remained unclear. Some speculated the United States shut down North Korea's Internet, but Clapper said the only action was to sanction individual North Koreans.
“It was a conscious decision not to reciprocate in-kind,” he said.
Cyber deterrence can be harder to accomplish because of the nature of the attacks, Kaminski said. For nuclear detonations, it's typically clear who set off the bomb and what impact it had. Computer attacks can take place quietly with little evidence of where they started, although experts say attribution is getting easier.

While the United States might be able to deter foreign countries from carrying out computer attacks, others — terrorists, activists and individual computer experts — are gaining expertise that rivals small nations, experts said.
Secrecy can be important to the nation's cyber military programs, Kaminski said. The United States often wants to be stealthy about its sources and methods for online activity.
“Talking more about our cyber capabilities could cause our adversaries to fear our retaliatory capabilities,” Goodman said. “But it could also inform our adversaries about where they are vulnerable and help them improve their defenses.”
Some secrecy can be good as long as other countries over-estimate the United States' cyber capabilities, said Jim Lewis, a security expert at the Center for Strategic & International Studies, a Washington think tank.
But deterrence will not work if adversaries believe the United States will not retaliate, he added.

The Office of Personnel Management has said its systems were hacked and that the records of 22 million federal employees, contractors and people who applied to work for the government were stolen. The Obama administration has been largely silent on the source of the attacks except for Clapper, who said: “You have to kind of salute the Chinese for what they did.”
For a while after the intrusion became public, Chinese leaders were worried about what would happen, Lewis said.
Then nothing did.
“There's a whole range of things you could do,” Lewis told the Trib. “What we tend to be good at is generating excuses not to use them. ... The Chinese know that we know it's them, and we haven't done anything. So that's the message we're sending.”
For deterrence to be effective online, the United States will have to be more assertive about the consequences for intrusions, he said.
“We know that what we're doing now doesn't work,” Lewis said. “... I can see being cautious, but coming up with excuses about why we can't do anything mean to the Chinese only emboldens them.”

TribLive: http://bit.ly/1IEo058

 

« Gateway For Hackers
Australian Degree Course on Cyber War and Peace »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

Altron

Altron

Altron provides locally relevant innovative and integrated ICT solutions to business, government and consumers.

Secberus

Secberus

SECBERUS creates cloud security technology to help organizations stay secure & compliant in the public cloud.

GB Group (GBG)

GB Group (GBG)

GBG is a global technology specialist in fraud, location and identity data intelligence.

ProofID

ProofID

ProofID is a specialist provider of Identity Access Management (IAM) solutions. We focus on the solving the complex needs of the modern enterprise.

IQ4 - Cybersecurity Workforce Alliance (CWA)

IQ4 - Cybersecurity Workforce Alliance (CWA)

Cybersecurity Workforce Alliance, a division of iQ4, is an organization comprised of a diverse range of professionals dedicated to the development of the cybersecurity workforce.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

Advantage

Advantage

Advantage exists to provide peace of mind in an evolving technology reliant world. We were created by visionaries who for nearly 4-decades have been passionate about providing world-class solutions.

Mindsprint

Mindsprint

Mindsprint (formerly Olam Technology and Business Services - OTBS) are a leading edge technology and business services firm.

Modern Networks

Modern Networks

Modern Networks is a leading provider of IT managed services to the UK’s commercial property sector and medium sized enterprises.

Versent

Versent

Versent is an Australian-born technology company, focused on architecting, building & operating cloud native applications, data streams, platforms, and services.

Munio

Munio

Munio is a leading Fortified IT Support and Cyber Security companies in the south east of the UK.

Vernetzen

Vernetzen

Vernetzen is an industrial network and cybersecurity innovator focused on delivering practical solutions to connect and secure industry across the globe.

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.

Hartman Executive Advisors

Hartman Executive Advisors

Hartman Executive Advisors is an unbiased IT and cyber advisory firm uniquely designed to help mid-market executives maximize their IT investments.

SureCloud Cyber Services

SureCloud Cyber Services

Our Cyber Testing capability has been honed since we were founded in 2006 as a disrupter in the penetration testing market.