Cyber War Pre-emption Is The Key to Defense

The United States' best defense against a crippling cyber attack could be a more visible offense, military leaders and other experts recently suggested at the Army War College in Carlisle. Then they stopped talking.
The nation's cyber attack capabilities are so cloaked in secrecy that they could not say anything specific in an unclassified forum — even an invitation-only, closed-door strategy session.

That mystery could be a problem for deterring adversaries, says Mark Troutman, a participant in the forum and director of the Center for Infrastructure Protection and Homeland Security at George Mason University in Fairfax, Va.
“If you want a deterrent effect, the capability has to be known,” Troutman said, “and there has to be the perception that the resolve is there to use it.”

Or as Dr. Strangelove put it in Stanley Kubrick's Cold War thriller: “The whole point of the doomsday machine is lost if you keep it a secret. Why didn't you tell the world, eh?”
Increasingly, top security officials worry about computer attacks that could shut down the nation's systems for energy, banking, communications and more. A computer problem last month — which might or might not have been triggered by Anonymous hackers — closed the New York Stock Exchange for more than three hours.
Many former Cold War warriors believe prevention should start with the computer-age equivalent of nuclear deterrence and a promise of mutually assured destruction.
“The deterrence issue here is harder,” said Paul Kaminski, chairman of the Defense Science Board. “We have to give this more thought. As complicated as nuclear deterrent was, this is more complicated because there's less clarity in the actions.”
He and some others interviewed for this story were not at the war college talks.
After World War II, no one doubted that the United States possessed atomic power and would use it with devastating effect, experts said.
“Remember, the nuclear deterrent involved catastrophic weapons, and so nobody was fooling around with nuclear weapons, not even in tiny wars,” said Patrick Morgan, former Tierney Chair for Peace & Conflict at the University of California, Irvine. “But in cyber, we get attacks all the time. ... The rate at which cyber attacks go on is just astronomical.”
No rules is the rule

Cyber attacks often are more similar to intelligence operations or crimes than acts of war by the military, said Will Goodman, vice president for policy at the National Defense Industrial Association, an Arlington, Va., trade group.
“What the cyber domain needs most is a clear set of normative behaviors ... that, by custom or agreement, are allowed and not allowed,” Goodman said.

It's not clear what the United States can do online or how it will respond to specific attacks. Last month, National Intelligence Director James Clapper said the country lacks the substance and the psychology of deterring cyber incidents.
“Until such time as we come up with a form of deterrence that works, we're going to have more and more (computer attacks),” he said at The Aspen Institute's annual security forum in Colorado.
When word of possible exploits leaks out — such as the Stuxnet attack on Iran's uranium enrichment program — the nation's leaders avoid taking credit.

Even after President Obama blamed North Korea for hacking into computers at Sony Entertainment last year, the nation's response remained unclear. Some speculated the United States shut down North Korea's Internet, but Clapper said the only action was to sanction individual North Koreans.
“It was a conscious decision not to reciprocate in-kind,” he said.
Cyber deterrence can be harder to accomplish because of the nature of the attacks, Kaminski said. For nuclear detonations, it's typically clear who set off the bomb and what impact it had. Computer attacks can take place quietly with little evidence of where they started, although experts say attribution is getting easier.

While the United States might be able to deter foreign countries from carrying out computer attacks, others — terrorists, activists and individual computer experts — are gaining expertise that rivals small nations, experts said.
Secrecy can be important to the nation's cyber military programs, Kaminski said. The United States often wants to be stealthy about its sources and methods for online activity.
“Talking more about our cyber capabilities could cause our adversaries to fear our retaliatory capabilities,” Goodman said. “But it could also inform our adversaries about where they are vulnerable and help them improve their defenses.”
Some secrecy can be good as long as other countries over-estimate the United States' cyber capabilities, said Jim Lewis, a security expert at the Center for Strategic & International Studies, a Washington think tank.
But deterrence will not work if adversaries believe the United States will not retaliate, he added.

The Office of Personnel Management has said its systems were hacked and that the records of 22 million federal employees, contractors and people who applied to work for the government were stolen. The Obama administration has been largely silent on the source of the attacks except for Clapper, who said: “You have to kind of salute the Chinese for what they did.”
For a while after the intrusion became public, Chinese leaders were worried about what would happen, Lewis said.
Then nothing did.
“There's a whole range of things you could do,” Lewis told the Trib. “What we tend to be good at is generating excuses not to use them. ... The Chinese know that we know it's them, and we haven't done anything. So that's the message we're sending.”
For deterrence to be effective online, the United States will have to be more assertive about the consequences for intrusions, he said.
“We know that what we're doing now doesn't work,” Lewis said. “... I can see being cautious, but coming up with excuses about why we can't do anything mean to the Chinese only emboldens them.”

TribLive: http://bit.ly/1IEo058

 

« Gateway For Hackers
Australian Degree Course on Cyber War and Peace »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Opengear

Opengear

Opengear designs, manufactures and delivers the most feature-rich, cost-effective, flexible solutions for secure remote infrastructure management. Wit

Anomali

Anomali

Anomali delivers intelligence-driven cybersecurity solutions to enhance threat visibility, automate threat processing and detection, and accelerate threat investigation, response, and remediation.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

CodeSealer

CodeSealer

CodeSealer provide invisible end-to-end user interface protection with a unique web security solution to eliminate Man-in-the-Middle and Man-in-the-Browser vulnerabilties.

Bangladesh Association of Software & Information Services (BASIS)

Bangladesh Association of Software & Information Services (BASIS)

BASIS is the national trade body for Software & IT Enabled Service industry of Bangladesh.

Cohesity

Cohesity

Cohesity radically simplifies the way businesses back up, manage, protect, and extract value from their data—in the data center, at the edge, and in the cloud.

NWN Corp

NWN Corp

NWN Corporation is a leading Cloud Communications Service Provider (CCSP) focused on transforming the customer and workspace experience for commercial, enterprise and public sector organizations.

ZARIOT

ZARIOT

ZARIOT's mission is to restore order to what is becoming connected chaos in IoT by bringing unrivalled security, control and quality of service.

Rayzone Group

Rayzone Group

Rayzone Group offers a wide range of Cyber Security solutions and services, providing hollistic protection suitable for both enterprises and National cyber security centers.

KirkpatrickPrice

KirkpatrickPrice

KirkpatrickPrice is dedicated to providing you with innovative security guidance and efficient audit services.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce has partnered with Purdue University and Carnegie Mellon University to create the Rolls-Royce Cybersecurity Technology Research Network.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

NORMA Cyber

NORMA Cyber

NORMA Cyber delivers centralised cyber security services to Norwegian shipowners and other entities within the Norwegian maritime sector.

Fescaro

Fescaro

FESCARO is a trusted cybersecurity partner for global automakers and their partners, helping them transition to software-defined vehicles (SDVs) with tailored automotive software solutions.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.