There Are No Civilians In Cyber Warfare

At the conclusion of his authoritataive 2016 book Cyberspace in Peace and War, US Naval Academy cyber-security expert Martin Libicki takes a scolding tone toward rag-tag hackers who liked to demonstrate “their intelligence if not their maturity”.

He told his readers that cybersecurity was a three-star problem that was “hyped into a four-star problem, a standing that it never deserved.”

It was an odd conclusion even in 2016, after all, in 2015 there'd been an enormous coordinated cyber-attack on Ukraine's power system, in which a quarter of a million Ukrainians were deprived of power in the middle of winter.

And from the vantage point of 2017, after the world watched in appalled horror at the 2016 US presidential election and its aftermath, in which Russian state agencies hacked US election rolls and perhaps did much more, Libicki's complacent conclusion seems downright naïve.

New Read

Updating the picture is Alexander Klimburg's quietly horrifying new book The Darkening Web: The War for Cyberspace, which opens with a brutally sobering declaration about the kind and extent of damage that cyber warfare could inflict.

“In reality,” Klimburg writes, “pretty much any form of destruction is achievable through cyber means; for those with the resources, the only limitation is their own creativity.”

With gut-clenching efficiency, Klimburg imagines plenty: power grids not only shut down but physically damaged, transportation networks disrupted or closed (80 percent of Americans live in cities, dependent on food supplies that would only last a day if stopped), telecommunications warped or terminated, financial information deleted.

And of course he discusses the stereotypical nightmare scenario, which involves nuclear weapons, tens of thousands of which have command-and-control sequences that are now “cyber-enabled”, and therefore hackable.

Planes fly, and land safely, guided not by human hands but entirely by software. Thousands of pieces of everyday technology are now interconnected in an elaborate ongoing electronic conversation with each other, the much-touted “Internet of things”, and all of those conversations can be not only interrupted but co-opted.

The implication throughout the book couldn't be clearer: logging off Facebook or keeping a backyard garden is a fool's consolation. In cyber warfare, there are no civilians.

Naturally enough, the Russians figure prominently throughout "The Darkening Web."

“The extreme level of Russian involvement in the 2016 US presidential election is, at the time of finishing this book, just reaching fever pitch,” Klimburg writes. “One June 2016 article clearly outlines how the Kremlin's troll army was being used to support the candidacy of Donald Trump, with a number of known trolls migrating their accounts to fake conservative personas.”

Klimburg traces the long history of Russia's electronic espionage, including the entire generation of siloviki, former members of the Soviet security services, who've been put to new and nefarious uses in Putin's Russia.

But the story also extends to the rise of state-sponsored hacking campaigns all around the world, from major actors like China and North Korea to tiny four-person cabals in Eastern Europe unleashing vast clouds of malicious bots for reasons of their own.

All these actors combine to form a vast crowd of opportunists creating millions of strains of malware, splicing and re-combining into “zombie armies” called botnets, which can form cybernetic terrains all their own.
 
“Botnets are highly useful for those seeking to perpetrate cyber-crime or even engage in state-affiliated cyber espionage,” Klimburg writes. “Botnets can be used by hackers for a variety of tasks: they are truly the Swiss army knives of cyber-attacks.”

And alongside malicious human actors there's also the added danger of inhuman actors: malware communicating with malware, bots adapting themselves to other bots, often simulating the kind of artificial intelligence (AI) that no less an authority than Stephen Hawking warned might spell the end of humankind.

Whether its author intends it or not, "The Darkening Web" eventually accumulates the picture of an impending apocalypse, an utterly unwinnable war in which the world's few good guys, in this account, the liberal democracies that are interested in social freedom and the uncensored flow of information, are outgunned, outspent, and outmaneuvered at every stage of what Klimburg refers to as the great cyber game.

The vending machine in your office's cafeteria communicates electronically, automatically and without supervision, with its stocking company when it's running low on snacks; the company's stocking software communicates, again, unsupervised, with the software of its distant suppliers.

Those suppliers have software that communicates with various government regulatory agencies. All of it happens every day, and all of it is hackable. Multiply that a million fold and you have the world of the darkening web.

“This is an Armageddon that all of us in liberal democracies have the power to avert,” Klimburg writes, reminding his readers that “humanity has come together to deal with existential challenges before.”

In the wake of a presidential election hacked by an enemy power, with massive random ware viruses making the news by attacking dozens of countries simultaneously, the note of defiant optimism, however unrealistic, is desperately appreciated.

CS Monitor

You Might Also Read:

Modern Fiction: A Novel  Is Required Reading At The Pentagon:

Dark Territory: The Secret History of Cyber War:

 

« US Police Make Widespread Use Of Facial Recognition Software
Cyber Warfare Opens A New Front Against Civilians »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Open Networking Foundation (ONF)

Open Networking Foundation (ONF)

The Open Networking Foundation (ONF) is a non-profit operator led consortium driving transformation of network infrastructure and carrier business models.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

Core Security

Core Security

Core Security provides threat-aware identity, access, authentication and vulnerability management solutions.

Netrix

Netrix

Netrix is a Mexican company specialized in IT Security, with more than 18 years of experience in Managed Services, Professional Services and Turnkey Solutions related to Security.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

Microchip Technology

Microchip Technology

Microchip Technology Inc. is a leading provider of smart, connected and secure embedded control solutions.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

Cyber Management Alliance

Cyber Management Alliance

Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership and operational mastery of cyber security management.

CornerStone

CornerStone

CornerStone is an award winning, independent risk, cyber and security consulting firm providing a range of Risk Management, Security Design and Implementation Management Services.

Adversa AI

Adversa AI

Adversa's mission is to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents.

Phriendly Phishing

Phriendly Phishing

Phriendly Phishing offers phishing awareness training programs designed to ward off potential security threats and minimise the impact of cyber attacks.

Moonsense

Moonsense

Moonsense is on a mission to level the playing field in the fight against online fraud.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

RunReveal

RunReveal

RunReveal's mission is to make sure no breach goes undetected. That means having a product that is accessible and effective for companies of all sizes.

PowerDMARC

PowerDMARC

PowerDMARC is a domain security and email authentication SaaS platform that helps organizations protect their domain name, brand, and emails against unauthorized use.