Thought Experiment: Predicting Cyber War

The concept of using attacks via networked computers is several decades old. Naturally this led to discussions of what full scale Cyber War would be like and how to deal with it.

There has not been one of those yet and there is much anxiety over how one would proceed. The useful tool for predicting future-events is the simulation or, in this case, a war-game. But these simulations only work if you have data from similar events in the past. You are confident this data is useful because you can build simulation that accurately recreate past events. As the saying goes, “if you can predict the past you can predict the future.” That doesn’t work so well with Cyber War, at least not the first one.

In short, it is difficult to predict the past if you have no good historical models for Cyber War. While there have not been any past Cyber Wars to provide data, there have been similar “tech wars” that are almost as good. There were several of these tech wars (or “competitions”) during World War II (1939-45) that are appropriate for developing a better idea of what a real Cyber War would be like. Take, for example, the electronic warfare that took place over Europe from 1940-45 in support of aerial bombing campaigns or to defend against them. The electronic warfare was most intense in the air over Britain and Western Europe (particularly Germany). Starting in 1943 that electronic warfare proceed with unprecedented intensity. In doing so nearly all the current electronic devices, weapons and countermeasures were invented and first used in combat.

Going into World War II, aircraft had little electronic equipment on board except a radio, and many nations didn't even equip all their warplanes with radios. But there was a lot of new electronic gadgetry being developed in the laboratories and universities during the 1930s. The needs of wartime quickly brought a lot of that speculative and experimental gear into use.

It did not take long and one of the first of the modern electronic devices to be introduced over Europe was the German Knickebein in February of 1940. This was an airborne navigation system using signals from ground transmitters. This allowed bombers flying a night to find targets, and accurately bomb them. This was a classic, and oft repeated, case of an unexpected military situation (bombing at night) bringing forth a technical solution to a seemingly intractable problem (finding targets at night.)

While the Germans pioneered the bombing of cities in the 1930s, particularly in Spain during the Civil War (1936-39), they always assumed that they would first clear the air of enemy fighters and then bomb accurately by day. When the Luftwaffe (German Air Force) ran into the RAF (British Royal Air Force) in 1940, it was quickly obvious that British fighters could make bombing in daylight an excessively expensive proposition. Bombing at night avoided the fighters, but created seemingly insurmountable navigation problems. Flying above the clouds, one could navigate well enough by the stars to find and bomb cities, but not smaller, and more critical targets like aircraft factories and airbases.

But the Germans (and other nations) had already been working on the use of radio beacons to guide aircraft. These were actually quite simple in theory, and practice. Radio beams was pointed in a certain direction, and the navigators on aircraft listened to the radio signals, giving the pilot instructions when to make a slight turn this way or that to stay on course. The beam was about 400 meters wide. The navigator noted distance traveled, and listened for the second beam that crossed the first beam at the target, so that he could alert the bombardier when the aircraft were near the target. If there was nothing but clouds or fog below, when the aircraft hit the point where they heard both radio signals, it was time to drop the bombs.

It took a while for the British to figure out how the Germans were doing it, for the Knickebein device was hidden on the bombers and the crew members who knew about it were instructed to keep quiet on the subject if captured. But eventually the British did find out about Knickebein and, in September 1940, introduced their countermeasure; Asperin. This was nothing more than an electronic jammers that sent out a lot of noise on the same frequencies as, Knickebein, rendering it useless.

During the Battle of Britain (Summer of 1940), the outnumbered British came up with a number of innovative, and not always high tech, ways to better deal with the German bombers. Although the principal German bombing attacks during 1940 were in daylight, there were also night attacks against cities. The British were the first to develop airborne radar for their night fighters.

The first system, the AI (Airborne Interception radar), had a minimum range of 240 meters and a maximum one of 3,200 meters. Given the crude tracking ability of the ground radars, this was often not enough to get the night fighter close enough to the German bombers to get a contact. So the British came up with another simple device, a transponder (radio transmitter) called Pip Squeak that gave out a signal periodically that was picked up by ground stations and, using triangulation, gave a precise position of the British aircraft.

There was also a series of radar beacons that allowed the night fighters to quickly find out what their own current position was. This was the forerunner of transponders and Blue Force Tracker. In 1940 this led to another innovation, centralized control of air defense. This was nothing more than reporting all sightings of enemy aircraft (from radar, human spotters or pilots) to one location. This control center would then allocate interceptors and alert anti-aircraft units. While seemingly obvious, this technique was not immediately adopted by every nation. The British were the first and it was a key element in their winning the Battle of Britain against the German Luftwaffe.

In September, 1940, the British introduced a better night fighter (the 11 ton Beaufighter, with four 20mm cannon), equipped with an improved airborne radar (AI Mk IV) that had a minimum range of 120 meters and a max range of 4,800 meters. The Beaufighters began shooting down German night bombers in late November, 1940 and the night skies became increasingly unfriendly for German bombers. By March, 1941, for the first time, British night fighters shot down more German bombers (22) than did anti-aircraft guns (21). In April the score went up to 48 bombers for the night fighters, versus 39 for the guns.

The Germans kept using the older technology until they discovered the microwave angle in 1943, via a shot down Allied aircraft carrying radar. The Germans didn't get their own microwave radars into use until late 1944, too late to have any major effect on the outcome of the war. Oddly enough, the Japanese had also discovered how to use microwave radar in 1941 but had not shared this with their German allies. This shows how valuable military secrets can be. Had the Germans gotten the secret of microwave radar in 1941 or 1942, their anti-aircraft defenses would have been more formidable when the Allied bombing campaign went into high gear during 1944. There would have been a lot more Allied losses. It wouldn't have changed the outcome of the war, but would have killed a lot more British and American airmen.

What the British learned in World War II about collecting information on enemy electronic equipment is still valid today. Such information is not cheap to get, and is even more expensive if you don't get it. Today, ships, submarines, aircraft and satellites are used to get this information on other nations radars and electronic gadgets. Even during peacetime there are losses, for often the gathering involves getting close to foreign territory and sometimes get violent about such actions. Hundreds of Americans died during the Cold War while collecting these electronic signatures in peacetime. In wartime it is an even more costly process. But without this information, wars begin with enemy electronics operating at peak capacity, rather than crippled by jamming and other countermeasures. The need for this electronic information was appreciated early in World War II, thus beginning a process that will continue as long as weapons use electronic transmitters.

At the very end of 1942, the Allies introduced Oboe. This was a 430 km range ground radar device that calculated a friendly bombers precise location and sent signal to the bomber about when bombs should be dropped. This was used during the day as well, when overcast prevented bombers from seeing their targets. This was limited by the range of the Oboe radar, and was of no use for the many targets deep inside Germany. It was also, for all practical purposes, impossible to jam.

The year 1943 saw the introduction of many new devices that, by the end of the century would still be considered high technology. The first of these "modern" electronic device was introduced by the Allies, H2S. This was a ground mapping airborne radar, which could distinguish between water, cities and rural areas. For 1943, this was really high tech and all the bugs were not worked out until the end of 1943. The advantages of ground mapping radars were enormous. Since Europe was crowded with rivers and urban areas, navigators with the proper maps could always figure out where they were, day or night, no matter how much overcast there was. For large targets, like cities, ports or large industrial complexes, "bombing by radar" became a possibility, and an accurate one at that (at least by World War II standards.)

Perhaps the major flaw of electronic devices was that, if they sent out a signal, that signal could be traced. Thus by the end of 1943 the German night fighters were using Flensburg, an airborne receiver that could detect the allied Monica tail radar for up to 100 kilometers. This enabled the night fighter pilot to carefully stalk the bomber and get in his attack without as much danger from the bombers tail guns. But Flensburg, and the Naxburg device for detecting the H2S ground mapping radar, also made an earlier (Summer of 1943) innovation even more useful. This little item was not a piece of high tech gear, but a simple modification of a German night fighter and was called Schrage Musik ("Jazz".)

From the end of 1943 through the Spring of 1944 it appeared that the Germans were winning the battle for the night skies. Despite all the Allied efforts at jamming German radios and radars, the Germans were more successful at using radar and jammer detectors. And the use of Schrage Musik greatly reduced their night fighter losses. Between November, 1943 and March, 1944, the British sent out thirty-five major attacks against German cities. The night fighters destroyed 1,047 bombers and damaged 1,682 others. In one major raid, the British sent out 999 bombers, of which 97 were shot down. Night fighters launched 247 sorties and accounted for 79 of the British bombers lost. The difference in men lost was even more striking; 11 Germans versus 545 British.

The German success was misleading, however, in that most of the British bombers were still getting through. Moreover, the British night bombing was a stopgap until such time as daylight bombing could be done. This was what the American bombers began doing in late 1942. By late 1943, escorted by long range fighters, the American B-17s and B-24s were ranging all over Germany making accurate raids on German industrial targets. The British bombers were still dropping more bombs. Even in 1944, at the peak of the American effort, the British night bombers dropped 525 thousand tons of bombs versus 389 thousand tons for the American daylight bombers. The British bombing, although now considered "terror" raids against cities and their civilian populations, did have a serious impact on the German war effort. Millions of workers were diverted to dealing with the damage and the refugees.

Over half a million German troops were assigned to anti-aircraft defenses around the cities. And the night fighter force kept increasing, from 611 fighters at the end of 1943 to 1256 in January, 1945. The night raids made the cities unlivable and helped cripple the German transportation network.

The Germans did make their point, in early 1944 and throughout the war, that night fighters were a formidable weapon. Of the 11,965 British night bombers lost during the war, night fighters accounted for half (5,730) of them. But the Allies did not give up because of the night fighters ascendancy in early 1944. June of 1944 brought the Allied invasion of France and many of the night bombers were diverted to bombing missions in France, and adjacent areas, to support the invasion.

One thing that has obviously changed since World War II is the speed of innovation. Cyber War is more about software than hardware and that means new Cyber War weapons, or defenses, can be created in hours, or less. The side that has a demonstrated ability to innovate effectively and do it faster will have an edge. So with the above examples Cyber War suddenly has a past that can be simulated and provide a model for predicting the future of Cyber War or, rather, the first one.

Ein News: http://bit.ly/1qjrWAL

« Anonymous To Launch Cyberattacks Against Trump
CEOs Seek Out CIOs With A 'Bias For Action' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Caliber Security Partners

Caliber Security Partners

Caliber Security Partners is a full-service information security company, with a wide range of security services for clients with varying levels of security maturity.

Verisec International

Verisec International

Verisec International AB is a Swedish Tech company focused since inception in enabling Trust in Digital Transactions, through the development of proprietary cutting-edge technologies and services.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

Pole SCS (Secure Communicating Solutions)

Pole SCS (Secure Communicating Solutions)

SCS is a world-class competitiveness cluster dedicated to digital technologies in the fields of Microelectronics, Internet Of Things, Digital Security, Artificial Intelligence And Big Data.

Waratek

Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.

CyRise

CyRise

CyRise is a venture accelerator focused squarely on early stage cyber security startups.

Digital Arts

Digital Arts

Digital Arts provides internet security software and appliance products for companies and individuals.

TechCERT

TechCERT

TechCERT is Sri Lanka’s first and largest Computer Emergency Readiness Team (CERT).

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

ioXt Alliance

ioXt Alliance

The ioXt Alliance is a group of manufacturers, industry alliances and government organizations dedicated to harmonizing best security practices in a highly connected world.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

Nexor

Nexor

Nexor are a UK-based cyber security company with 30 years' experience in secure information exchange.

Chainlink

Chainlink

Chainlink expands the capability of smart contracts by enabling access to real-world data and systems without sacrificing the security and reliability guarantees inherent to blockchain technology.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.