Thought Experiment: Predicting Cyber War

The concept of using attacks via networked computers is several decades old. Naturally this led to discussions of what full scale Cyber War would be like and how to deal with it.

There has not been one of those yet and there is much anxiety over how one would proceed. The useful tool for predicting future-events is the simulation or, in this case, a war-game. But these simulations only work if you have data from similar events in the past. You are confident this data is useful because you can build simulation that accurately recreate past events. As the saying goes, “if you can predict the past you can predict the future.” That doesn’t work so well with Cyber War, at least not the first one.

In short, it is difficult to predict the past if you have no good historical models for Cyber War. While there have not been any past Cyber Wars to provide data, there have been similar “tech wars” that are almost as good. There were several of these tech wars (or “competitions”) during World War II (1939-45) that are appropriate for developing a better idea of what a real Cyber War would be like. Take, for example, the electronic warfare that took place over Europe from 1940-45 in support of aerial bombing campaigns or to defend against them. The electronic warfare was most intense in the air over Britain and Western Europe (particularly Germany). Starting in 1943 that electronic warfare proceed with unprecedented intensity. In doing so nearly all the current electronic devices, weapons and countermeasures were invented and first used in combat.

Going into World War II, aircraft had little electronic equipment on board except a radio, and many nations didn't even equip all their warplanes with radios. But there was a lot of new electronic gadgetry being developed in the laboratories and universities during the 1930s. The needs of wartime quickly brought a lot of that speculative and experimental gear into use.

It did not take long and one of the first of the modern electronic devices to be introduced over Europe was the German Knickebein in February of 1940. This was an airborne navigation system using signals from ground transmitters. This allowed bombers flying a night to find targets, and accurately bomb them. This was a classic, and oft repeated, case of an unexpected military situation (bombing at night) bringing forth a technical solution to a seemingly intractable problem (finding targets at night.)

While the Germans pioneered the bombing of cities in the 1930s, particularly in Spain during the Civil War (1936-39), they always assumed that they would first clear the air of enemy fighters and then bomb accurately by day. When the Luftwaffe (German Air Force) ran into the RAF (British Royal Air Force) in 1940, it was quickly obvious that British fighters could make bombing in daylight an excessively expensive proposition. Bombing at night avoided the fighters, but created seemingly insurmountable navigation problems. Flying above the clouds, one could navigate well enough by the stars to find and bomb cities, but not smaller, and more critical targets like aircraft factories and airbases.

But the Germans (and other nations) had already been working on the use of radio beacons to guide aircraft. These were actually quite simple in theory, and practice. Radio beams was pointed in a certain direction, and the navigators on aircraft listened to the radio signals, giving the pilot instructions when to make a slight turn this way or that to stay on course. The beam was about 400 meters wide. The navigator noted distance traveled, and listened for the second beam that crossed the first beam at the target, so that he could alert the bombardier when the aircraft were near the target. If there was nothing but clouds or fog below, when the aircraft hit the point where they heard both radio signals, it was time to drop the bombs.

It took a while for the British to figure out how the Germans were doing it, for the Knickebein device was hidden on the bombers and the crew members who knew about it were instructed to keep quiet on the subject if captured. But eventually the British did find out about Knickebein and, in September 1940, introduced their countermeasure; Asperin. This was nothing more than an electronic jammers that sent out a lot of noise on the same frequencies as, Knickebein, rendering it useless.

During the Battle of Britain (Summer of 1940), the outnumbered British came up with a number of innovative, and not always high tech, ways to better deal with the German bombers. Although the principal German bombing attacks during 1940 were in daylight, there were also night attacks against cities. The British were the first to develop airborne radar for their night fighters.

The first system, the AI (Airborne Interception radar), had a minimum range of 240 meters and a maximum one of 3,200 meters. Given the crude tracking ability of the ground radars, this was often not enough to get the night fighter close enough to the German bombers to get a contact. So the British came up with another simple device, a transponder (radio transmitter) called Pip Squeak that gave out a signal periodically that was picked up by ground stations and, using triangulation, gave a precise position of the British aircraft.

There was also a series of radar beacons that allowed the night fighters to quickly find out what their own current position was. This was the forerunner of transponders and Blue Force Tracker. In 1940 this led to another innovation, centralized control of air defense. This was nothing more than reporting all sightings of enemy aircraft (from radar, human spotters or pilots) to one location. This control center would then allocate interceptors and alert anti-aircraft units. While seemingly obvious, this technique was not immediately adopted by every nation. The British were the first and it was a key element in their winning the Battle of Britain against the German Luftwaffe.

In September, 1940, the British introduced a better night fighter (the 11 ton Beaufighter, with four 20mm cannon), equipped with an improved airborne radar (AI Mk IV) that had a minimum range of 120 meters and a max range of 4,800 meters. The Beaufighters began shooting down German night bombers in late November, 1940 and the night skies became increasingly unfriendly for German bombers. By March, 1941, for the first time, British night fighters shot down more German bombers (22) than did anti-aircraft guns (21). In April the score went up to 48 bombers for the night fighters, versus 39 for the guns.

The Germans kept using the older technology until they discovered the microwave angle in 1943, via a shot down Allied aircraft carrying radar. The Germans didn't get their own microwave radars into use until late 1944, too late to have any major effect on the outcome of the war. Oddly enough, the Japanese had also discovered how to use microwave radar in 1941 but had not shared this with their German allies. This shows how valuable military secrets can be. Had the Germans gotten the secret of microwave radar in 1941 or 1942, their anti-aircraft defenses would have been more formidable when the Allied bombing campaign went into high gear during 1944. There would have been a lot more Allied losses. It wouldn't have changed the outcome of the war, but would have killed a lot more British and American airmen.

What the British learned in World War II about collecting information on enemy electronic equipment is still valid today. Such information is not cheap to get, and is even more expensive if you don't get it. Today, ships, submarines, aircraft and satellites are used to get this information on other nations radars and electronic gadgets. Even during peacetime there are losses, for often the gathering involves getting close to foreign territory and sometimes get violent about such actions. Hundreds of Americans died during the Cold War while collecting these electronic signatures in peacetime. In wartime it is an even more costly process. But without this information, wars begin with enemy electronics operating at peak capacity, rather than crippled by jamming and other countermeasures. The need for this electronic information was appreciated early in World War II, thus beginning a process that will continue as long as weapons use electronic transmitters.

At the very end of 1942, the Allies introduced Oboe. This was a 430 km range ground radar device that calculated a friendly bombers precise location and sent signal to the bomber about when bombs should be dropped. This was used during the day as well, when overcast prevented bombers from seeing their targets. This was limited by the range of the Oboe radar, and was of no use for the many targets deep inside Germany. It was also, for all practical purposes, impossible to jam.

The year 1943 saw the introduction of many new devices that, by the end of the century would still be considered high technology. The first of these "modern" electronic device was introduced by the Allies, H2S. This was a ground mapping airborne radar, which could distinguish between water, cities and rural areas. For 1943, this was really high tech and all the bugs were not worked out until the end of 1943. The advantages of ground mapping radars were enormous. Since Europe was crowded with rivers and urban areas, navigators with the proper maps could always figure out where they were, day or night, no matter how much overcast there was. For large targets, like cities, ports or large industrial complexes, "bombing by radar" became a possibility, and an accurate one at that (at least by World War II standards.)

Perhaps the major flaw of electronic devices was that, if they sent out a signal, that signal could be traced. Thus by the end of 1943 the German night fighters were using Flensburg, an airborne receiver that could detect the allied Monica tail radar for up to 100 kilometers. This enabled the night fighter pilot to carefully stalk the bomber and get in his attack without as much danger from the bombers tail guns. But Flensburg, and the Naxburg device for detecting the H2S ground mapping radar, also made an earlier (Summer of 1943) innovation even more useful. This little item was not a piece of high tech gear, but a simple modification of a German night fighter and was called Schrage Musik ("Jazz".)

From the end of 1943 through the Spring of 1944 it appeared that the Germans were winning the battle for the night skies. Despite all the Allied efforts at jamming German radios and radars, the Germans were more successful at using radar and jammer detectors. And the use of Schrage Musik greatly reduced their night fighter losses. Between November, 1943 and March, 1944, the British sent out thirty-five major attacks against German cities. The night fighters destroyed 1,047 bombers and damaged 1,682 others. In one major raid, the British sent out 999 bombers, of which 97 were shot down. Night fighters launched 247 sorties and accounted for 79 of the British bombers lost. The difference in men lost was even more striking; 11 Germans versus 545 British.

The German success was misleading, however, in that most of the British bombers were still getting through. Moreover, the British night bombing was a stopgap until such time as daylight bombing could be done. This was what the American bombers began doing in late 1942. By late 1943, escorted by long range fighters, the American B-17s and B-24s were ranging all over Germany making accurate raids on German industrial targets. The British bombers were still dropping more bombs. Even in 1944, at the peak of the American effort, the British night bombers dropped 525 thousand tons of bombs versus 389 thousand tons for the American daylight bombers. The British bombing, although now considered "terror" raids against cities and their civilian populations, did have a serious impact on the German war effort. Millions of workers were diverted to dealing with the damage and the refugees.

Over half a million German troops were assigned to anti-aircraft defenses around the cities. And the night fighter force kept increasing, from 611 fighters at the end of 1943 to 1256 in January, 1945. The night raids made the cities unlivable and helped cripple the German transportation network.

The Germans did make their point, in early 1944 and throughout the war, that night fighters were a formidable weapon. Of the 11,965 British night bombers lost during the war, night fighters accounted for half (5,730) of them. But the Allies did not give up because of the night fighters ascendancy in early 1944. June of 1944 brought the Allied invasion of France and many of the night bombers were diverted to bombing missions in France, and adjacent areas, to support the invasion.

One thing that has obviously changed since World War II is the speed of innovation. Cyber War is more about software than hardware and that means new Cyber War weapons, or defenses, can be created in hours, or less. The side that has a demonstrated ability to innovate effectively and do it faster will have an edge. So with the above examples Cyber War suddenly has a past that can be simulated and provide a model for predicting the future of Cyber War or, rather, the first one.

Ein News: http://bit.ly/1qjrWAL

« Anonymous To Launch Cyberattacks Against Trump
CEOs Seek Out CIOs With A 'Bias For Action' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

RedShield Security

RedShield Security

RedShield is the world's first web application shielding-with-a-service company.

CloudAlly

CloudAlly

CloudAlly provides online cloud to cloud backup and recovery solutions, which backs up daily changes in your SaaS to unlimited Amazon S3 storage and makes it available for restore or export.

Risk Ident

Risk Ident

RISK IDENT specializes in supporting enterprises in identifying and preventing criminal activity like payment fraud, account takeovers and identity theft.

Assure IT

Assure IT

Assure IT is a Singapore company specialising in technology governance, risk and compliance.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Yarix

Yarix

Yarix is the leading company in Var Group’s Digital Security division and one of the most recognised, innovative and authoritative Italian companies in the IT security sector.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

ThreatCaptain

ThreatCaptain

ThreatCaptain is a Cybersecurity Leadership Development Company driven to enhance and illuminate cybersecurity risk through strategic alignment and informed business decision-making.

Enterprise Strategy Group

Enterprise Strategy Group

Enterprise Strategy Group, a division of TechTarget, is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.

Hubble

Hubble

Hubble grew from the idea that legacy solutions were failing to provide organizations with the asset visibility they needed to effectively secure and operate their businesses.

ViroSafe

ViroSafe

ViroSafe is a leading value-added distributor of IT security solutions in Norway.

Bastion Security Group

Bastion Security Group

Bastion Security combines the skills, expertise and leadership from Quantum Security, ZX Security, Helix Security and Cassini.