What a Cyber War Arsenal Looks Like

 

The Pentagon has made clear in recent weeks that cyber warfare is no longer just a futuristic threat it is now a real one.

US government agency and industry computer systems are already embroiled in a number of nasty cyber warfare campaigns against attackers based in China, North Korea, Russia and elsewhere. As a counterpoint, hackers with ties to Russia have been accused of stealing a number of Pres. Barack Obama’s e-mails, although the White House has not formally blamed placed any blame at the Kremlin’s doorstep. The Obama administration did, however, call out North Korea for ordering last year’s cyber attack on Sony Pictures Entertainment.

The battle has begun. “External actors probe and scan US Department of Defense (DoD) networks for vulnerabilities millions of times each day, and over 100 foreign intelligence agencies continually attempt to infiltrate DoD networks,” Eric Rosenbach, assistant secretary for homeland defense and global security, testified in April before the US Senate Committee on Armed Services, Subcommittee on Emerging Threats and Capabilities. “Unfortunately, some incursions, by both state and nonstate entities, have succeeded.”

After years of debate as to how the fog of war will extend to the Internet, Obama last month signed an executive order declaring cyber attacks launched from abroad against US targets a “national emergency” and levying sanctions against those responsible. Penalties include freezing the US assets of cyber attackers and those aiding them as well as preventing US residents from conducting financial transactions with those targeted by the executive order.
Deterrence of this type can only go so far, of course, which is why the DoD last month issued an updated version of its cyber strategy for engaging its adversaries online. The plan outlines Defense’s efforts to shore up government networks, systems and information as well as those run by US companies.

If cyber attacks continue to increase at the current rate, they could destabilize already tense world situations, says O. Sami Saydjari, a former Pentagon cyber expert who now runs a consultancy called the Cyber Defense Agency. “Nations must begin to create real consequences for malicious action in cyberspace because they are leading, in aggregate, to serious damage, and there is potential for much larger damage than we have seen so far,” he adds.

A major part of the DoD’s cyber strategy is to bolster the Pentagon’s “cyber mission force,” which the department began forming in 2013 to carry out its operations in cyberspace. Although the unit will not be fully operational before 2018 the unit is expected to have nearly 6,200 military, civilian and contractors—divided into 13 teams—working across various military departments and defense agencies to “hunt down online intruders,” Defense Secretary Ashton Carter said last month during a lecture delivered at Stanford University.

The strategy does not go into detail about which digital weapons the cyber mission force will deploy to fight its campaigns. That information can instead be gleaned from the malicious software—“malware”—already rampant on the Internet as well as military technologies designed to disrupt digital communications. The Stuxnet worm that sabotaged Iran’s Natanz uranium enrichment plant in November 2007 is an early example of cyber war weaponry. No one has officially claimed ownership of Stuxnet although much speculation points to the US and Israel as its authors. A related piece of strategic malware known as Flame is subtler, stealthily gathering information and transmitting it via Bluetooth while avoiding detection.

The components of cyber warfare are the very same components as warfare using guns and explosives, only much faster, Saydjari says. An attacker would seek to damage a critical infrastructure such as power, telecommunications or banking by damaging the computer systems that control those infrastructures. “The instrument of creating that damage is generally some form of malicious software that is inserted into such systems by a variety of means including hacking into the system by taking advantage of some known but as yet unpatched or as yet undiscovered vulnerability,” he adds.

China recently admitted that it has both military and civilian teams of programmers developing digital weapons, and documents disclosed by National Security Agency whistle-blower Edward Snowden indicate China has developed malware to attack US Defense Department computers and even steal sensitive information about the F-35 Lightning II fighter plane that Lockheed Martin is developing for the US Air Force. “All technically savvy countries are developing both offensive and defensive capabilities to prepare for the potential of cyber conflict both by itself and as one aspect of broader conflicts including kinetic warfare, which involves bombs and bullets,” Saydjari says. “The goal of many such countries is to be able to exercise complete dominance and control over any part of cyberspace, anywhere and anytime it serves their national interests.”

The Air Force Research Laboratory is soliciting projects that could furnish cyber deception capabilities for use by commanders to “provide false information, confuse, delay or otherwise impede cyber attackers to the benefit of friendly forces.” Another aspect of cyber warfare could be the use of cyber electromagnetic activities to “seize, retain and exploit an advantage over adversaries and enemies in both cyberspace and the electromagnetic spectrum,” according to a US Army report on the subject. Electromagnetic attacks have already struck in South Korea where more than 500 aircraft flying in and out of that country’s Incheon and Gimpo airports reported GPS failures in 2010, IEEE Spectrum reported in 2014. The source of the electromagnetic fields was traced to the North Korean city of Kaesong, about 50 kilometers north of Incheon.

Cyber war itself may be difficult to define but cyber treaties pose an even bigger challenge. “In some sense it is a bit like asking bank robbers in the old Wild West to negotiate a non–bank-robbing treaty,” Saydjari says. “Many countries are benefiting from the lack of rules. Many countries are exploring this new arena of warfare and do not quite understand it well enough to agree to stop exploring it.”

Even more importantly, he adds, it is very difficult to attribute responsibility to actions within cyberspace because of its complexity, “so imposing consequences to treaty violation would be problematic.”


Ein News

 

« China Security Bill Calls for ‘Cyber Sovereignty’
Who’s Afraid Of Superhumanity? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

UpGuard

UpGuard

UpGuard's discovery engine brings visibility to complex IT environments, enabling teams to identify risk, confirm compliance and make business safer.

Capita

Capita

Capita is a consulting, digital services and software business, providing end-to-end enterprise IT services and solutions focused around digital transformation and innovation.

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

Raytheon Technologies

Raytheon Technologies

Raytheon Intelligence & Space delivers solutions that protect every side of cyber for government agencies, businesses and nations.

Circadence

Circadence

Circadence offer the only fully immersive, AI-powered, patent-pending, proprietary cybersecurity training platform in the market today.

Centro de Gestion de Incidentes Informaticos (CGII)

Centro de Gestion de Incidentes Informaticos (CGII)

CGII is the Computer Incident Management Center of the State of Bolivia.

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC) is an information security company providing website vulnerability scanning and monitoring services.

World Informatix Cyber Security (WICS)

World Informatix Cyber Security (WICS)

World Informatix Cyber Security provides a range of cyber security services to protect valuable information assets to global business and governments.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

Etisalat and (e&)

Etisalat and (e&)

Etisalat Group is one of the world’s leading telecom groups in emerging markets.

Security BSides Cayman Islands

Security BSides Cayman Islands

Security BSides is a non-profit, community-driven event built for and by information security community members. Our aim is to help build an Information Security community in the Cayman Islands.

J.S. Held

J.S. Held

J.S. Held is a global consulting firm providing technical, scientific, and financial expertise across all assets and value at risk.

VP Techno Labs

VP Techno Labs

VP Techno Labs is an award-winning cybersecurity firm focusing only cybersecurity to develop cutting edge solutions for emerging business.

Rampart AI

Rampart AI

Tackling DevSecOps Issues In Application Security. Rampart has revolutionized the shift left security approach, applying zero-trust to application development.

DynTek

DynTek

DynTek delivers exceptional, cost-effective professional IT consulting services, end-to-end IT solutions and managed IT services.

BTQ Technologies

BTQ Technologies

BTQ is a global quantum technology company focused on securing mission critical networks.