What a Cyber War Arsenal Looks Like

 

The Pentagon has made clear in recent weeks that cyber warfare is no longer just a futuristic threat it is now a real one.

US government agency and industry computer systems are already embroiled in a number of nasty cyber warfare campaigns against attackers based in China, North Korea, Russia and elsewhere. As a counterpoint, hackers with ties to Russia have been accused of stealing a number of Pres. Barack Obama’s e-mails, although the White House has not formally blamed placed any blame at the Kremlin’s doorstep. The Obama administration did, however, call out North Korea for ordering last year’s cyber attack on Sony Pictures Entertainment.

The battle has begun. “External actors probe and scan US Department of Defense (DoD) networks for vulnerabilities millions of times each day, and over 100 foreign intelligence agencies continually attempt to infiltrate DoD networks,” Eric Rosenbach, assistant secretary for homeland defense and global security, testified in April before the US Senate Committee on Armed Services, Subcommittee on Emerging Threats and Capabilities. “Unfortunately, some incursions, by both state and nonstate entities, have succeeded.”

After years of debate as to how the fog of war will extend to the Internet, Obama last month signed an executive order declaring cyber attacks launched from abroad against US targets a “national emergency” and levying sanctions against those responsible. Penalties include freezing the US assets of cyber attackers and those aiding them as well as preventing US residents from conducting financial transactions with those targeted by the executive order.
Deterrence of this type can only go so far, of course, which is why the DoD last month issued an updated version of its cyber strategy for engaging its adversaries online. The plan outlines Defense’s efforts to shore up government networks, systems and information as well as those run by US companies.

If cyber attacks continue to increase at the current rate, they could destabilize already tense world situations, says O. Sami Saydjari, a former Pentagon cyber expert who now runs a consultancy called the Cyber Defense Agency. “Nations must begin to create real consequences for malicious action in cyberspace because they are leading, in aggregate, to serious damage, and there is potential for much larger damage than we have seen so far,” he adds.

A major part of the DoD’s cyber strategy is to bolster the Pentagon’s “cyber mission force,” which the department began forming in 2013 to carry out its operations in cyberspace. Although the unit will not be fully operational before 2018 the unit is expected to have nearly 6,200 military, civilian and contractors—divided into 13 teams—working across various military departments and defense agencies to “hunt down online intruders,” Defense Secretary Ashton Carter said last month during a lecture delivered at Stanford University.

The strategy does not go into detail about which digital weapons the cyber mission force will deploy to fight its campaigns. That information can instead be gleaned from the malicious software—“malware”—already rampant on the Internet as well as military technologies designed to disrupt digital communications. The Stuxnet worm that sabotaged Iran’s Natanz uranium enrichment plant in November 2007 is an early example of cyber war weaponry. No one has officially claimed ownership of Stuxnet although much speculation points to the US and Israel as its authors. A related piece of strategic malware known as Flame is subtler, stealthily gathering information and transmitting it via Bluetooth while avoiding detection.

The components of cyber warfare are the very same components as warfare using guns and explosives, only much faster, Saydjari says. An attacker would seek to damage a critical infrastructure such as power, telecommunications or banking by damaging the computer systems that control those infrastructures. “The instrument of creating that damage is generally some form of malicious software that is inserted into such systems by a variety of means including hacking into the system by taking advantage of some known but as yet unpatched or as yet undiscovered vulnerability,” he adds.

China recently admitted that it has both military and civilian teams of programmers developing digital weapons, and documents disclosed by National Security Agency whistle-blower Edward Snowden indicate China has developed malware to attack US Defense Department computers and even steal sensitive information about the F-35 Lightning II fighter plane that Lockheed Martin is developing for the US Air Force. “All technically savvy countries are developing both offensive and defensive capabilities to prepare for the potential of cyber conflict both by itself and as one aspect of broader conflicts including kinetic warfare, which involves bombs and bullets,” Saydjari says. “The goal of many such countries is to be able to exercise complete dominance and control over any part of cyberspace, anywhere and anytime it serves their national interests.”

The Air Force Research Laboratory is soliciting projects that could furnish cyber deception capabilities for use by commanders to “provide false information, confuse, delay or otherwise impede cyber attackers to the benefit of friendly forces.” Another aspect of cyber warfare could be the use of cyber electromagnetic activities to “seize, retain and exploit an advantage over adversaries and enemies in both cyberspace and the electromagnetic spectrum,” according to a US Army report on the subject. Electromagnetic attacks have already struck in South Korea where more than 500 aircraft flying in and out of that country’s Incheon and Gimpo airports reported GPS failures in 2010, IEEE Spectrum reported in 2014. The source of the electromagnetic fields was traced to the North Korean city of Kaesong, about 50 kilometers north of Incheon.

Cyber war itself may be difficult to define but cyber treaties pose an even bigger challenge. “In some sense it is a bit like asking bank robbers in the old Wild West to negotiate a non–bank-robbing treaty,” Saydjari says. “Many countries are benefiting from the lack of rules. Many countries are exploring this new arena of warfare and do not quite understand it well enough to agree to stop exploring it.”

Even more importantly, he adds, it is very difficult to attribute responsibility to actions within cyberspace because of its complexity, “so imposing consequences to treaty violation would be problematic.”


Ein News

 

« China Security Bill Calls for ‘Cyber Sovereignty’
Who’s Afraid Of Superhumanity? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Professional Information Security Association (PISA)

Professional Information Security Association (PISA)

PISA is an independent and not-for-profit organization for information security professionals, with the primary objective of promoting information security awareness and best practice.

vArmour

vArmour

vArmour is the industry’s first distributed security system that provides insight and control for multi-cloud environments.

RiskLens

RiskLens

RiskLens is a software company that specializes in the quantification of cybersecurity risk.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

Somansa

Somansa

Somansa is a global leader in Data Security and Compliance solutions designed to protect valuable company information from leakage and help meet regulatory compliance requirements.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

Database Cyber Security Guard

Database Cyber Security Guard

Database Cyber Security Guard (aka Don't Be Breached) informs Security Professionals and DBAs of Zero Day, Ransomware and Data Breach attacks within milli-seconds

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

Active Navigation

Active Navigation

Active Navigation is a data privacy and governance software company.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

Toothpic

Toothpic

ToothPic has invented, designed, developed and patented a solution to enable companies to turn every smartphone into a secure key for a user-friendly online authentication.

Ward Solutions

Ward Solutions

Ward Solutions are an information security consultancy and managed services company. We help organisations protect their brand, people, assets, intellectual property and profits.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

LogicMonitor

LogicMonitor

LogicMonitor provides SaaS-based IT infrastructure monitoring services for on-premises and multi-cloud environments.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.