Friday, November 13, 2009

The Cyberwar Plan

Shane Harris from the National Journal checks in with this lengthy investigation of the United States's offensive cyber warfare capabilities. Its well worth the read given our upcoming focus on state-sponsored cyber espionage and warfare.

Highlights from this article include ...

At the request of his national intelligence director, Bush ordered an NSA cyberattack on the cellular phones and computers that insurgents in Iraq were using to plan roadside bombings. The devices allowed the fighters to coordinate their strikes and, later, post videos of the attacks on the Internet to recruit followers. According to a former senior administration official who was present at an Oval Office meeting when the president authorized the attack, the operation helped U.S. forces to commandeer the Iraqi fighters' communications system. With this capability, the Americans could deceive their adversaries with false information, including messages to lead unwitting insurgents into the fire of waiting U.S. soldiers.


shana said...

Introducing a new domain of warfare: cyberspace. Throughout the course we have looked at how technology is constantly developing and becoming more sophisticated. As we have transitioned away from privacy towards security we have recently spent our focus on terrorist and until reading this article I was unaware of how the government is currently using technology as its newest form of combat. I liked how under the Man-Made battlefield section, the article says that a fifth domain has been added to the traditional war domain of land, sea, air and space. The article presents some interest aspects that makes this new domain unique and the biggest threat. It is the only one that is man made and has no boundaries, its is everywhere and constantly growing and changing. I was impressed to see how much has been done in terms of government planning and decision making about using cypertatics as a form of warfare. The article makes it sound that President Bush is responsible for a majority of the first key steps toward developing the program with the appointment of Mike McConnell and Army Gen. David Petraeus. I was also surprised and appreciate the intense decision process behind deciding to do a cyberattack. The article addresses how the government is aware of the consequences to who/what they attack and others associated with them such as with the banking system. They also highlight that unlike other forms of warfare once cyber warfare is used it is easy to reuse and be acquired by another nation. Since the US has found this technique successful, they plan to continue using it. However, it is important to remember that the US is not acting alone other countries such as Russia are using this technique as well. The Russians use has allowed for case studies on success and failure in this type of warfare but also causes the US to be monitor and continue to be aware of the behavior of Russia and other countries using cyper warfare. After reading this article, I am curious to see what type of cyber attacks occur as well as what is next to come if cyber warfare is no longer an possibility of the future but tactic of the present.

Mike said...

Shana is correct, technology is fundamentally changing the way warfare is fought. The new fifth domain is not only man made but can continually be remade as new advancements come forth.

Reading this article I was impressed with the capability of the cyber attack but also curious what other kind of cyber attacks we have done, or are willing to do. When at war it seems obvious that cyberwar would be an acceptable tactic. But, it's important to remember an official war was never declared on Iraq, just an authorization of force. If we have actionable intelligence about terrorists operating on the border of Pakistan can we again use cyber warfare? Is the war on terror a sufficient justification?

I do not argue that the specific attack described in the article was justified but I merely ask under what situation would it not be justified? The fifth domain knows know country barriers. How we use cyberwar to achieve our objectives abroad is going to necessarily infringe on the sovereignty of other countries. These kind of attacks possibly open the US to reprisal attacks.

Keith Levinsky said...

I found it very interesting that cyber-war was part of the reason for the success of the surge. I only knew of the military success on the ground and never knew that the United States was using cyber-warfare to turn the tide. It also surprised me that cyber-war was used all the way back in 1999 in Kosovo.
According to Petraeus's doctrine and looking at the attack on Kosovo, the majority of the attacks seem to be attacks aimed at confusing the information the enemy receives. Most seem to be a combination of availability and integrity. The enemy's systems are compromised so that they receive false signals.
The United States needs to gain more intelligence in this field of cyber-warfare. The Kosovo Campaign and Raytheon's advertisement demonstrate the need for more cyber-warriors. The United States is still relatively ignorant in this field. Additionally, the article stated that we need more intelligence to keep pace with China and Russia. Cyber-warfare does pose an interesting threat to the United States's enemies and to the United States itself.

Rachel said...

The invention of the atomic bomb created a new kind of warfare. In the matter of a second, an entire land and its people can be destroyed. The threat of such an absolute destruction has caused a kind of standstill among countries (i.e. mutual assured destruction).

It's interesting to translate WMDs to the cyber world. The article mentioned the lessons we learned from the "Morris worm," and the unintended effects that a cyber attack can have for the agent executing it. In addition, as the article notes, atomic bombs are destroyed in the act, while cyber weapons not only remain but they also can be used by one's enemies in a counter-attack.

The above arguments make it seem like countries should act defensively; however, as we discussed in class, the advantage is to act on the offense (especially since technology is always changing, making it extremely hard to protect against future, unknown attacks). While I am still confused as to how countries should act within the cyber world, I agree with General Alexander when he mentions the necessity of creating a framework or doctrine of acceptable cyber behavior (otherwise, our enemies and our own leaders may not find out they've crossed the line until it's too late).

Dasha Pryamitsyna said...

Like the others who commented, I found the linked article very interesting and thought provoking. The section relating cyberspace to the fifth domain of warfare was particularly attention-grabbing because it highlights the importance of recognizing the expanded sphere of national security. However, unlike land, sea, and air confrontations (space can be excluded from this because it is currently relatively inaccessible for majority of nations) where lines of sovereignty are clearly demarcated and disputed areas are highly visible, cyberspace is a giant interconnected web with almost universal access but no obvious national boundaries. In other words, you don’t need to take an 18 hours flight and a visa to access a Chinese government website; you can do it from your house in Idaho.
And this is exactly what makes cyber-warfare, or information warfare, such a challenging topic to define and such a dangerous tool to utilize. Universal access and anonymity make is increasingly difficult to separate your friends from your enemies. Supposed friendlies and foes act as one when controlled by a third party botnet. Furthermore, the widespread use of proxies makes it increasingly difficult to locate the source and directors of any given attack.
The issue is further complicated when we consider the interdependence of all the networks around the world, and how an attack on one sector of the net constitutes an attack on the entire system. Like the domino-effect prediction that prevented the U.S. from attacking the Iraqi banking system early on in the conflict, we must consider the all the possible implications of releasing any kind of worm into the World Wide Wed with an offensive or defensive goal of a single nation.
One of the last topics touched upon in the article was the people who are already fighting in cyber space and those who will. One of the biggest problems with recruiting these “cyber-warriors” is that unlike traditional army recruits, these people are not so much attracted by the thrill of battle so much as by intellectual challenges and the freedom to explore the boundaries of the digital world. Another aspect of this issue is that like traditional mercenaries, people with the skills and knowledge to carry out a cyber attack or properly defend a network often times have financial motivations that outweigh national loyalties.
Basically, although there are many parallels that can be drawn between traditional warfare and cyber warfare, the distinct challenges presented by these types of information and security tactics should not be universally grouped under the umbrella of traditional to inter-state conflicts.

Keith Levinsky said...

I normally am in favor of offensive action but I slightly disagree with Rachel's comment that the United States should go on the offense. As was discussed in class, going on the offense with weapons like botnets could put the United States in further danger. Terrorists or other nations could read our botnets and learn more about our system and weaknesses. Also, as the article stated, the current capabilities of the United States are relatively small and low in numbers in comparison to other nations. On the other hand, some attacks could be utilized against terrorists, because they are not very advanced yet. Attacks against other nations against other nations, however would not be prudent.

Sydney said...

Some might claim that this fifth domain of warfare is more dangerous than any of the others. Cyberwar, and cyberspace in general, is dangerous because it is so much of an unknown. To this day we are baffled by the seemingly limitless capabilities of a system that we created.

The biggest problem with the war in cyberspace is that it is constantly evolving and changing. As advancements continue to be made in cyberspace new methods for destruction continue to develop, as well. Try as we might, every step forward is still a step behind, because if a defensive shield is found, it inherently comes with an offensive to shatter that shield, as well.

It is very interesting to learn that cyber-attacks helped affect the battle in Iraq. To know that the United States has these capabilities is comforting, even if the article does tell us that "Cyberspace is... the domain that, as of now, the United States stands the greatest chance of ceding to another nation."

Yet, as we discussed in class, it is difficult to determine just how much can be done in cyberspace defensively, without it seeming to be an offensive maneuver. Dancing around just how much we can do in terms of defending ourselves and our fellow citizens is a problem that needs to be resolved quickly and efficiently if we ever hope to be secure in our networks.

Justin McCarthy said...

This article suggests a cyberspace war, an us-vs.-them post-Cold War quagmire with China. The takeaway point seems to be that the only way we can survive this arms race is to beat the Chinese at their own spying game. At the same time, however, there are clearly those on both sides of the fence that wish to resolve the issue diplomatically. The Third Annual China-U.S. Internet Forum was held this weekend, and the theme was "Communicating and Cooperating to Cope with Challenges"
Over 130 Chinese and Americans, including those associated with well-known Internet enterprises, organizations and academic institutions participated in the forum. The overall goal of the forum seemed to be twofold: exchange views, and enhance trust. Discussion topics ranged from security to pornography, and the discrepancies between what both countries feel is appropriate on the internet were no doubt made clear. Efforts like this seek to assuage the seemingly-imminent China-U.S. technological war, and should be encouraged as the preferable alternative to an arms race.

Brodi said...

Like the others, the fact that cyberwarfare being considered a threat is remarkable because even 15, 25, 35 years ago it was unimaginable. What is interesting, as others eluded to, is the fact that there is not necessarily a "definable" enemy nor battleground. Instead, it is more of an abstract, that is very difficult to not only attack, but to defend yourself against it. It would seem that the most logical thing to do, at least for the United States, would be to offensively attack. Being a sitting duck and waiting to defend against such an attack is not only irresponsible, but seemingly near impossible to prevent. But in the same light, what if you attack the "wrong" person/group/country/etc and all hell really does break loose - as it goes back to the abstract enemy/battleground.