Overblog
Suivre ce blog
Editer l'article Administration Créer mon blog
4 février 2015 3 04 /02 /février /2015 12:35
Information Warfare: China Preps For Cybergeddon

 

January 21, 2015: Strategy Page

 

An American government official, Xiafen Chen, was arrested in October and charged with supplying China with classified data about American dams. This is part of a Chinese effort to collect detailed data on American infrastructure and other economic targets to support preparations for Internet based attacks on these facilities in wartime, or anytime. Xiafen Chen and her husband moved to the U.S. from China in 1992 and later became American citizens. The FBI found emails in which Xiafen Chen discusses the data she took from U.S. government databases and passed to senior Chinese officials.

 

The U.S. government has been aware of this Internet threat for over a decade and has been trying to develop a way to respond to a serious Cyber War attack, one in which the attacker does not reveal who they are. The data the Chinese received from Xiafen Chen could be used for such an attack.

 

Back in 2010 American officials created lists of the types of kind of attacks that would qualify as an "act of war", and thus deserving of a violent response. That was easy enough if there was substantial physical damage from the attack. This was the case in Iran during 2010 after the Stuxnet worm got finished with their uranium enrichment centrifuges. Similar damage could be done to electrical power systems, water and sanitation utilities and some kinds of industrial facilities (steel making, chemical, refineries, and so on.)

 

The big problem is not proving some malignant software was inserted in a facility and did damage. The big problem is proving who did it. While you can trace an attack, you can also, as the attacker, leave a false trail to another location (in another country). What the Americans are apparently trying to do is establish criteria for "network forensics" (investigating an attack and tracing where who came from where for what purpose) that will be widely accepted. At present, there are no such generally accepted criteria for proving who carried out a Cyber War attack.

 

The United States is apparently seeking to establish a method of identifying those who make these attacks and obtain international recognition of that guilt, so that America can then deliver some kind of retribution. This may involve nuclear weapons, but that would be a last resort. There are many other punishments that can be used, from diplomatic, economic, and up through non-nuclear military actions. Meanwhile, the United States is hustling, at least as far as press releases go, to improve American defenses against Cyber War class attacks. Catching Chinese spies and finding out what kind of data they were dealing in helps with this.

 

Meanwhile there is growing resistance to calls for more government regulations and mandates meant to protect America from this Internet based aggression. Civilian organizations fear that the government intervention will hurt network security. Worse, it's difficult to get a rational discussion going on the subject, not with all the fear mongering by the mass media and government officials, plus defense contractors looking for more money.

 

For example, the FBI (which is responsible for detecting and investigating Internet based crime) has been issuing increasingly scary warnings that America is becoming ever more vulnerable to "cybergeddon" (a massive attack via the Internet that would cripple the economy, government and military.) The FBI admits that it has a hard time getting more money for their Internet security efforts. And a major reason is that the threat is largely invisible. A picture of a nuclear bomb going off, or of enemy tanks and warships ready to attack, makes a much more effective impression on the politicians who dole out the money. The NSA (National Security Agency) actually gets a lot of money for this work, but their effort is largely classified and no press releases are involved.

 

The FBI also wants to get the Department of Defense Internet defense operations more involved in national level defense against network based attacks. But the four services have a hard time agreeing to coordinate their efforts to defend military use of the Internet when under massive hacker attack. Thus the FBI plea for help sort of falls on distracted ears. But a growing number of politicians, and headline hungry journalists, are seeking to change that. The problem is, no one is exactly sure of how to do that.

 

While the politicians are eager to "do something," there is little consensus on exactly what the something should be, and to what degree the government should be involved. For example, Internet technology changes far more quickly than new laws can be passed to adapt and keep up. Companies fear that government interference will drive their operating costs up, while providing little, or no, protection from Cyber War attacks.

 

A big problem is that there hasn't been a proper, all-out Cyber War yet. There have been lots of skirmishes, but nothing approaching what a no-holds-bared battle, via the Internet, would be. What would the first Cyber War be like? Let's be blunt, no one really knows. But based on the cyber weapons that are known to exist, and the ones that are theoretically possible, one can come up with a rough idea.

 

First, there are three kinds of Cyber War possible. Right now, we have limited stealth operations (LSO), as Chinese, Russian, and others, use Cyber War techniques to support espionage efforts. China is the biggest practitioner, or at least they have been caught most often. But getting caught carrying out Cyber War operations does not mean you have any human prisoners, just a pile of computer forensics. The Chinese simply deny everything and carry on.

 

Next comes Cyber War only (CWO). This is open use of a full range of Cyber War weapons. No one has admitted doing this yet, and it's potentially less dangerous than firing missiles and unleashing tank divisions. It is believed that Russia indulged in this in 2007, when Estonia infuriated the Russians by moving a World War II statue memorializing the Soviet "liberation" of Estonia (which didn't want to be liberated by the Soviet Union.) Russia denied responsibility for the massive Cyber War assaults on Estonia, which nearly shut down the nation's Internet infrastructure. Estonia accused Russia of being responsible, and tried to invoke the NATO mutual-defense pact. NATO Cyber War experts went to Estonia, and shortly thereafter the attacks stopped. Apparently Russia got the message that this sort of thing could escalate into something more conventional, and deadly. This sort of thing is being cited by the United States as a reason for coming up with "this is war" criteria. Russia again used such tactics against Georgia in 2008 and Ukraine in 2014-15.

 

Then we have Cyber War in support of a conventional war. Technically, we have had this sort of thing for decades. It has been called "electronic warfare" and has been around since World War II. But the development of the Internet into a major part of the planet's commercial infrastructure, takes "electronic warfare" to a whole other level. Cyber War goes after strategic targets, not just the electronic weapons and communications of the combat forces.

 

A successful Cyber War depends on two things; means and vulnerability. The "means" are the people, tools and cyber weapons available to the attacker. The vulnerability is the extent to which the enemy economy and military use the Internet and networks in general. We don't know who has what Cyber War capabilities exactly, although China and the U.S. have openly organized Cyber War units, and both nations have lots of skilled Internet experts.

 

Vulnerability is another matter. The United States is the most exposed to Cyber War attack because, as a nation, Americans use the Internet more than any other country. That's the bad news. The good news is that if an attacker ever tried to launch a Cyber War by assaulting the U.S., it could backfire. This risk has to be kept in mind when considering what a Cyber War might do. Recall military history. The Pearl Harbor attack in 1941 actually backfired on the Japanese, by enraging Americans and unleashing a bloodthirsty response that left Japan in ruins. The lesson of the original Pearl Harbor is, if you're going to hit someone this way, better make it count. If your opponent is bigger than you, and gets back up, you could be in some serious trouble.

 

The big problem with Cyber War is that there has not been a lot of experience with it. Without that, no one is really sure what will happen when someone attempts to use it at maximum strength. But unlike nuclear weapons, there is far less inhibition about going all-out with Cyber War weapons. That is the biggest danger. Cyber War is a weapon of growing might, and little restraint by those who wield it. Things are going to get a lot worse.

Partager cet article

commentaires

Présentation

  • : RP Defense
  • RP Defense
  • : Web review defence industry - Revue du web industrie de défense - company information - news in France, Europe and elsewhere ...
  • Contact

Recherche

Articles Récents

  • Chronique culturelle - 24 Nov.
    24 novembre 1977 : premier vol du Super Etendard de série 24.11.2016 source JFP 24 novembre 885 : début du siège de Paris par les Vikings. Très actifs durant le IXè siècle, les Vikings ont pris l’habitude de remonter les fleuves du Nord de la France pour...
  • Sortie en librairie le 21 novembre du livre LÉGIONNAIRE
    source MAREUIL EDITIONS Pour la première fois, un ancien officier de la Légion et un Légionnaire donnent la parole à 64 de leurs camarades. Pendant 2 ans, Victor Ferreira a rencontré près d’une centaine de Légionnaires à travers le monde en leur posant...
  • Brazilian Navy H225M Naval Combat Configuration
    17 nov. 2016 Airbus Helicopters Helibras and Airbus Helicopters have opened a new chapter in the history of the H225M multirole utility helicopter with the official presentation of the first aircraft in naval combat configuration. More info Helibras and...
  • Chronique culturelle - 17 Nov.
    La Bataille du Pont d'Arcole - Horace Vernet 17.11.2016 source JFP 17 novembre 1794 : début de la bataille de la Sierra Negra (Espagne) « opposant les troupes des généraux de Pérignon et Dugommier à celles du général espagnol de Carvajal. Cette victoire...
  • Le CEAM présente le CEILDT - Centre d’Expertise et d’Instruction des Liaisons de Données Tactiques
    15 nov. 2016 CEAM Petit clip de présentation sur le Centre d’Expertise et d’Instruction des Liaisons de Données Tactiques (CEILDT). Petit clip de présentation sur le Centre d'Expertise et d'Instruction des Liaisons de Données Tactiques (CEILDT).
  • Audition de M. Marwan Lahoud, président du groupement des industries françaises aéronautiques et spatiales
    photo Aseemblée Nationale 9 novembre 2016 Commission de la défense nationale et des forces armées - Compte rendu n° 15 Présidence de Mme Patricia Adam, présidente — Audition, ouverte à la presse, de M. Marwan Lahoud, président du groupement des industries...
  • Chronique culturelle - 15 Nov.
    Jean Gabin, chef de char du Régiment Blindé de Fusiliers Marins 15.11.2016 source JFP 15 novembre 1315 : bataille de Morgarten (Suisse actuelle). Convoités à la fois par la Bavière et l'Autriche, les Cantons suisses (Uri, Schwytz et Unterwald) donnent...
  • Chammal : les artilleurs appuient les forces irakiennes
    10 nov. 2016 Ministère de la Défense Opération Chammal : les artilleurs de la Task Force Wagram appuient les forces irakiennes et participent à la sécurisation des zones conquises aux alentours de Mossoul. Opération Chammal : les artilleurs de la Task...
  • Chronique culturelle - 10 Nov.
    La bataille de Tolbiac, toile marouflée, Panthéon de Paris, France - Joseph Blanc (1846-1904) 10.11.2016 source JFP 10 novembre 496 : bataille de Tolbiac (Zulpich - Allemagne actuelle). Le roi Clovis écrase les Alamans près de l'actuelle ville de Cologne...
  • Chronique culturelle - 9 Nov.
    Bataille de Coulmiers - Prise d'Orléans - 9 novembre 1870 09.11.2016 source JFP 9 novembre 1799 : coup d'Etat du 18 brumaire . Le général Bonaparte est porté au pouvoir par un coup d'Etat qui dure jusqu'au 11 novembre, mettant fin au Directoire et initiant...

Categories