Launching Stealth Warfare
Attacks in cyberspace may be prelude to future conventional conflicts.
A U.S. Air Force hot bench team at the Global Cyberspace Integration Center examines software and information systems for potential problems before they are delivered to warfighters. Cyberspace could be the first line of offense in future warfare.
The next “shot heard ’round the world” may turn out to be the surreptitious movement of millions of bits and bytes careening through cyberspace. Suspicions already surround the cyberactivity that took place in the weeks before
Brig. Gen. Mark O. Schissler, USAF, director, cyberspace operations, Office of the Air Force Deputy Chief of Staff for Operations, Plans and Requirements, believes the U.S. Defense Department should take note of these cyberattacks but cautions that not all malicious cyberactivities are the same, so the lessons to be learned are limited.
Several facts are universal, however, and among them is the urgent need to ramp up defense of the
Although strategies to defend against the effects of cyberwarfare must vary, the incidents in
The DOS attack on Estonian infrastructure affected the country and would have a similar effect on American cities, Gen. Schissler predicts. “It’s inconvenient, but it’s something you can recover from in a matter of hours or certainly in a day or two if it’s not persistent. But for the time it goes on, things such as banking and communication and in some places, even things like the 911 service, if it’s digitally based, are all at risk if your network is overwhelmed and there’s not any other method to reroute traffic,” he adds.
Gen. Schissler calls the cyberattack on
The attack on
This ability to attack an organization or even a nation surreptitiously is precisely what makes cyberwarfare so dangerous and attractive. The general notes that, unlike conventional warfare in which the militaries of nations identify themselves through uniforms and insignia, cyberattacks continue to be incredibly hard to ascribe to specific countries or individuals. “It usually comes fairly well disguised and below the surface, and you can’t attribute who did it and for what purpose very well either during or after the event,” Gen. Schissler says. Similar to malfunctions on personal computers, it is difficult to say if they are the result of malicious intent or just being in the wrong place at the wrong time, he adds.
One of the reasons that cyberattacks are so stealthy is that the ability to launch activities such as DOSs has changed. “Now we know that affecting a denial-of-service attack, even by a group of civilians, is actually pretty easy to do. You can have the pieces in play and in place long before you’re ready to flip the switch and make it happen,” the general maintains.
Botnets are one tool in a cyberadversary’s toolbox. Using someone else’s computer as a way station, innocent computer users become part of the attack mechanism without their knowledge. “Folks have figured out how to do that, and they’re very effective at it,” Gen. Schissler notes.
“Those things just used to be inconvenient. When you get into denial of service, it could affect your whole network, capability and things like banking and 911 emergency services. I’m not suggesting that happened in
But Gen. Schissler observes that another aspect of cyberattacking that has changed during the past several years is the desire for notoriety. In the 1990s and earlier this century, hackers as well as nation-state militants were eager to claim responsibility as a sign of their prowess and power. Today, wreaking havoc, then slyly sneaking away is more likely to happen.
“We’re dealing with folks who are pretty exquisite in their skills, and they’re very good at covering their tracks. And that should sound very familiar to you because that’s what criminals do. If they’re hacking for a purpose, then they have a criminal mind, and they’re going to figure out how to create either deniability or just to cover their tracks pretty well. We’re on the crux of what makes cyber so much different from any other kind of activity. Most of the traditional rules and policies just don’t apply. Attribution is one of those,” the general states.
In addition to the desire to remain anonymous, the general has observed another change on the cyberhorizon: an exponential increase in activity. He likens it to
The general says he views cyberspace as equal to air, land, sea and space in terms of warfare domains. As a mission operator or planner, his best plan would include approaching adversaries where they are most vulnerable, and that includes cyberspace, he states.
“Cyberspace is one of the most asymmetric approaches in warfare, and that’s why most military planners would now factor it in as they make an [offensive] plan or a defensive plan. They would think about the cyberspace domain and how they could use it, how they’ll need to defend it to maintain their own capability and how the adversary could use it coming at them even … if you’re just involved in a ground activity,” Gen. Schissler says.
One means to prepare to sustain a cyberattack is by ensuring redundancy is built into all capabilities. This can be as straightforward as having more than one of each item, just as military airplanes now carry four, five and sometimes six radios should one be lost during operations, he adds.
Gen. Schissler emphasizes that it is not only the military that must take these types of precautions but also the government and private sectors. “The answer is we have to collaborate and cooperate in a way that we never have before. Government, academia, business, we all share the same risks if we’re unwilling to cooperate and collaborate on issues related to cyber,” he maintains.
Cooperation and leadership are central to a report titled “Securing Cyberspace for the 44th Presidency” (SIGNAL Connections, January 2009). The report was created by a commission led by Rep. James R. Langevin (D-RI); Rep. Michael T. McCaul (R-TX); Scott Charney, vice president for trustworthy computing, Microsoft Corporation; and Lt. Gen. Harry D. Raduege Jr., USAF (Ret.), chairman, Deloitte Center for Network Innovation, under the auspices of the Center for Strategic and International Studies (CSIS). The yearlong study resulted in 25 different but interrelated recommendations. It includes strategic concepts and recommendations; it does not include a significant amount of details because the commissioners felt that President Barack Obama’s administration needs to develop the specifics further, Gen. Raduege states.
Gen. Schissler has high praise for the commission. “CSIS was most prescient in describing the future risks for
The general also applauds the thoroughness of the report and the recommendations. “I would say we should read the CSIS report with the same level of interest that we read everything we could find right after the airplanes hit the towers in
Gen. Schissler is referring to the “Road Map for National Strategy: Imperative for Change.” The U.S. Commission on National Security/21st Century published the report in early 2001, before the September 11, 2001, terrorist attacks; it includes five key areas in need of organizational change. The first among them was ensuring the security of the American homeland by creating an independent National Homeland Security Agency that would be responsible for planning, coordinating and integrating various government activities involved in homeland security.
“CSIS has described the future risks to all nations well, and it has some very good steps that we should study closely. I would look at that as almost a checklist, and we should think seriously about every one of those recommendations. And, if we’re not going to adopt one, convince ourselves why not,” Gen. Schissler maintains.
“We have to learn from the things that happened yesterday, a week ago and a month ago if we are going to be at all prepared for what’s going to happen this week and next month,” he adds.
“Securing Cyberspace for the 44th Presidency”: www.csis.org/component/option,com_csis_pubs/task,view/id,5157/type,1/
“Road Map for National Security: Imperative for Change”: http://govinfo.library.unt.edu/nssg/PhaseIIIFR.pdf