A New Age of Warfare

Uploaded on 2019-06-25 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

The US is cyber-attacking Russia’s power grid, just as Russia is hacking the US and both are engaged in offensive hacking in ways that are more aggressive than in the past. But Is this hacking really much different from what’s gone on for many years? Does it boost the chances of a cyber arms race or a cyberwar?

One thing is clear: Cyberspace is now seen by senior miltary officers and officials as just another “domain” of warfare, along with air, land, sea, and space. But there’s something different and more dangerous about this domain: 

It takes place out of sight, its operations are so highly classified that only a few people know what’s going on there, and it creates an inherently hair-trigger situation, which could unleash war in lightning speed with no warning. All the major cyber powers, the United States, Russia, China, Israel, France, Britain, and perhaps to some extent, Iran, Syria, and a few others, have been able to hack into one another’s “critical infrastructure” such as, power grids, financial systems, transportation lines, water works, which have been hooked up to computer networks for the past 25 years. From time to time, these countries have actually hacked into these things.

In one sense, these intrusions are no different from any other form of intelligence gathering. In another sense, though, they’re very different. 

With cyber operations, once you’ve hacked into a network, you can disrupt or disable it. Exploring a network and destroying it involve the same technology, personnel, and know-how; it takes just one step, and next to no time, to go from exploring to destroying. In a crisis, one or more of these countries might launch a cyberattack, if just to preempt one of the other countries from doing it first. The very existence of the implants makes a preemptive attack more likely.

There’s another disturbing development in cyberwar: The whole enterprise has slipped out of the oversight and control of our political leaders. 

Last summer, President Donald Trump signed a classified directive giving US Cyber Command leeway to mount cyber offensive operations at its own initiative. Before then, such operations, even tactical operations on the battlefield, had to be personally approved by the president. The premise of the old policy, during the Bush II and Obama administrations, was that cyber weapons were something new: Their effects were somewhat unpredictable and could spiral out of control. 
One consequence is that Cyber Command now feels less constrained about going on the offensive. 

Richard Clarke, the former cybersecurity chief in President Bill Clinton’s White House and co-author of a forthcoming book on cyberwar called The Fifth Domain, said in an email, “The Trump administration may be trying to create a situation of Mutually Assured Destruction, similar to the 1960s strategic nuclear doctrine.” However, Clarke added, “Cyber is different in many ways.” First is the issue of what strategist’s call “crisis instability”, the hair-trigger situation, in which one side might launch an attack, in order to preempt the other side launching an attack. 

There is also the uncertainty of “attribution”, the country attacked might not know for certain who planted the malicious code and might mistakenly strike back at an innocent party, thus triggering an inadvertent war.

US Cyber Command was founded in 2009. It has since grown enormously, in size, scope, mission, and, since last summer’s directive, autonomy. Cyber offensive technology has been around for much longer still. Cyberwar technology has evolved far more quickly than the thinking about how to use the technology in wartime. 

With last summer’s directive taking its use out of the control and supervision of our political leaders, the decisions to use it will be made entirely by the military officers who developed the technology, and whose budgets depend, in part, on its growing prominence.

Slate:           I-HLS:

You Might Also Read:

The ‘Rules’ Of Modern Warfare Are Being Rewritten:

 

 

« Cyber Criminals Have Created An Invisible Internet
Russia's National AI Strategy Takes Shape »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Security Industry Association (SIA)

Security Industry Association (SIA)

The SIA's mission is to be a catalyst for success​ within the global security industry through information, insight and influence.

InteliSecure

InteliSecure

InteliSecure offer Professional Services, Security Assessments and Managed Services for data and threat protection.

Intensity Analytics

Intensity Analytics

Intensity Analytics is a software firm that develops next-generation, physical user and entity behavioral authentication ("physical UEBA") security software technology.

Lumen Technologies

Lumen Technologies

Lumen is an enterprise technology platform that enables companies to capitalize on emerging applications and power the 4th Industrial Revolution (4IR).

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions creates enterprise mobility and file sharing solutions for companies, teams and freelancers.

IoT Security Institute (IoTSI)

IoT Security Institute (IoTSI)

IoT Security Institute is an academic and industry body dedicated to providing frameworks and supporting educational services to assist in managing security within an Internet of Things eco-system.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Clario Tech

Clario Tech

Clario is a simple, comprehensive, personalized protection app. It comes with a full suite of intelligent security software and intelligent people to help you live a better, safer digital life.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Swissbit

Swissbit

Swissbit AG is the leading European manufacturer of storage, security and embedded IoT solutions for demanding applications.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

Chorus Cyber

Chorus Cyber

Chorus are a leading Managed Security Service Provider (MSSP), and member of the Microsoft Intelligent Security Association (MISA), with three Microsoft Advanced Specialisations in security.

rThreat

rThreat

rThreat is a cloud-based SaaS solution that challenges your cyber defenses using real-world and custom threats in a secure environment, ensuring your readiness for attacks.