Cyber War Pre-emption Is The Key to Defense

Uploaded on 2015-12-09 in NEWS-News Analysis, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW

The United States' best defense against a crippling cyber attack could be a more visible offense, military leaders and other experts recently suggested at the Army War College in Carlisle. Then they stopped talking.
The nation's cyber attack capabilities are so cloaked in secrecy that they could not say anything specific in an unclassified forum — even an invitation-only, closed-door strategy session.

That mystery could be a problem for deterring adversaries, says Mark Troutman, a participant in the forum and director of the Center for Infrastructure Protection and Homeland Security at George Mason University in Fairfax, Va.
“If you want a deterrent effect, the capability has to be known,” Troutman said, “and there has to be the perception that the resolve is there to use it.”

Or as Dr. Strangelove put it in Stanley Kubrick's Cold War thriller: “The whole point of the doomsday machine is lost if you keep it a secret. Why didn't you tell the world, eh?”
Increasingly, top security officials worry about computer attacks that could shut down the nation's systems for energy, banking, communications and more. A computer problem last month — which might or might not have been triggered by Anonymous hackers — closed the New York Stock Exchange for more than three hours.
Many former Cold War warriors believe prevention should start with the computer-age equivalent of nuclear deterrence and a promise of mutually assured destruction.
“The deterrence issue here is harder,” said Paul Kaminski, chairman of the Defense Science Board. “We have to give this more thought. As complicated as nuclear deterrent was, this is more complicated because there's less clarity in the actions.”
He and some others interviewed for this story were not at the war college talks.
After World War II, no one doubted that the United States possessed atomic power and would use it with devastating effect, experts said.
“Remember, the nuclear deterrent involved catastrophic weapons, and so nobody was fooling around with nuclear weapons, not even in tiny wars,” said Patrick Morgan, former Tierney Chair for Peace & Conflict at the University of California, Irvine. “But in cyber, we get attacks all the time. ... The rate at which cyber attacks go on is just astronomical.”
No rules is the rule

Cyber attacks often are more similar to intelligence operations or crimes than acts of war by the military, said Will Goodman, vice president for policy at the National Defense Industrial Association, an Arlington, Va., trade group.
“What the cyber domain needs most is a clear set of normative behaviors ... that, by custom or agreement, are allowed and not allowed,” Goodman said.

It's not clear what the United States can do online or how it will respond to specific attacks. Last month, National Intelligence Director James Clapper said the country lacks the substance and the psychology of deterring cyber incidents.
“Until such time as we come up with a form of deterrence that works, we're going to have more and more (computer attacks),” he said at The Aspen Institute's annual security forum in Colorado.
When word of possible exploits leaks out — such as the Stuxnet attack on Iran's uranium enrichment program — the nation's leaders avoid taking credit.

Even after President Obama blamed North Korea for hacking into computers at Sony Entertainment last year, the nation's response remained unclear. Some speculated the United States shut down North Korea's Internet, but Clapper said the only action was to sanction individual North Koreans.
“It was a conscious decision not to reciprocate in-kind,” he said.
Cyber deterrence can be harder to accomplish because of the nature of the attacks, Kaminski said. For nuclear detonations, it's typically clear who set off the bomb and what impact it had. Computer attacks can take place quietly with little evidence of where they started, although experts say attribution is getting easier.

While the United States might be able to deter foreign countries from carrying out computer attacks, others — terrorists, activists and individual computer experts — are gaining expertise that rivals small nations, experts said.
Secrecy can be important to the nation's cyber military programs, Kaminski said. The United States often wants to be stealthy about its sources and methods for online activity.
“Talking more about our cyber capabilities could cause our adversaries to fear our retaliatory capabilities,” Goodman said. “But it could also inform our adversaries about where they are vulnerable and help them improve their defenses.”
Some secrecy can be good as long as other countries over-estimate the United States' cyber capabilities, said Jim Lewis, a security expert at the Center for Strategic & International Studies, a Washington think tank.
But deterrence will not work if adversaries believe the United States will not retaliate, he added.

The Office of Personnel Management has said its systems were hacked and that the records of 22 million federal employees, contractors and people who applied to work for the government were stolen. The Obama administration has been largely silent on the source of the attacks except for Clapper, who said: “You have to kind of salute the Chinese for what they did.”
For a while after the intrusion became public, Chinese leaders were worried about what would happen, Lewis said.
Then nothing did.
“There's a whole range of things you could do,” Lewis told the Trib. “What we tend to be good at is generating excuses not to use them. ... The Chinese know that we know it's them, and we haven't done anything. So that's the message we're sending.”
For deterrence to be effective online, the United States will have to be more assertive about the consequences for intrusions, he said.
“We know that what we're doing now doesn't work,” Lewis said. “... I can see being cautious, but coming up with excuses about why we can't do anything mean to the Chinese only emboldens them.”

TribLive: http://bit.ly/1IEo058

 

« Gateway For Hackers
Australian Degree Course on Cyber War and Peace »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

F5 Networks

F5 Networks

F5 products ensure that network applications are always secure and perform the way they should—anywhere, any time, and on any device.

Authorize.Net

Authorize.Net

Authorize.Net is a Payment Gateway which provides the complex infrastructure and security necessary to ensure fast, reliable and secure transactions.

Caretower

Caretower

Caretower is one of Europe’s leading value added managed service provider in cyber security.

ThreatBook

ThreatBook

ThreatBook is dedicated to providing real-time, accurate and actionable threat intelligence to block, detect and prevent attacks.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Corvid

Corvid

Corvid is an experienced team of cyber security experts who are passionate about delivering innovative, robust and extensive defence systems to help protect businesses against cyber threats.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Technisanct

Technisanct

Technisanct works with Governments, especially Law Enforcement and Defence agencies, helping them in monitoring threats, managing their data and resolving their forensic needs.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Edgio

Edgio

Edgio provides unmatched speed, security, and simplicity at the edge through globally-scaled media and applications platforms.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

coc00n

coc00n

coc00n secures the devices of high-value and high-interest individuals against cyber attacks.