Thought Experiment: Predicting Cyber War

Uploaded on 2016-04-06 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

The concept of using attacks via networked computers is several decades old. Naturally this led to discussions of what full scale Cyber War would be like and how to deal with it.

There has not been one of those yet and there is much anxiety over how one would proceed. The useful tool for predicting future-events is the simulation or, in this case, a war-game. But these simulations only work if you have data from similar events in the past. You are confident this data is useful because you can build simulation that accurately recreate past events. As the saying goes, “if you can predict the past you can predict the future.” That doesn’t work so well with Cyber War, at least not the first one.

In short, it is difficult to predict the past if you have no good historical models for Cyber War. While there have not been any past Cyber Wars to provide data, there have been similar “tech wars” that are almost as good. There were several of these tech wars (or “competitions”) during World War II (1939-45) that are appropriate for developing a better idea of what a real Cyber War would be like. Take, for example, the electronic warfare that took place over Europe from 1940-45 in support of aerial bombing campaigns or to defend against them. The electronic warfare was most intense in the air over Britain and Western Europe (particularly Germany). Starting in 1943 that electronic warfare proceed with unprecedented intensity. In doing so nearly all the current electronic devices, weapons and countermeasures were invented and first used in combat.

Going into World War II, aircraft had little electronic equipment on board except a radio, and many nations didn't even equip all their warplanes with radios. But there was a lot of new electronic gadgetry being developed in the laboratories and universities during the 1930s. The needs of wartime quickly brought a lot of that speculative and experimental gear into use.

It did not take long and one of the first of the modern electronic devices to be introduced over Europe was the German Knickebein in February of 1940. This was an airborne navigation system using signals from ground transmitters. This allowed bombers flying a night to find targets, and accurately bomb them. This was a classic, and oft repeated, case of an unexpected military situation (bombing at night) bringing forth a technical solution to a seemingly intractable problem (finding targets at night.)

While the Germans pioneered the bombing of cities in the 1930s, particularly in Spain during the Civil War (1936-39), they always assumed that they would first clear the air of enemy fighters and then bomb accurately by day. When the Luftwaffe (German Air Force) ran into the RAF (British Royal Air Force) in 1940, it was quickly obvious that British fighters could make bombing in daylight an excessively expensive proposition. Bombing at night avoided the fighters, but created seemingly insurmountable navigation problems. Flying above the clouds, one could navigate well enough by the stars to find and bomb cities, but not smaller, and more critical targets like aircraft factories and airbases.

But the Germans (and other nations) had already been working on the use of radio beacons to guide aircraft. These were actually quite simple in theory, and practice. Radio beams was pointed in a certain direction, and the navigators on aircraft listened to the radio signals, giving the pilot instructions when to make a slight turn this way or that to stay on course. The beam was about 400 meters wide. The navigator noted distance traveled, and listened for the second beam that crossed the first beam at the target, so that he could alert the bombardier when the aircraft were near the target. If there was nothing but clouds or fog below, when the aircraft hit the point where they heard both radio signals, it was time to drop the bombs.

It took a while for the British to figure out how the Germans were doing it, for the Knickebein device was hidden on the bombers and the crew members who knew about it were instructed to keep quiet on the subject if captured. But eventually the British did find out about Knickebein and, in September 1940, introduced their countermeasure; Asperin. This was nothing more than an electronic jammers that sent out a lot of noise on the same frequencies as, Knickebein, rendering it useless.

During the Battle of Britain (Summer of 1940), the outnumbered British came up with a number of innovative, and not always high tech, ways to better deal with the German bombers. Although the principal German bombing attacks during 1940 were in daylight, there were also night attacks against cities. The British were the first to develop airborne radar for their night fighters.

The first system, the AI (Airborne Interception radar), had a minimum range of 240 meters and a maximum one of 3,200 meters. Given the crude tracking ability of the ground radars, this was often not enough to get the night fighter close enough to the German bombers to get a contact. So the British came up with another simple device, a transponder (radio transmitter) called Pip Squeak that gave out a signal periodically that was picked up by ground stations and, using triangulation, gave a precise position of the British aircraft.

There was also a series of radar beacons that allowed the night fighters to quickly find out what their own current position was. This was the forerunner of transponders and Blue Force Tracker. In 1940 this led to another innovation, centralized control of air defense. This was nothing more than reporting all sightings of enemy aircraft (from radar, human spotters or pilots) to one location. This control center would then allocate interceptors and alert anti-aircraft units. While seemingly obvious, this technique was not immediately adopted by every nation. The British were the first and it was a key element in their winning the Battle of Britain against the German Luftwaffe.

In September, 1940, the British introduced a better night fighter (the 11 ton Beaufighter, with four 20mm cannon), equipped with an improved airborne radar (AI Mk IV) that had a minimum range of 120 meters and a max range of 4,800 meters. The Beaufighters began shooting down German night bombers in late November, 1940 and the night skies became increasingly unfriendly for German bombers. By March, 1941, for the first time, British night fighters shot down more German bombers (22) than did anti-aircraft guns (21). In April the score went up to 48 bombers for the night fighters, versus 39 for the guns.

The Germans kept using the older technology until they discovered the microwave angle in 1943, via a shot down Allied aircraft carrying radar. The Germans didn't get their own microwave radars into use until late 1944, too late to have any major effect on the outcome of the war. Oddly enough, the Japanese had also discovered how to use microwave radar in 1941 but had not shared this with their German allies. This shows how valuable military secrets can be. Had the Germans gotten the secret of microwave radar in 1941 or 1942, their anti-aircraft defenses would have been more formidable when the Allied bombing campaign went into high gear during 1944. There would have been a lot more Allied losses. It wouldn't have changed the outcome of the war, but would have killed a lot more British and American airmen.

What the British learned in World War II about collecting information on enemy electronic equipment is still valid today. Such information is not cheap to get, and is even more expensive if you don't get it. Today, ships, submarines, aircraft and satellites are used to get this information on other nations radars and electronic gadgets. Even during peacetime there are losses, for often the gathering involves getting close to foreign territory and sometimes get violent about such actions. Hundreds of Americans died during the Cold War while collecting these electronic signatures in peacetime. In wartime it is an even more costly process. But without this information, wars begin with enemy electronics operating at peak capacity, rather than crippled by jamming and other countermeasures. The need for this electronic information was appreciated early in World War II, thus beginning a process that will continue as long as weapons use electronic transmitters.

At the very end of 1942, the Allies introduced Oboe. This was a 430 km range ground radar device that calculated a friendly bombers precise location and sent signal to the bomber about when bombs should be dropped. This was used during the day as well, when overcast prevented bombers from seeing their targets. This was limited by the range of the Oboe radar, and was of no use for the many targets deep inside Germany. It was also, for all practical purposes, impossible to jam.

The year 1943 saw the introduction of many new devices that, by the end of the century would still be considered high technology. The first of these "modern" electronic device was introduced by the Allies, H2S. This was a ground mapping airborne radar, which could distinguish between water, cities and rural areas. For 1943, this was really high tech and all the bugs were not worked out until the end of 1943. The advantages of ground mapping radars were enormous. Since Europe was crowded with rivers and urban areas, navigators with the proper maps could always figure out where they were, day or night, no matter how much overcast there was. For large targets, like cities, ports or large industrial complexes, "bombing by radar" became a possibility, and an accurate one at that (at least by World War II standards.)

Perhaps the major flaw of electronic devices was that, if they sent out a signal, that signal could be traced. Thus by the end of 1943 the German night fighters were using Flensburg, an airborne receiver that could detect the allied Monica tail radar for up to 100 kilometers. This enabled the night fighter pilot to carefully stalk the bomber and get in his attack without as much danger from the bombers tail guns. But Flensburg, and the Naxburg device for detecting the H2S ground mapping radar, also made an earlier (Summer of 1943) innovation even more useful. This little item was not a piece of high tech gear, but a simple modification of a German night fighter and was called Schrage Musik ("Jazz".)

From the end of 1943 through the Spring of 1944 it appeared that the Germans were winning the battle for the night skies. Despite all the Allied efforts at jamming German radios and radars, the Germans were more successful at using radar and jammer detectors. And the use of Schrage Musik greatly reduced their night fighter losses. Between November, 1943 and March, 1944, the British sent out thirty-five major attacks against German cities. The night fighters destroyed 1,047 bombers and damaged 1,682 others. In one major raid, the British sent out 999 bombers, of which 97 were shot down. Night fighters launched 247 sorties and accounted for 79 of the British bombers lost. The difference in men lost was even more striking; 11 Germans versus 545 British.

The German success was misleading, however, in that most of the British bombers were still getting through. Moreover, the British night bombing was a stopgap until such time as daylight bombing could be done. This was what the American bombers began doing in late 1942. By late 1943, escorted by long range fighters, the American B-17s and B-24s were ranging all over Germany making accurate raids on German industrial targets. The British bombers were still dropping more bombs. Even in 1944, at the peak of the American effort, the British night bombers dropped 525 thousand tons of bombs versus 389 thousand tons for the American daylight bombers. The British bombing, although now considered "terror" raids against cities and their civilian populations, did have a serious impact on the German war effort. Millions of workers were diverted to dealing with the damage and the refugees.

Over half a million German troops were assigned to anti-aircraft defenses around the cities. And the night fighter force kept increasing, from 611 fighters at the end of 1943 to 1256 in January, 1945. The night raids made the cities unlivable and helped cripple the German transportation network.

The Germans did make their point, in early 1944 and throughout the war, that night fighters were a formidable weapon. Of the 11,965 British night bombers lost during the war, night fighters accounted for half (5,730) of them. But the Allies did not give up because of the night fighters ascendancy in early 1944. June of 1944 brought the Allied invasion of France and many of the night bombers were diverted to bombing missions in France, and adjacent areas, to support the invasion.

One thing that has obviously changed since World War II is the speed of innovation. Cyber War is more about software than hardware and that means new Cyber War weapons, or defenses, can be created in hours, or less. The side that has a demonstrated ability to innovate effectively and do it faster will have an edge. So with the above examples Cyber War suddenly has a past that can be simulated and provide a model for predicting the future of Cyber War or, rather, the first one.

Ein News: http://bit.ly/1qjrWAL

« Anonymous To Launch Cyberattacks Against Trump
CEOs Seek Out CIOs With A 'Bias For Action' »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The Hacker News (THN)

The Hacker News (THN)

THN is a leading source for Information Security, Hacking News, Cyber Security, Network Security with in-depth technical coverage of issues and events

Code Dx

Code Dx

Code Dx is a software application vulnerability correlation and management system.

Recorded Future

Recorded Future

Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk.

GraVoc

GraVoc

GraVoc is a technology-consulting firm committed to solving business problems for customers through the development, implementation, & support of technology-based solutions.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

Shieldfy

Shieldfy

Shieldfy is a cloud-based security shield for your website to protect it from cyber attacks and malwares.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

MyDocSafe

MyDocSafe

MyDocSafe is an all-in-one document security and e-sign software.

NSR

NSR

NSR provide trusted solutions that deliver positive business outcomes for our clients in cybersecurity and data protection challenges.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

eMudhra

eMudhra

eMudhra is a leader in Identity and Transaction Management Solutions.

Systems Engineering

Systems Engineering

Systems Engineering is a SOC 2, Type 2-certified IT strategy and managed technology services provider.

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.