Posted by & filed under Technology.

Data Is Power in Cyber Warfare

As reductions in armed forced personnel continue to worry people. Indeed, why most theatres of war require heavy physical presence, if there aren’t enough military people on the ground, then the country will be in trouble. However, one area of defence spending is still receiving increased spending.

The real future of war is in cyberspace, it has to be said, and MBF Blog did in October 2011. Angus Batey, writing in the Sunday Telegraph in November 2011, argued: ‘forget guns, missiles, tanks and fighter jets, the new arms race is in cyber weapons’. He reported that £650 million of new money was earmarked for cyber defence and security.

Powerful Advantage

Armed Forces Minister Nick Harvey was reported as saying in May 2011: ‘A single networked laptop might be as effective as say, a cruise missile’. It’s thought almost every country in the world is developing defences of their own systems, and devices that can penetrate, search/interrogate or actually disable others’ capabilities.

We know that power grids, computer systems in everything from finance to transport, and health to education (in fact, the entire digital infrastructure) are vulnerable to terrorist/enemy attack. The ability to cripple an entire network from a distance is a powerful advantage.

Bately confirmed the existence of the Remote Control System (RCS), software that can invade any digital devices completely undetected, bypassing the most sophisticated defences yet devised and disrupt absolutely anything. It is marketed by Milan-based Hacking Team, but not to individuals nor countries under EU or UN arms embargoes.

It costs a hefty £200,000 a year to use the system, but this sort of high tech weaponry is always going to be expensive. Shortage of money doesn’t seem to be a problem with hackers, terrorists and big criminals generally. Defences against are always going to have be funded at state level.

State Level Security

It is thought that the Stuxnet virus is too complex to have been dreamed up by one rogue hacker. It was a precisely targeted program, affordable and achievable by a rich nation state with something to gain, as Batey put it, ‘by derailing Iran’s nuclear programme’. He suggested it could have been either Israel or the USA.

The Hacking Team is an interesting case study into how a modern defensive system company works. Founded in 2003, staff are generally young with little direct experience of the particular work, but obviously a great aptitude for thinking attack-defensively. New recruits are always trusted friends of existing workers: ‘There are no strangers here’.

Batey tried to interview various strands of government for his article. The Department for Business, Innovation and Skills which is responsible for British arms sales and the Office for Cyber Security and Information Assurance (OCSIA, a department within the Cabinet Office) were unable to help.

The House of Commons combination of four select committees, the Committees on Arms Export Controls ‘have apparently never discussed cyber weapons’. He found it amusing that at the November Cyberspace Conference in London, hosted by the Foreign Office, much was made of ‘the vital importance of the unfettered exchange of ideas and information online’.

Yet, the conference session on security was the only closed one, with no live web stream. It is understandable that officials should be cagey. Security is not something to be discussed in detail to just anybody. Everyday people are generally also becoming increasing concerned.

Deciding Battle Rules in Advance

In September MBF published a blog  about people’s fear of cybercrime which reported how British companies are at the forefront of the fight-back, as security breaches cost our economy £27 billion a year.

Damage, infiltration, interrogating systems costs business billions in intellectual property theft. No figures are available how much identity theft costs individuals. So, every effort has to be made at each level to stop it happening or minimise it when it does.

Ellen Nakashima wrote in the Washington Post in June 2011, about a list of Pentagon developed cyber-weapons ‘to streamline computer warfare’, including viruses. They are known as ‘fires’ that can be employed against an enemy.

They are integrated into a formal structure, so have operational military status, which is a new development. Presidential authorisation is needed to penetrate ‘ a foreign computer network and leave a cyber-virus’ for later, according to Nakashima, but is not required for other clandestine penetrations.

The intention is to use cyber weaponry commensurate with the threat level that will not ‘inflict collateral damage’ and will avoid civilian casualties. The point is that it is ‘defence’, not attack, primarily, and that the US could retaliate with traditional force rather than another attack in the event of cyber attacks.

Equally, effective deterrence is also the purpose of this particular game. It is all part of the building a tool kit, in global, regional and local theatres of conflict, each capable of responding rapidly, as things change in cyberspace so fast. It is also essential that the interdepartmental authorities are sorted out in advance, which is what the US is doing.

So, does all that help us sleep safer in our beds at night?

Source:

  • Sunday Telegraph magazine, Seven, Angus Batey, 20 November, 2011.
  • The Washington Post, Ellen Nakashima.

Photo: Switch and Data