Cyber warfare · cyberwar

Cyberwar! Let’s work through this, shall we?


Globe
Globe (Photo credit: Wikipedia)

Cyberwar!  I have a Google Alert for this as both “Cyberwar” and “Cyber War“.   These terms have been thrown around like a ninja throwing star, various newspapers and even quite a few of our leaders are using the term liberally and it scares the snot out of little kids like a story about the Boogie Man.  *Harumph* I say, harumph.

Military theorists are going to shoot anyone down who uses the term “cyber war” because there is no such thing as “Land war” or “Sea War” or even “Air War”.  It’s war fought in different domains, which happen to include air, sea, land, space and now cyber.  It’s just another domain.  Get used to it.

Now let’s talk about ‘warfare in cyberspace’.   First we all thought that the conflict between Russia and Estonia was a cyberwar, but since then we’ve evolved our perception.   The facts are that ‘someone’ (think Russia) decided to attack the Estonian banking industry when a statue commemorating a Russian soldier was removed.  The highly wired and interconnected Estonian banking industry and much of the government was shut down for a brief period.   But nobody died, no military targets were destroyed and..  *gasp* there were no long term effects. Is that war? No.  Is that a cyberwar?  Good gracious, no.

2008, Russia attacks South Ossetia, a part of the country of Georgia, to protect Russian interests in that region.  In conjunction with a conventional Russian attack there was a call for assistance to close down various Georgian websites.  A target list was produced, tools/weapons were made available and a time schedule was provided.  This was pretty darned close to being a cyberwar, but it was just warfare in cyberspace as part of a larger war.

So what is cyberwar?  I imagine most people feel that some country is going to launch weapons or tools against another country, trying to blind their military, mute the other government and make life incredibly miserable for many of their citizens.  The Geneva Convention will probably be ignored; civilian targets, including private businesses, critical infrastructure and even private citizens, will be affected, either directly or indirectly.  If the attacker is successful, a simple reboot of the target computers will not regenerate functionality and a part of the economic base of the targeted country will probably be permanently destroyed (although many dispute this, believe a simple reboot or loading backup tapes will be sufficient).   To be truly effective the attacks will continue and each time an effected system is restored, it will be attacked again.  How much time and patience the attacker has, I don’t know, but I would imagine it will take weeks to effectively put a dent in a nation’s economy.  The banking industry is on a separate network (which I believe is also susceptible but that’s the subject of another article), and I believe it will survive for the most part.  A sophisticated enemy is going to implant tools which will continually reattack and spread and cause long term damage.  More harmful would be a worm with the sole purpose of replicating and ‘delete *.* or fdisk on all .com, .gov and .mil systems’.

Is this possible?  Not yet.  The tools to do this have not yet been developed OR have not yet been used.  But, the good news is that whoever unleashes a God-worm will also kill their own computer and will shut them self off from the rest of the world.  I’m sure this little factoid will cross their mind at least once while they are developing their ‘God worm’.

Bottom line.  There are some really sick minds out there.  Some day, just some day, somebody will unleash a worm that might be programmed to ‘destroy anything with a .cn domain name.  Oops, that’s China.  Oops?

Advertisements

6 thoughts on “Cyberwar! Let’s work through this, shall we?

  1. I would not be so quick to dismiss this term. The more correct utilization is that in war you must have full-spectrum dominance and the Cyber arena is clearly seen as an area of concern. It is in a text I have from the National Defense University that dates back many years, and CYBERCOM dates back many years. I think the biggest problem is that the more proper terminology from the Joint Forces Staff College/NSA textbook of the same title is “Information Operations” which describes the entire cycle of Peace>Conflict>Peace and includes all things including “Information Warfare.” The subtitle of a decent textbook on the subject above is “Warfare and the Hard Reality of Soft Power.” None of these works are classified and only those outside the military and related DIB or IC would say that “military theorists are going to shoot this down.” Cyberwar is a coined term for a small portion of Information Operations of which the more proper term is indeed Information Warfare, but includes Computer Network Attack (CNA), Computer Network Defense (CND), Computer Network Operations (CNO), Information Assurance, PSYOPS, counter-intelligence, Electronic Warfare and a few other sub-disciplines. This area of military theory is well developed and many military officers write their Thesis on this subject area. I would also suggest you read the NATO additions related to the topic in which an attack against the computers of any member of a NATO country is an “act of war” as long as strong attribution is provided it is stated it is equivalent to any kinetic attack. The Russians and Chinese go farther in their definitions now before the UN which state that the use of ideology that is against the national policies of those and (currently at least other four other signatory nations – six additional are not full members) across censored network boundaries is considered an act of war.

    v/r

    Chet

    1. Chet, let’s agree to disagree on this, shall we? The vast majority of people using the term cyberwar honestly have not thought through the ramifications. The CNA, CND and CNE terms originated when IO had numerous components which have since been left on the side of the road. The SECDEF Memo of January 2011 completely redefined IO as well as refocused it. The CCDOE documents are the latest, state of the art perusals of the legal aspects of cyberwar, they are about to release the International Law applicable to Cyber Warfare (MILCW), otherwise known as the Talinn Manual, to the world, redefining the legal aspects of war in cyberspace.

      Russia and China have defined their positions and highlighted their greatest weakness in their SCO position paper, introduced to the UN (they try to hide their position that they reserve the right to shut down the internet in the case of a threat to State security). The Russians actually described, back in the 1990s, that an attack on Russia, via the internet, might be met with a nuclear response.

      Nay, the more things change, the more they stay the same…

  2. “2008, Russia attacks South Ossetia, a part of the country of Georgia, to protect Russian interests in that region.”
    After that false interpretation I stopped reading at all. Try watching other channels in addition to Fox News.

    1. I normally don’t stoop to insults, but you are sadly mistaken. Fox News? I don’t think I’ve ever purposefully watched that station. You, sir, are a buffoon.

      This was the reason Russia cited when they attacked, due to the high percentage of Russians in that area. Another story is the mineral deposits in the area. There are numerous other reasons.

      False interpretation? Nay, onerous person, it is an interpretation, not the interpretation. …and please, stop reading, I’d hate to poison your mind with a differing opinion.

      1. Of course, Russia has own interest there. But: Russia was in charge of keeping peace in that area since South Ossetia has not been considered as a part of Georgia in full measure. And when Georgian forces attacked South Ossetia, Russia had exploited its UN mandate of peacekeepers there to defend own interest. Hardly it could be taken as if Russia attacked South Ossetia, Georgia did, Russian troops had already been located there for a long time bang for the purpose to prevent military operations in that area. I understand that Russian gov would not lift a finger to defend some fictitious victim if it is not profit for them like and almost any other government does, but let’s avoid misrepresenting facts.

Comments are closed.