Cyber Operations: Difference between revisions
(9 intermediate revisions by 2 users not shown) | |||
Line 10: | Line 10: | ||
==Categorization== | ==Categorization== | ||
Issues: [[Cyberwar]] | * Threats and Actors: [[States]]; [[Groups]]; [[Terrorists]] | ||
* Issues: [[Cyberwar]]; [[Attribution]]; [[Public-Private Cooperation]] | |||
* Approaches: [[Regulation/Liability]]; [[Deterrence]] | |||
==Key Words== | ==Key Words== | ||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Botnet | Botnet]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Computer_Network_Attack | Computer Network Attack]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Cyber_Crime | Cyber Crime]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Cyber_Terrorism | Cyber Terrorism]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Department_of_Homeland_Security | Department of Homeland Security]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Hacker | Hacker]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Information_ Asymmetries | Information Asymmetries]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Intelligence_Infrastructure/Information_Infrastructure | Intelligence Infrastructure/Information Infrastructure]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Malware | Malware]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#National_Security | National Security]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Security_Trade-Offs | Security Tradeoffs]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Sponsored_Attacks | Sponsored Attacks]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Transparency | Transparency]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Trojan | Trojan]], | |||
[[Keyword_Index_and_Glossary_of_Core_Ideas#Worm | Worm]] | |||
==Synopsis== | ==Synopsis== | ||
Line 24: | Line 41: | ||
The next example is Mumbai, where terrorists used Google Earth, BlackBerry phones and GPS to form an integrated, low-cost command and control system that enabled a modicum of information superiority. The author's view is that nonstate actors "do not fear network0centric warfare because they have already mastered it." Mumbai is the new cyber normalcy. | The next example is Mumbai, where terrorists used Google Earth, BlackBerry phones and GPS to form an integrated, low-cost command and control system that enabled a modicum of information superiority. The author's view is that nonstate actors "do not fear network0centric warfare because they have already mastered it." Mumbai is the new cyber normalcy. | ||
NEW NORMALCY IN THE MODERN AMERICAN EXPERIENCE | '''NEW NORMALCY IN THE MODERN AMERICAN EXPERIENCE''' | ||
New normalcy has become an episodic policy construct in US strategy ideation; national leadership has relied on its clario to illuminate moments of transcending reorientation. New normalcy signals a cardinal shift in the nature of U.S. security. | New normalcy has become an episodic policy construct in US strategy ideation; national leadership has relied on its clario to illuminate moments of transcending reorientation. New normalcy signals a cardinal shift in the nature of U.S. security. | ||
Line 77: | Line 94: | ||
shift in the nature of U.S. security | shift in the nature of U.S. security | ||
NEW NORMALCY IN CYBERSPACE | '''NEW NORMALCY IN CYBERSPACE''' | ||
There is a growing national sentiment regarding the fear of a major cyber disaster—thus, the dramatic rise in predictions of a “cyber Pearl Harbor” or an “e-9/11” event. Vint Cerf even likens the rampant spread of malware to a “pandemic that could undermine the future of the Internet.” | There is a growing national sentiment regarding the fear of a major cyber disaster—thus, the dramatic rise in predictions of a “cyber Pearl Harbor” or an “e-9/11” event. Vint Cerf even likens the rampant spread of malware to a “pandemic that could undermine the future of the Internet.” | ||
Line 88: | Line 105: | ||
America’s New Normalcy predicted the onset of cyber new normalcy conditions, including cyberterrorism. | America’s New Normalcy predicted the onset of cyber new normalcy conditions, including cyberterrorism. | ||
FEATURES OF THE NEW NORMALCY IN CYBERSPACE | '''FEATURES OF THE NEW NORMALCY IN CYBERSPACE''' | ||
'''Commoditization:''' Under old normalcy, | '''Commoditization:''' Under old normalcy, | ||
Line 94: | Line 111: | ||
new normalcy, anyone can obtain malware at the “cyber drive-through window.” The Inter- net is a profit-generating machine for criminal syndicates that have perfected malware-as-a-service. | new normalcy, anyone can obtain malware at the “cyber drive-through window.” The Inter- net is a profit-generating machine for criminal syndicates that have perfected malware-as-a-service. | ||
''Identification.''' Under old normalcy, | '''Identification.''' Under old normalcy, | ||
when bombs and bullets flew, identification | when bombs and bullets flew, identification | ||
of the adversary was relatively easy. In cyber | of the adversary was relatively easy. In cyber | ||
Line 105: | Line 122: | ||
highly suspect. Malware can spoof and effectively nullify antivirus and firewall systems. Even worse, a team of Dutch and Swiss researchers have broken the MD5 encryption algorithm used by nearly all Internet Web browsers. | highly suspect. Malware can spoof and effectively nullify antivirus and firewall systems. Even worse, a team of Dutch and Swiss researchers have broken the MD5 encryption algorithm used by nearly all Internet Web browsers. | ||
THE NEW BALANCE | '''THE NEW BALANCE''' | ||
Secretary Gates’ call for a renewed focus | Secretary Gates’ call for a renewed focus | ||
Line 128: | Line 145: | ||
country.” | country.” | ||
THE MILITARY AND THE NEW BALANCE | '''THE MILITARY AND THE NEW BALANCE''' | ||
As witnessed in the cyber attacks on Estonia, Lithuania, and | As witnessed in the cyber attacks on Estonia, Lithuania, and | ||
Line 145: | Line 162: | ||
==Additional Notes and Highlights== | ==Additional Notes and Highlights== | ||
Expertise Required: International Warfare - Low | |||
'' | '''About the author:''' Colonel Stephen W. Korns, USAF, is Vice Director for | ||
Strategy, Plans, Policy, and International Relations | |||
at Joint Task Force–Global Network Operations, | |||
Washington, DC for balance in defense capabilities. |
Latest revision as of 13:32, 10 August 2010
Full Title of Reference
Cyber Operations: The New Balance
Full Citation
Stephen W. Korns, Cyber Operations: The New Balance, 54 Joint Force Quarterly 97 (2009). Web
Categorization
- Threats and Actors: States; Groups; Terrorists
- Issues: Cyberwar; Attribution; Public-Private Cooperation
- Approaches: Regulation/Liability; Deterrence
Key Words
Botnet, Computer Network Attack, Cyber Crime, Cyber Terrorism, Department of Homeland Security, Hacker, Information Asymmetries, Intelligence Infrastructure/Information Infrastructure, Malware, National Security, Security Tradeoffs, Sponsored Attacks, Transparency, Trojan, Worm
Synopsis
The article seeks to explore today's normalcy in cyberspace.
Taking as a starting example Russia's CNA attacks on Georgia in 2008, the author looks at how the attacks used tools from a Web site hosted by a Texan company to attack a Web site that was hosted by a company based in Atlanta, Georgia. The U.S experienced collateral damage during these attacks.
The next example is Mumbai, where terrorists used Google Earth, BlackBerry phones and GPS to form an integrated, low-cost command and control system that enabled a modicum of information superiority. The author's view is that nonstate actors "do not fear network0centric warfare because they have already mastered it." Mumbai is the new cyber normalcy.
NEW NORMALCY IN THE MODERN AMERICAN EXPERIENCE
New normalcy has become an episodic policy construct in US strategy ideation; national leadership has relied on its clario to illuminate moments of transcending reorientation. New normalcy signals a cardinal shift in the nature of U.S. security.
In 1953, President Dwight Eisenhower viewed the atomic realities of Soviet nuclear weapons as a new and untenable threat. Reflective of this thinking, a White House aide wrote a secret memorandum highlighting the nuclear age of peril as “the new and to all intents permanent normalcy.”
On October 25, 2001, echoing a deep national sense of insecurity after the 9/11 ter- rorist attacks, Vice President Richard Cheney lamented, “Many of the steps we have now been forced to take will become permanent in American life. They represent an understand- ing of the world as it is, and dangers we must guard against perhaps for decades to come. I think of it as the new normalcy.”
New normalcy defines a quintessential dichotomy: the urge to return to the comfort and routine of a normal state, confronted by the realization that the prior condition no longer exists. For example, many in the U.S. foreign policy community viewed the collapse of the Soviet Union as an opportu- nity for a return to normalcy in American foreign policy, allowing the United States to cash in the peace dividend.
U.S. joint military doctrine includes new normalcy as a central concept. From this perspective, new normalcy is the condition achieved whereby an adversary is rendered unable to oppose U.S. strategic objectives. After achieving the operational endstate, new normalcy becomes a strategic goal in transition from conflict, which disrupts normal life, to a new level of stability.
Although primarily understood from a policy development point of view, there is also a socioscientific basis for comprehension of new normalcy. Thomas Kuhn posits that when the current normal condition cannot explain or resolve an anomaly, a crisis ensues, leading to a fundamental paradigm shift, concluding in a new state of normalcy. In Kuhn’s normative transformation theory, a professional community “alter[s] its conception of entities with which it has long been familiar, and . . . shift[s] the network of theory through which it deals with the world.”new normalcy in the American experience signals a cardinal shift in the nature of U.S. security
NEW NORMALCY IN CYBERSPACE
There is a growing national sentiment regarding the fear of a major cyber disaster—thus, the dramatic rise in predictions of a “cyber Pearl Harbor” or an “e-9/11” event. Vint Cerf even likens the rampant spread of malware to a “pandemic that could undermine the future of the Internet.”
In the end, Cerf reflects circumspectly, “It seems every machine has to defend itself. The Internet was designed that way. It’s every man for himself.”
A December 2008 Center for Strategic and International Studies (CSIS) report on cybersecurity concludes that protecting cyberspace is “a battle we are losing.” In testimony before Congress, Jim Lewis, a member of the panel that wrote theCSIS report, stated that “the U.S. is disorganized and lacks a coherent national [cybersecurity] strategy.”
As early as 2003, the Gilmore Commission’s report on Forging America’s New Normalcy predicted the onset of cyber new normalcy conditions, including cyberterrorism.
FEATURES OF THE NEW NORMALCY IN CYBERSPACE
Commoditization: Under old normalcy, individuals developed malware. Under cyber new normalcy, anyone can obtain malware at the “cyber drive-through window.” The Inter- net is a profit-generating machine for criminal syndicates that have perfected malware-as-a-service.
Identification. Under old normalcy, when bombs and bullets flew, identification of the adversary was relatively easy. In cyber new normalcy, identification is the exception. In Here Comes Everybody, author Clay Shirky attributes “ridiculously easy group formation” as the Internet’s defining characteristic.
Distrust. Under old normalcy, we trusted but verified. Under cyber new normalcy, there is no trust, and verification is highly suspect. Malware can spoof and effectively nullify antivirus and firewall systems. Even worse, a team of Dutch and Swiss researchers have broken the MD5 encryption algorithm used by nearly all Internet Web browsers.
THE NEW BALANCE
Secretary Gates’ call for a renewed focus on U.S. deterrence policy evokes President Eisenhower’s New Look emphasis on strategic deterrence. An enlightened cyber strategy would seek an appropriate balance between secrecy and openness. While working at RAND in the early 1960s, Paul Baran con- ceived the digital packet switching concept used to establish a survivable U.S. nuclear command and control system. Significantly, Baran openly published his work, with the U.S. Government’s implied consent, under the premise that “deterrence only works if the other guy knows.”
Credible deterrence will also require balanced resourcing for identification and authentication; data hardening and network resiliency; cyber intelligence, surveillance, and reconnaissance; and cyber early warning and response. such an obsessiveness that it would destroy the economic base or the civil freedoms of the country.”
THE MILITARY AND THE NEW BALANCE
As witnessed in the cyber attacks on Estonia, Lithuania, and Georgia, non–mirror-imaging adversaries have a well-honed grasp of operating within the grey area of cyber, below the threshold of use of force. Deterritorialized attackers target territorialized infrastructure, frustrating border-based orthodoxy. These hybrid cyber militia-mobs clearly demonstrate that adversaries will not fight the U.S. military on its own terms in cyberspace. In fact, military-on- military in cyberspace may become the exception, rather than the norm, with relatively few “lawful combatants” in the traditional sense. An astute strategy would seek to refine the understanding of how “military affairs” fits within a cyber world where predominantly industry and noncombatant civilians establish and control the core operational theater of conflict.
Additional Notes and Highlights
Expertise Required: International Warfare - Low
About the author: Colonel Stephen W. Korns, USAF, is Vice Director for Strategy, Plans, Policy, and International Relations at Joint Task Force–Global Network Operations, Washington, DC for balance in defense capabilities.