Cyber warfare represents a new form of cold war, and it is one which is already going on. There are cases where the sovereign countries have ‘fought’, where sovereign countries have ‘attacked’ business concerns (as a proxy means to attack a sovereign country), and where various multinational organizations operate with impunity, attacking whomsoever they deem as the ‘enemy’.
This is one of those ‘brave new world’ aspects of the 21st century which most of us would be happy to forget. Unfortunately the genie is out of the bottle. Look over these links to get a sense of what has been going on between Google and Chine, between China and the USA, and a great Wired.com article about the Stuxnet virus (which was a cyber attack upon the Iranian nuclear weapons program).
Welcome to the future.
Cyber War Games: U.S. versus China
http://bigthink.com/ideas/38999
David Wise: There’s a lot we don’t know about the digital warfare that’s going on. Both sides have developed military plans to cripple, disable the internet or digital resources of a possible adversary. That’s not a secret.
It’s very difficult to say who has the upper hand in this battle because the United States is certainly well aware of the vulnerability of our infrastructure–our power grid, our electric grid, our communications grid, our aviation grid. We’re very vulnerable as a highly industrialized society, and China is becoming more and more of a global economic power, so they, in turn, are vulnerable.
Right now, the focus seems to be hacking by China into Google, for example, and into, I think 34 American companies at the time that Google threatened to pull out of China, and not very much on what the United States may be doing, so we don’t know. We don’t know because that hasn’t been publicized in the way that China’s activities have been publicized.
There is this problem of attribution because when something is hacked, whether it be an individual or a company, and a Trojan Horse is put in or some kind of worm or virus, there’s always the question of, you know, is this being done by some high student in Sheboygan or is it being done from Estonia with someone pretending they are a server in China, or is it being done in Taiwan or is it being done in China? And that problem of attribution makes it very difficult to say, “Yes, the Chinese are doing this. The Chinese government is doing this and its policy of the Beijing leaders.” We can’t say that. We don’t know that even though all the signs point to that.
Is Cyberwarfare the Nuclear Warfare of Our Generation?
http://bigthink.com/ideas/38786
Cyberwarfare may sound like something out of a Philip K. Dick novel (and, in fact, the term “cyber” dates way back to Norbert Wiener and the Cold War era), but it has become a reality for U.S. corporations as well as the U.S. government. Nobody, it seems, is safe. Just this week, U.S. government officials admitted that persistent cyber-warriors had attempted to hack into non-secure Google Gmail accounts as a back door into classified security secrets. Weeks earlier, huge defense contractor Lockheed-Martin found itself the subject of sustained, ongoing attacks from hackers in China. All told, more than 100 foreign intelligence organizations have attempted to break in to the U.S. governments secure computer systems – and that’s just what we know about.
The growth of cyberwarfare reflects the continued evolution in the nature of asymmetric warfare. You thought it was hard doing battle with the mujahadeen in the mountains and caves of Afghanistan? How about doing battle with the new generation of global cyber-warrior, who can disguise his or her identity and use nearly any computer or mobile device in the world to carry out an attack? It may be possible to retaliate against nation-states, but how do you carry out an attack against a nameless, faceless entity that may or may not be acting according to national security plans? How do you respond to a couple of guys with a laptop who take down the Internet in New York or Chicago or L.A.?
The 800-pound gorilla in the room, of course, is China. Even when policymakers talk about defending themselves from cyberwarfare threats, they are really talking about defending themselves against China. And, make no mistake about it — there are already influential elements within China that equate cyberwarfare as the strategic war of the information era, just as nuclear war was the strategic war of the industrial era. (And let’s not be naïve, the U.S. has been playing around with cyberwarfare of its own, including rumors that it was behind the famous Stuxnet worm in Iran’s nuclear reactors.)
What does that mean for the future of the U.S. government’s cyberwarfare policy? Certainly, it’s a good sign that the White House has started to lay out its strategy for cyberspace and has started to accelerate federal hiring efforts on cyber-security experts. More needs to be done – and quickly – to ensure that the nation’s mission-critical systems are safe from cyberattack. Defense is the best offense. Truth be told, though, it’s all a bit reminiscent of the Cold War era, when we lived under constant threat of nuclear attacks from enemies on the other side of the Iron Curtain.
We also need to decide when a cyber-attack justifies a military response, and how vigorously we should respond. Just as we did with nukes, the U.S. Pentagon is already establishing the rules of engagement so that every alleged cyberattack does not result in a military strike. The Pentagon’s currently policy is that it will only hit back with a military strike if a cyberattack causes the type of damage and mayhem associated with a traditional military attack. Before carrying out an attack – of any kind – we need to be able to identify our attackers with 99% certitude, and that’s where things get dicey. After all, the worst thing in the world would be The Elderly Woman in Tblisi situation, where the Internet gets shut down due to a completely random mishap, and we start launching missiles at China in retaliatory response.
How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History
http://www.wired.com/threatlevel/2011/07/how-digital-detectives-deciphered-stuxnet
