Archive for the ‘Cyber Warfare’ Category

China Accused of Launching Cyberattacks

January 15, 2010

Today, the New York Times published an article by David Sanger and John Markoff in which they discuss cyberattacks against Google that were allegedly launched by Chinese hackers who were probably supported by the Chinese government if the allegations are true.  The reporters speculate that the intruders were trying to do one of the following things:

1. Gain commercial advantage.

2. Insert spyware.

3. Break into the email accounts of Chinese dissidents and American experts on China who frequently exchange email messages with administration officials.

Other technology companies might also have been targets, including Yahoo, Symantec, Adobe, Juniper, Northrop and a prominent research organization with ties to the White House. 

Aside from the commercial implications of the attacks, there are also national security aspects to cyber threats.  Two years ago, a computer system in the Office of the Secretary of Defense was penetrated, and US officials believe the Chinese government was behind the effort, although there was no definitive proof that China was culpable.  The difficulty of pinpointing the exact source of an attack complicates the task of defending against them and taking retaliatory measures. 

There is a high probability that cyberwarfare would be part of any Chinese attempt to invade Taiwan or take away its de facto independence through coercion, and American military forces could be vulnerable in the event of a conflagration because they rely heavily on computer systems for things like communication and targeting.  China has already successfully tested anti-satellite missiles that could take out military hardware in space and seriously disrupt US naval and air operations if America intervened in the conflict, and there is strong reason to believe that the Chinese would use non-kinetic means for similar ends.

Naturally, American defense personnel are waging defensive cyberwarfare against hackers from China and elsewhere.  After the aforementioned incident at the Department of Defense, the US reportedly warned Chinese officials that further attacks against America’s national security apparatus would not be tolerated, which suggests that America maintains offensive cyberwarfare capabilities that could be used to retaliate against attackers or preemptively in the early stages of a conflict.

Advertisements

Send iPhones, Guns and Money

December 18, 2009

The New York Times recently posted a fascinating blog by Roy Furchgott on its website in which he details how Raytheon is adapting the iPhone for military purposes.  The application could help soldiers track friends and foes, communicate with other units and map the battlefield.

This development serves military plans to achieve greater situational awareness during combat operations.  However, the fog of war will inevitably limit the usefulness of the device, and it carries with it the threat that America’s enemies will be able to interept communications and information from the iPhones much like insurgents in Iraq intercepted video images broadcast by Predator drones.  Other technical issues must be overcome before the iPhones could be used effectively, such as low battery capacity and the inability to use multiple functions at the same time.

Whether Raytheon’s new piece of technology will significantly change the way that wars are fought is uncertain.  But at least soldiers can listen to “Flight of the Valkyries” while conducting assaults against enemy positions.

Cyberattack Report

April 29, 2009

Earlier today, a panel of scientists and retired military officers assembled by the National Academy of Sciences issued recommendations about US cyberwar policy in a report titled “Technology Policy, Law and Ethics Regarding US Acquisition and Use of Cyberattack Capabilities” (http://books.nap.edu/openbook.php?record_id=12651&page=1).

The panel offers the following definition of a cyberattack:

The use of deliberate actions—perhaps over an extended period of time—to alter, disrupt, deceive, degrade or destroy adversary computer systems or networks or the information and/or programs resident in or transiting these systems or networks. A cyberattack seeks to cause adversary computer systems and networks to be unavailable or untrustworthy and therefore less useful to the adversary.

Cyberattack is distinguished from “cyberexploitation,” which is defined as:

The use of cyberoffensive actions—perhaps over an extended period of time—to support the goals and missions of the party conducting the exploitation, usually for the purpose of obtaining information resident in or transiting through an adversary’s computer systems or networks. Cyberexploitations do not seek to disturb the normal functioning of a computer system or network from the user’s point of view—indeed, the best cyberexploitation is one that such a user never notices.

One of the main findings and recommendations of the report was that US cyberattack plans, procedures and policies have not been subject to significant public debate and therefore are too secretive. The panel believes that public discussion of these issues would be beneficial.

Despite the arguments of the panel, openly discussing these aspects of cyberattacks would jeopardize US national security because it would inform potential adversaries about how the Pentagon might conduct cyberattacks against them in a future conflict. Furthermore, setting public policies about cyber warfare could tie the hands of an administration that has to respond to cyberattacks launched against the US by hostile nations, terrorist groups or individuals seeking to harm American computer systems or networks. It is generally US policy to leave all options on the table when it comes to dealing with foreign policy problems or crises, which is a wise position to take because it offers flexibility and may deter adversaries from taking aggressive actions that would be harmful to US interests.