September 13, 2014
6 D's Of Cyberwar
On the offensive side, you want to destroy, deny, degrade, disrupt, and deceive.
"Unlike World War II code breaking, cyber attacks offer the potential to not just read the enemy's radio, but to seize control of the radio itself."
- Step 1: Infiltrate the enemy's networks and communications and gather/exfiltrate information.
- Step 2: Compromise the enemy's information either by:
1) Corrupting the enemy's information, planting misinformation, sewing erroneous reports, and causing poor decision-making.
2) Taking control of their networks, disabling or jamming them, and disrupting their command and control or harming their critical infrastructure and causing mass confusion, destruction, and death.
Examples are "not merely to destroy the enemy's tanks, but to make them drive in circles--or even attack each other" or to cyber attack an enemies control systems for electricity, dams, transportation, banking, and so on.
With the ability to steal information, sow misinformation, seize control, or even stop the information flow altogether, cyberwar is not just another weapon in our arsenal, but "a tool to help achieve the goals of any given operation."
On the flip side, you want to defend against the enemy's use of cyberspace to hurt us.
We need to continue to get serious about cyberwarfare and cybersecurity and become the masters in the information domain, and quickly. ;-)
(Source Photo: Andy Blumenthal)
October 13, 2012
Amazing Internet Statistics 2012
- Information Sharing--639,800 gigabytes of data are exchanged
- Information Generation--6 new Wikipedia articles are created
- Information Visualization--20,000,000 photo looked at on Flickr
- eMail--204,000,000 emails are sent
- eCommerce--$83,000 of sales on Amazon
- Social Networking--320 new users on Twitter and 100 on LinkedIn (wonder how many for Facebook...)
- Cyber Crime--20 new victims of identity theft
And in the same month, Harvard Business Review reported on the growing significance to commerce with the Internet contributing to GDP (in 2010) as much as:
- 8.3% in the UK
- 7.3% in South Korea
- 5.5% in China
- 4.7% in the US
- 4.7% in Japan
- 4.1% in India
Moreover in HBR, this is what was reported that people are willing to give up instead of the Internet for a year--and the numbers are pretty startling--check this out:
- 91% of UK would give up fast food
- 89% of Indonesians would give up smoking
- 86% of Japanese would give up chocolate
- 85% of Chinese would give up coffee
- 78% of Indonesians would give up their shower
- 60% of Japanese would give up exercise
- 56% of Chinese would give up their car
- 56% of Japanese would give up sex--go figure! ;-)
While this is all sort of light, there is also a very seriousness dimension to this. For example, in the Wall Street Journal today, it quotes Secretary of Defense, Leon Paneta warning that with Iran's digital assault on the U.S., the concerns of cyberwar are growing with the SecDef going so far as to say "Is there a cyberwar going on? It depends on how you define war."
Yes, the Internet is amazing for so many reasons and we can't take it for granted--we need to be vigilant and defend the Internet (cyber) with the same zeal and commitment as the other domains of war--land, sea, and air--all are vital to national security and for the preservation of life, liberty, and the pursuit of happiness.
This is a lesson we need to learn quickly and decisively--before the old Star Wars is passe and cyberwar turns deadly.
(Source Photo: Andy Blumenthal)
Amazing Internet Statistics 2012
June 3, 2012
Raising The Bar On Cybersecurity
Good video by the The Washington Post (2 June 2012) on the importance and challenges of cybersecurity.
There are 12 billion devices on the Internet today and this is projected to soar to 50 billion in the next decade.
Cybersecurity is paramount to protecting the vast amounts of critical infrastructure connected to the Internet.
There is a lot riding over the Internet--power, transportation, finance, commerce, defense, and more--and the vulnerabilities inherent in this is huge!
Some notable quotes from the video:
- "Spying, intrusions, and attacks on government and corporate networks occur every hour of every day."
- "Some sort of cyberwar is generally considered an inevitability."
- "Cyberwar although a scary terms--I think it is as scary as it sounds."
- "Right now the bar is so low, it doesn't take a government, it doesn't take organized crime to exploit this stuff--that's what's dangerous!"
We all have to do our part to raise the bar on cybersecurity--and let's do it--now, now, now.
Raising The Bar On Cybersecurity
April 24, 2012
Cyberwar--Threat Level Severe
This video is of an incredible opening statement by Rep. Michael McCaul (R-TX), Subcommittee Chairman on Oversight, Investigations, and Management on the topic--Cybersecurity Threats to the United States.
Some of the highlights from his statement:
- America's computers are under attack and every American is at risk.
- The attacks are real, stealthy, persistent, and can devastate our nation.
- Cyber attacks occur at the speed of light, are global, can come from anywhere, and can penetrate our traditional defenses.
- In the event of a major cyber attack, what could we expect? Department off Defense networks collapsing, oil refinery fires, lethal clouds of gas from chemical plants, the financial systems collapsing with no idea of who owns what, pipeliness of natural gas exploding, trains and subways derailed, a nationwide blackout. This is not science fiction scenarios. (Adapted from Richard Clark, former Senior Advisor of Cyber Security)
- It is not a matter of if, but when a Cyber Pearl Harbor will occur. We have been fortunate [so far]. (Adapted from General Keith Alexander, Director of the NSA).
I believe we must address these threats and our vulnerabilities in at least five main ways:
1) Increase research and development for new tools and techniques--both defensive and offensive--for fighting cyberwar.
2) Establish a regulatory framework with meaningful incentives and disincentives to significantly tighten cybersecurity across our critical infrastructure.
3) Create a cybersecurity corps of highly trained and experienced personnel with expertise in both the strategic and operational aspects of cybersecurity.
4) Prepare nationwide contingency plans for the fallout of a cyberwar, if and when it should occur.
5) Create a clear policy for preventing cyberattacks by taking preemptive action when their is a known threat as well as for responding with devastating force when attacks do occur.
With cyberwar, just as in conventional war, there is no way to guarantee we will not be attacked, but we must prepare with the same commitment and zeal--because the consequences can be just, if not more, deadly.
Cyberwar--Threat Level Severe
October 14, 2011
EMP Cybergeddon
The Economist (15 October 2011) in an article called Frying Tonight describes how "warfare is changing as weapons that destroy electronics, not people, are deployed on the field of battle."
Here a brief summary:
During the Cold War, the notion was to explode an atom bomb high in the atmosphere (i.e. a High-Altitude EMP or HEMP) "to burn out an enemies electrical grid, telephone network, and possibly even the wiring of his motor vehicles."
Today, that principle is being applied in smaller weapons using microwaves---from powerful batteries or reactive chemicals that generate high-energy radio frequencies.
By zapping electronics, EMPs can take down enemy missiles, destroy command, control, and communications capability, and stop in their tracks everything from enemy tanks to planes and speed boats.
EMP weapons are already being deployed:
- Fighter planes are being developed with EMP capabilities using the active electronically scanned array (AESA) as defensive weapons against air-to-air and surface-to-air missiles, while other planes (like the "Growler") are being outfitted with offensive EMP capabilities.
- Ships too are being armed with EMP guns to defend against high-speed boat "swarms" or to defend against pirates.
- Land vehicles will be armed with EMP cannons such as the Radio-Frequency Vehicle Stopper that can stall enemy vehicles' engines or the Active Denial System used as a heat-ray to disperse crowds.
At the same time, defenses against EMPs are being deployed, such as Faradays cages--which are enclosures of conducting material often in a mesh pattern that protects electrical equipment from getting fried.
What is important to note though is that EMPs are not just battlefield weapons--they can take out our everyday electrical and cyber systems.
A Congressional Research Service (CRS) Report to Congress (21 July 2008) called High Altitude Electromagnetic Pulse (HEMP) and High Power Microwave (HPM) Devices: Threat Assessments states "Several nations, including sponsors of terrorism, may currently have a capability to use EMP as a weapon for cyber warfare or cyber terrorism to disrupt communications and other parts of the U.S. critical infrastructure."
The EMP Commission reported that EMP "creates the possibility of long-term, catastrophic consequences for national security."
One of the major concerns is the "cascading effects" that a loss of electrical infrastructure would cause in terms of people being unable to obtain basic life necessities and thereby resulting in that "many people may ultimately die."
The report finds EMP weapons to be an "attractive asymmetric option" for our adversaries, and that analysts find that "it could possibly take years for the United States to recover fully from the resulting widespread damage."
Therefore, it is critical that we increase our cyber security capabilities not only in terms of fighting conventional malware attacks from within the cyber realm, but we must be thinking in ernest about energy weapons directed at us from without.
We must continue to harden our defenses, invest in new technologies and countermeasures to thwart the enemy, develop punishing offensive capabilities, as well as prepare for the possibility of a strike against our homeland.
Although called "human-safe" (and aside from the traditional weapons of mass destruction), EMPs may be actually one of the most devastating weapons of all to a society dependent of technology.
(Source Photo: here)
EMP Cybergeddon
June 19, 2011
Crashing The Internet--Are We Prepared?
Almost week after week, I read and hear about the dangers of cyber attacks and whether "the big one" is coming.
Just last week, the Federal Times (13 June 2011) wrote that the "U.S. government computer networks are attacked about 1.8 billion times per month."
Crashing The Internet--Are We Prepared?
September 26, 2010
Now The Computer War Games Are Real
The Iranian nuclear program hit has been claimed for civil nuclear power but has long been suspected of being a cover for making weapons, and Iran has been unabashedly vocal about its hostile intent to many nations, even going so far as to openly threaten some, especially Israel, with complete “annihilation.”
The technical aspects of Stuxnet as a weapon are fascinating, for this is the first computer program “specifically created to take over industrial control systems.” Another article in U.K.’s The Guardian quotes another source as saying it is “one of the most refined pieces of malware ever discovered.”
This worm works by exploiting Windows operating systems security holes and taking over critical infrastructure SCADA systems (AKA Supervisory Control And Data Acquisitions systems or industrial control systems).
What is maybe even more amazing than the technical feat of Stuxnet, is that for months or years, everyone has been focused on and hypothesizing about when a traditional military strike was going to occur to the ever menacing Iranian nuclear threat. However, instead of conventional planes and bombs making a big bang (remember “shock and awe”), we get a silent but “very sophisticated” cyber worm that no one seems to have expected.
So times have certainly changed and with it warfare. Prior military engagements occurred on land, sea, and air with kinetic “bang/boom” weapons. Today they have a new domain in cyberspace with bits and bytes that are just as impactful. But I think what hasn’t really hit home with most people is that cyber war is not just virtual, like playing a video game (like the SIMS) or acting out in virtual reality (like Second Life); cyberwarfare starts online but has real physical ramifications as we see with the Stuxnet worm. Industrial systems like nuclear plants or hosts of other critical infrastructure (in manufacturing, energy, telecommunications, etc.) can be taken out with cyber bombs just like with real bombs maybe even better, faster, cheaper, and cleaner (less collateral damage).
We had all better be prepared for the fight in this new realm as the potential damage is as real as any we have ever seen before.
Now The Computer War Games Are Real
September 29, 2009
Turning the Tables on Terrorists
Rep. Roscoe Bartlett (R-Md) said that an Electromagnetic Pulse (EMP)—“it would bring down the whole [electrical] grid and cost between $1 trillion to $2 trillion” to repair with full recovery taking up to 10 years!
“It sounds like a science-fiction disaster: A nuclear weapon is detonated miles above the Earth’s atmosphere and knocks out power from New York City to Chicago for weeks, maybe months. Experts and lawmakers are increasing warning that terrorists or enemy nation state could wage that exact type of attack, idling electricity grids and disrupting everything from communications networks to military defenses…such an attack would halt banking, transportation, food, water, and emergency services and might result in the defeat of our military forces.” (Federal Times—September 21, 2009)
The Federal Energy Regulatory Commission (FERC) says “the U.S. is ill-prepared to prevent or recover from an EMP”—they are asking Congress for authority to require power companies to take protective steps to build metal shields around sensitive computer equipment.
It is imperative for us to protect our critical infrastructure so that we are not vulnerable to the devastating effects of a potential EMP blast. We must think beyond simple guns and bullets and realize that our technological progress is on one hand a great advantage to our society, but on the other hand, can be a huge liability if our technical nerve centers are “taken out”. Our technology is a great strategic advantage for us, but also it is our soft underbelly, and whether, we are surprised by an EMP or some hard-hitting cyber warfare, we are back to the stone age and it will hurt.
It also occurs to me that the same tools terrorists use against others can also be used against them.
Turning the Tables on Terrorists
June 27, 2009
Now We All Have Skin In The Game
It used to be that cybersecurity was something we talked about, but took for granted. Now, we’re seeing so many articles and warnings these days about cybersecurity. I think this is more than just hype. We are at a precipice, where cyberspace is essential to each and every one of us.
Here are some recent examples of major reviews in this area:
- The White House released its 60-days Cyberspace Policy Review on May 29, conducted under the auspices of Melissa Hathaway, the Cybersecurity Chief at the National Security Council; and the reports states: “Cybersecurity risks pose some of the most serious economic and national security challenges of the 21st century…the nation’s approach to cybersecurity over the past 15 years has failed to keep pace with the threat."
- The Center for Strategic and International Studies’ Commission on Cybersecurity for the 44th President wrote in a December 2008 report: “America’s failure to protect cyberspace is one of the most urgent national security problems facing the new administration…It is a battle we are losing.”
Cyberspace is becoming a more dangerous place as the attacks against it are growing. Federal Computer Week, June 2009, summarized the threat this way:
“Nation states are stealing terabytes of sensitive military data, including some of the most advanced technology. Cybercrime groups are taking hundreds of millions of dollars from bank accounts and using some of that money to buy weapons that target U.S. soldiers. The attacks are gaining in sophistication and the U.S. defenses are not keeping up.”
Reviewing the possibilities as to why this is happening: Have we dropped our guard or diverted resources or knowhow away from cybersecurity in a tight budgetary environment and now have to course correct? Or, have our adversaries become more threatening and more dangerous to us?
I believe that the answer is neither. While our enemies continue to gain in sophistication, they have always been tenacious against us and our determination has never wavered to overcome those who would threaten our freedoms and nation. So what has happened?
In my view the shift has to do with our realization that technology and cyberspace have become more and more vital to us and underpins everything we do--so that we would be devastated by any serious disruption. As the Cyberspace Policy Review states definitively: “The globally-interconnected digital information and communications infrastructure known as “cyberspace” underpins almost every facet of modern society and provides critical support for the U.S economy, civil infrastructure, public safety, and national security.”
We rely on cyberspace in every facet of our lives, and quite honestly, most would be lost without the connectivity, communications, commerce, productivity, and pleasure we derive from it each and every day.
The result is that we now have some serious “skin in the game”. We have something to lose--things that we deeply care about. Thus, we fear for our safety and survival should something bad happen. We think consciously or subconsciously how would we survive without the technology, Internet, and global communications that we have come to depend upon.
Let’s think for a second:
What if cyberspace was taken down or otherwise manipulated or controlled by hostile nation states, terrorists, or criminals?
Would there be a breakdown in our ability to communicate, share information, and learn? Would there be interruptions to daily life activities, disruptions to commerce, finance, medicine and so forth, concerns about physical safety or “accidents”, risks to critical infrastructure, and jeopardy to our ability to effectively protect ourselves and country?
The point here is not to scare, but to awaken to the new realities of cyberspace and technology dependence.
Safeguarding cyberspace isn’t a virtual reality game. Cyberspace has physical reality and implications for all of us if we don’t protect it. Cyberspace if a critical national asset, and we had better start treating it as such if we don’t want our fear to materialize.
Now We All Have Skin In The Game
March 29, 2009
Kudos to the Bean Counters
When we think creatively and “out of the box”, we break the mental bounds that constrain our ability to go beyond what we know today and build capabilities that were unimaginable just the day before.
Yet, innovation is not like creation. G-d creates something from nothing. Man builds on the ideas of those who came before us—this is incrementalism.
And doing so, we are able to go beyond our own individual human limitations.
Incrementalism is a force multiplier. It is like layering one new thought, one change, one innovation on top on another and another. With each incremental development, we as a society are able to go beyond those who came before us.
Of course, some innovations are more evolutionary and some more incredibly revolutionary, but for all there are influences that underpin their development and they are there even if we cannot readily see them.
In short though, we are constantly changing as a society and as individuals—for better or possibly, for worse.
In the introduction to the novel, The Prey, by Michael Crichton, the author talks about the how everything—“every living plant, insect, and animal species”--is constantly evolving and warns of the complexity, uncertainty, and possible dire consequences if we do not manage change responsibly.
““The notion that the world around us is continuously evolving is a platitude; we rarely grasp its full implications…The total system we call the biosphere is so complicated that we cannot know in advance the consequences of anything that we do.”
I think the point is that even if we can envision or test the consequences of innovation one, two, three or however many steps forward, we cannot know the limitless possible downstream effects of a change that we initiate.
Crichton states: Unfortunately, our species has demonstrated a striking lack of caution in the past. It is hard to imagine that we will behave differently in the future.”
We don’t have to look too far to see how we have irresponsibly used many innovations in our times, whether they be complex and risky investment instruments that have led to the current financial crisis, medical products that have had serious unintended side effects resulting in serious injury and fatalities, and of course our endless thirst for and usage of fossil fuels and the general disregard for our planet and the negative effects on our environment such as global warming and pollution to name just a couple.
Crichton warns that “sometime in the twenty-first century, our self-deluded recklessness will collide with our growing technological power.”
The warning is particularly apropos in light of the ever increasing rate of change enabled by and manifested in various technologies such as biotechnology, nanotechnology, nuclear technology and information technology.
With each new advance in our technological prowess come risks of these new tools getting away from us and causing harm. For example, nuclear technologies have provided weapons of mass destruction that we struggle to contain; biotechnology has stirred concerns in terms of cloning, mutations, and deadly pathogens; nanotechnology stirs fears of toxic microscopic organisms that can easily get into our bodies, and IT viruses and cyber warfare that threaten our world of bits and bytes as we have come to know and rely for just about every daily activity we are involved in.
The point is not for us to be scared into mental stasis and inaction, but to be cognizant of the potential for serious side effects of changes and to take appropriate safeguards to mitigate those.
Innovation is exciting but it can also be seriously scary. Therefore, we need to be brave and bold in our thinking and actions, but at the same time we need to be cautious and act responsibly.
What this means in real life is that when new ideas are introduced, we need to evaluate them carefully so that we understand the range of benefits and risks they pose.
While it is not very sexy to be the voice of caution, great leaders know how to encourage new thinking while reining in potentially dangerous consequences.
Kudos to the Bean Counters
March 1, 2009
Cybots to the Rescue
In the Star Trek series Voyager, the (cyb)Borg wants to assimilate everyone (literally every species and they are given numbers to keep track of them) throughout the galaxies into their collective. They are an existential threat to humankind. And it makes for some great science fiction entertainment.
In real life though, the cybots are coming not to harm, but to help people.
Government Computer News, 23 February 2009, reports that Oak Ridge National Lab is working on developing cybots (software robots) to defend us in cyberspace.
Cybots are “intelligent enough to cooperate with one another to monitor and defend the largest networks.”
What makes cybots more effective than the software and hardware security we have today?
“Instead of independent devices doing a single task and reporting to a central console, the cybots would collaborate to accomplish their missions.”
The end state is a virtual cybot army deployed so those seeking to do us harm in cyber-warfare will themselves be the ones for whom “resistance is futile”.
Could cybots end up like the the Cylones in Battlestar Galactica or the machines in Terminator that turn on humans?
The Cybots have a programmed mission such as “network monitoring and discovery, intrusion detection, and data management.” So the hope is that they stay true to those things.
However, to me it seems completely plausible that just as cybots can be developed for defensive capabilities, they can also be programmed for offensive cyber warfare. And if they can be used offensively, then we can end up on the wrong side of the cybots someday.
Where does this leave us?
It seems like cyberspace is about to get a whole lot more complicated and dangerous—with not only human cyber-criminals and –warriors, but also cyber robots that can potentially wreak Internet havoc.
In terms of planning for future IT security, we need to stay technologically on the cutting edge so that we stay ahead of our adversaries as well as in constant control of the new defensive and offensive cyber-weapons that we are developing.
Cybots to the Rescue
May 2, 2008
Cyber Warfare and Enterprise Architecture
Security is a cross-cutting perspective in Enterprise Architecture, but I treat it as its own EA perspective because of its importance. And this is especially true in a law enforcement and defense readiness organization.
While security in EA is generally of a defensive nature, we must remember that as a nation, we must be ready to not only defend ourselves, but also to launch offensive operations and take out the enemy.
According to Military Information Technology Magazine, 9 April 2008, in an interview with Major General William T. Lord, the Department of Defense is standing up a new Cyberspace Command in the U.S. Air Force.
Why do we need this new Cyberspace Command?
There are many threats to us that emanate from cyberspace that include:
- Cyber-criminals—looking to steal your identity or your money
- Cyber-terrorists—“wants to disrupt, dissuade, or deter us from doing something
- Nation States—“some of which are out to interrupt U.S. interests anywhere in the world.”
Cyberspace is a dangerous place, especially if you’re DoD; they “get about 3 million attempted penetrations” a day!
This is why defense in depth is so important, so that if an enemy manages to get through the perimeter of our network security, we can still stop them at the second or third tiers of our defensive capabilities.
In terms of offensive capabilities, sometimes you have to take the battle to the enemy. At times, it is necessary to “disrupt an enemy prior to the conduct of kinetic combat operations, [so] that the enemy could not figure out what its command and control system was, had false data, could not see an attacking force, and was making decisions based on information systems that been manipulated in advance of combat operations.”
To architect the defensive and offensive cyberspace capabilities necessary to combat our enemies, it is imperative to continuously build information sharing and partnership between the parties involved, such as the Departments of Defense, Homeland Security, Justice and the Director of National Intelligence. This is a core tenet of user-centric EA.
Just as we invest in the latest and greatest kinetic weapons to defeat our enemies, we must also invest in non-kinetic weapons including “our electronic warfare, space systems, and cyber-systems. As Major General Lord, stated: “it’s not always about destroying things, but about changing behavior, so that an enemy concludes that the costs of whatever they had in mind is too great and will stop. [Then again,] sometimes you have to be able to whack somebody in the nose.”
Cyber Warfare and Enterprise Architecture