8/6/2019 CyberWarfare And You - 3 parts

1/5

June8,2011

Cyberwarfare:TheComingBattles

Inthenextthreeweeks,thispaperwillbetakingyouonatourofthenewestformofwarfare,the

bloodybattlesalreadybeingfought,themindshreddingcomplexities,thethreatsevenminorenemies

canimpose,theplanstodefendournationandalliesand,neverleast,whattheyouthofthecountry

needtogearupfor.So,letsstartwithasimplequestion:Howseriousisthisnewformofwarfare?

ThereisavasthydroelectricplantatShushenskayainSiberia.1Size?Abouttwicethesizeofthe

Hooverdam.Insidetheturbineroom,wherethousandsoftonsofwaterspeedthroughhugedynamos

generatingelectricity,thereare10turbinesproducingelectricity.Anaccidentoccurred.Well,itwas

initiallycalledanaccidenttoallowtheRussianequivalentoftheFBItotryandfindthecyberattacker.

Whatthecomputerhackerdid,wastoallowthefullpressureofwatertooverspeedanoutofservice

turbineandthenreversedtheelectricity.Thestrainonthewildlyspinningrotorprovedtoomuchandit

explodedlikeawaterhammer,destroyingthedamsgeneratorroomandkilling74people.Oh,and40

tonsoftransformeroilwerespilledintotheYeniseiRiverkilling25%ofthetroutfisheries,about400

tonsoffish(sofar).

Threesimplecommandsfromahackersittingfarawaydestroyed12%ofRussiasconventional

electricsupply,killedskilledworkers,andcausedmassiveenvironmentalandfinancialdamage.Howbad

wasthisattackcomparedtootherevents?ThemonetaryeffectonRussiaseconomywassimilartothe

Japanesenuclearreactormeltdown.Inotherwords,devastating.

Sofar,nooneissurewhocausedtheattack.AEuropeancybersecurityexpertexaminedthecode

usedintheattackandsaysthewormwaswrittenbyalargeteamwithvaryinglevelsofexpertise.The

expertpointedouttherewerepeopleonthatteamwhowerecomputercodeexpertsaswellaspeople

whounderstoodthefunctioningofcentrifuges(turbines).AsimilarcyberattackwaslaunchedbyIsrael

againstIransnuclearmaterialsprocessingplantlastyearthatwasheraldedasthemosteffective

weaponemployedbyIsraeltodate(againstthreatstothecountry).

Whatisworryingisthatthelevelsofexpertiseneededtolaunchsuchattacksarereadilyavailable,

eveninsmallcountries,criminalorganizationsordissidentgroups.TherearetheHongKongBlondswho

callthemselvescybersamurai,ororganizedcriminalgroupsconductingcybertheft,andshadowyteams

1http://www.youtube.com/watch?v=mmOOZJ7mdqY orhttp://www.youtube.com/watch?v=luSgoEjw7CM

andhttp://www.bigpicture.in/thesayanoshushenskayadamaccident/

http://www.youtube.com/watch?v=mmOOZJ7mdqYhttp://www.youtube.com/watch?v=luSgoEjw7CMhttp://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.bigpicture.in/the-sayano-shushenskaya-dam-accident/http://www.youtube.com/watch?v=luSgoEjw7CMhttp://www.youtube.com/watch?v=mmOOZJ7mdqY

8/6/2019 CyberWarfare And You - 3 parts

2/5

ofanarchistswithinChinaandRussiatheCIAhascalledcybermilitias.Toquotealeadingmilitaryjournal

here,massivedamagecanbeinflictedontheUSthroughthecybersphereandthereisnowayto

stopit.2

AndtheShushenskayaplantaccident?Turnsoutitrevealedanotherangletoworryabout:

cyberfratricide.Aplantworkeraccidentallyorinangersenttheerrantcodefromhome.European

expertsareskeptical.ButtheabilitytoturnthatkindofmistakeintoaweaponhasthePentagon

quakinginfear(andatthesametimeusingthesamemeansasaweapon).TheIsraelisdidexactlythat

when,in2007,theyshutdownSyriasairspaceandairdefensetobombaN.Koreandesignednuclear

labthere.

TheproblemfacingUScyberwarriorsandplannersisthis:USlawsdonotpermitpreemptivestrikes

againstpossibleenemiesandsometimesyouonlyhavefractionsofasecondtostopsuchattacksby

employingdeadlypreemptivemeasures.Nextweek,welllookatwhatournationisdoingtoensure

yoursafety.Andwhattheywishtheycoulddo.

end

Cyberwarfare:AirForcetotheRescue?

The24thAirForcedivisionisresponsibleforconductingUSdefensecyberoperations.Lt.Gen.

MichaelBasla,vicecommanderoftheAirForceSpaceCommand,wecantdefendthewholenetwork

justlikewecantdefendalltheairdomain.Insteadwedefendtheportionweneedtooperatein.Weve

doneitalreadytoassure[supportfor]Predator[inAfghanistanandIraq]andspacelaunchoperations.

Buthesworriedaboutthemultiplenetworksandsystemsemployedbythemilitary,evenseparate

oneswithintheAirForce.HethenwentontoexplaintheneedtointegrateallUSbasedcyberdefense,

Wemustreducecomplexityandimproveprocessesbyhomogenizingthesenetworks.Now,ifthat

doesntringalarmbells,nothingshould.Duringthecrisison9/11thepolice,FBIandfirefighterscould

noteventalktoeachother,letalonetheFBI,CIA,NSA,Mil.Intel,etc.,etc.AsYogiBerrawouldsay,Its

djvualloveragain.

Meantime,Americandefenseisnotonlymilitary.ThereisalargecompanycalledLockheedMartin

thathasa24/7mannedcyberdefenseoperationstaffedbysome400employeestrackingand

monitoringinternetandcybertraffic.Ifyoucan,imaginetheNASAmissioncontrolcenter,doubleitand

addacoupleofhundredmonitors,workstationsanddedicatednerdsfightingoffattackseverysingle

2AvWeekMay23,2011DigitalDeluge

8/6/2019 CyberWarfare And You - 3 parts

3/5

day.LockheedMartinsellstimeontheirsystemtocorporations,banks,USgovernmentagencies.They

are,afterall,adefensecontractor.Theymonitor145,0000computersdailyand700millionemailsa

month,ofwhichonly300millionmakeitpastfiltersandneedtobeanalyzedbeforeemployeescan

openthem.

TheirsystemreliesonintelligenceanalysisaccordingtoLt.Gen(Ret.)CharlesCroomtheirVPfor

securitysolutions,Youseeapatternandbegintopredictattacks.Hesaysyouhavetounderstand

bothattackersandemployeesinordertopredictwhattheywilldonext.Andthereare7steps3tothe

cyberkillchain:reconnaissance,weaponization,delivery,exploitation,installation,commandand

control,andactionsonobjectives.Ifyoucatchthemearlyon,youcanneutralizethem,everythingfrom

thekidwhostryingtomakeanamebybreakingintoamajorbusinesscomputerdatabasetothe

professionalcybergangswantingtosteal,totheenemyintentondestroyingyou.

HowsureisLockheedMartinoftheirabilitytothwartallattacksinthefuture?Notveryasthey

admittheyarespending20%ofallrevenueonresearchanddevelopmentmodeledafterSiliconValley

thinktankmethods.Whattheyreallyneedtodoisbuildautomation,nothumaneyesgluedtoascreen

hopingtospotanattackbeforeitistoolate.Andthepeopletheyneedtorelyonfordevelopmentare

all,shallwesay,mavericks.AttheNextGenCenterLockheedsharessuchR&DwithCisco,Intel,Juniper

NetworksandSymantec.AndthenerdsthinkingandplanningareallowediPads,iPhonesandtheir

preciousMacs,definitelynotmainframeaccess.

MeanwhileCongressisboggeddown,thinkingwerestillinthe20thCentury,refusingtoallowsuch

cyberdefenseoperationstocounterattackinpreemptivewaystopreventanattackbeforeitistoolate.

ThinkaboutCrooms7steps(above),ifyoucanstopanintruderatreconnaissancebeforeheadvances

toweaponization,youaremorelikelytostopanattack.Ifyouseesomeonesnoopingaroundyour

house,insideyouryard,callthecops.Withcyberwarfare,callingthecops(whocannottalktoeach

otheranyway)wouldbetoolate.Perhapsitisbettertoshoottokill(atleastelectronically).

end

Cyberwarfare:WhoAreTomorrowsWarriors?4

SchoolsarewrongaccordingtoLynnDugle,presidentofRaytheonIntelligenceandInformation

SystemsWearelookingfortalentinallthewrongplaces.Andtheorganizations,agencies,and

3 http://www.militaryinformationtechnology.com/mithome/288mit2010volume14issue10

november/3693cybersituationalawareness.html4AvWeek,May23,2011

http://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.htmlhttp://www.military-information-technology.com/mit-home/288-mit-2010-volume-14-issue-10-november/3693-cyber-situational-awareness.html

8/6/2019 CyberWarfare And You - 3 parts

4/5

8/6/2019 CyberWarfare And You - 3 parts

5/5

withthem.Itdoesnottakeapoorpilotatthemechanicalcontrolsofaplanetobringanation

momentarilytoitsknees.Thereisthenewcyberenemywarrior orterroristwemustsafeguardagainst.

Congressneedstobepartofthesolutionorgettheheckoutoftheway.Ifthereisaprobeintoa

computer,thecomputerandcyberwarriorsshouldbeallowedtofrightenthemofforcounterattack

beforeitistoolate.Passiveresistanceisnoteffectiveinthecyberrealm.