Parallels between ‘Cyberwarfare,’ conventional war and the Cold War

October 9th, 2010

The Air Force on Oct. 1, 2010 announced that its cyberwarfare unit is now fully operational. That follows the Stuxnet worm’s July origination, targeting infrastructure plants in Iran. Yet the debate about whether cyberwarfare is more hype that reality continues. In this LastWatchDog guest post, Adam Vincent, CTO of Layer 7 Technologies, weighs in with his observations.

By Adam Vincent

Howard Schmidt, the Whitehouse Cyber Czar, has spoken out about the term “cyberwar,” saying we are not and never have been at cyberwar.

With all due respect, he’s dead wrong.

The “War on Terror” and the ground wars we are fighting on foreign soil have evolved; they now include the cyber universe, whether we like it or not. Our enemies are using cyber weapons intensively. We must acknowledge this, and take appropriate steps to defend ourselves.

Our aircraft, our ships and our land-based assets are all vulnerable to Internet-enabled attacks. Likewise, our computer systems and critical infrastructure have become high-profile targets to politically-motivated attackers.

The Pentagon recently disclosed details about a 2008 cyber attack that U.S. Deputy Secretary of Defense William J. Lynn III described as the most significant breach of U.S. military computers ever. This should serve as an important wake-up call to our government that our country is engaged in ongoing skirmishes on a virtual battlefield.

Cyberwarfare shares a number of attributes with conventional warfare. For instance, many countries have already begun strategically developing and deploying forces. Nations such as North Korea and China have established cyber commands and schools specifically designed to train cyber-warriors, and the U.S. government is actively recruiting its own cadre of cyber experts.

Chinese and Russian cyber forces allegedly penetrated the U.S. electric grid in April 2009, leaving behind sleeper software programs that could be used to disrupt the electric grid in the future.

Cyberwar also shares many of the same characteristics as the Cold War, including an emphasis on espionage. Today, espionage isn’t conducted by thin men in trench coats—it’s increasingly carried out by computer programs and botnets. Take for instance the discovery of “Kneber bot,” in which 75,000 computer systems and nearly 2,500 companies were reported to have been hacked and had information stolen by a group operating out of Eastern Europe.

This attack, thought to be one of the largest cyber attacks in history, began in 2008 and operated undetected till January of 2010. Consider also the attack in April 2010 on the Tibetan government, in which dozens of high-level government networks, embassies, international organizations and other entities were penetrated by attackers who stole confidential and sensitive documents.

Despite their similarities, the biggest difference between cyberwarfare and conventional warfare is a low barrier to entry. Cyber weapons are low-cost and do not require significant infrastructure, financing or physical space for development and assembly. A computer and an Internet connection are all a cyber-weapons developer or cyber-arms dealer need to deliver a potentially devastating attack on a city or an entire country.

The low capital expenditure are what make cyberwar a truly terrifying prospect. In comparison to much-publicized nuclear weapons inspections, looking for a cyber weapon is like looking for a proverbial needle in a haystack.

The evidence that we are at cyberwar with multiple enemies is compelling. It’s time we do something about this threat. Our immediate steps should be to invest more time and energy into restructuring defense technology investment, shifting our emphasis from kinetic to cyber resources.

If we don’t act now, we will remain unprepared for the destructive capability of a well-orchestrated cyberwar, which could easily affect every aspect of our daily lives.

About the Author: Adam Vincent is the chief technology officer, public sector, for Layer 7 Technologies and is a trusted subject matter expert to the Department of Defense (DoD) and Intelligence Community (IC) in their goal of secure net-centric enablement. Read his blog at http://adamdvincent.blogspot.com/ and follow him on Twitter @AdamDVincent.