Last week, The New York Times revealed that the Obama administration had prepared a cyberattack plan to be carried out against Iran in the event diplomatic negotiations failed to limit that country’s nuclear weapons development.
The plan, code-named Nitro-Zeus, was said to be capable of disabling Iran’s air defenses, communications system and parts of its electrical grid. An option was also included, to introduce a computer worm into the Iranian uranium enrichment facility at Fordow, to disrupt the creation of nuclear weapons. In anticipation of the need, U.S. Cyber Command placed hidden computer code in Iranian computer networks. According to The New York Times, President Obama saw Nitro Zeus as an option for confronting Iran that was “short of a full-scale war.”
The report, if true (unconfirmed), reflects a growing trend in the use of computers and networks to conduct military activity.
The United States is of course, not the only practitioner of this digital methodology. One notable example from recent history involves the apparent Russian assault on the transportation and electrical grid in Ukraine. That attack, which appended late in 2015, was a “first of its kind” cyber-assault that severely disrupted Ukraine’s power system, affecting many innocent Ukrainian civilians. It bears noting that vulnerabilities in Ukraine’s power system is not unique – they exist in power grids across the globe, including the U.S. and other major industrial countries.
The vulnerabilities of digital networks are, in many ways, an inevitable consequence of how the Internet was built. As then-Deputy Secretary of Defense William Lynn put it in a 2011 speech announcing our military strategy for operating in cyberspace: “The Internet was designed to be open, transparent and interoperable. Security and identity management were secondary objectives in system design. This lower emphasis on security … gives attackers a built-in advantage.”
Among these factors, two in particular contribute to the growing sense of unease.
One is the problem of anonymity. Those who seed to do harm can easily do so at a distance, cloaked in the veil of anonymity behind false or shielded identities in the vastness of the web. With no built-in identity verification, pretending to be someone else is as easy as getting a new email address or registering a pseudonymous Facebook account.
Unmasking attackers is possible, but requires a significant investment of time and resources. It also often requires the “good guys” to use “bad guy” techniques to track the wrongdoers, because they need to hack the hackers to find out who they are. It took a Canadian company, using hacker techniques, more than a year to find out who hacked the Dalai Lama’s official computers – it was the Chinese.
In effect, this anonymity prevents targets from retaliating against attackers. Though most observers think Russia is behind the Ukrainian assault, there is no truly conclusive proof. It is very difficult to deter an unknown attacker. In addition, international coordination to respond to attacks that threaten global stability can be stymied without solid proof of the source of an assault.
A new definition of war
Second, and perhaps more significant, the online world changes the boundaries of war. President Obama seems to think that cyberattacks are less than full-scale war (or so the Times reports). Is that realistic? Consider the following hypotheticals – all of which are reasonably plausible.
An adversary of the United States (known or unknown):
- Disrupts the stock exchanges for two days, preventing any trading;
- Uses a digital attack to take offline a radar system intended to provide early warning of an aerial attack on America;
- Steals the plans to the F-35 fighter;
- Disrupts the Pentagon’s communication system;
- Introduces a latent piece of malware (a piece of malicious software that can be activated at a later date, sometimes called a “logic bomb”) into a radar station that can disable the station when triggered, but doesn’t trigger it just yet;
- Makes a nuclear centrifuge run poorly in a nuclear production plant, eventually causing physical damage to the centrifuge; or
- Implants a worm that slowly corrupts and degrades data on which certain military applications rely (such as GPS location data).
Some acts, like stealing plans for a new jet fighter, won’t be considered an act of war. Others, like disrupting our military command and control systems, looks just like what has been thought of as an act of war.
But what about the middle ground? Is leaving a logic bomb behind in a radar station like espionage, or is it similar to planting a mine in another country’s harbor as a preparation for war? What about the computer code Nitro Zeus allegedly placed in the Iranian electric grid? And what if that code is still there?
Those who want both ubiquity and security are asking to have their cake and eat it, too. So long as this Internet is “The Internet,” vulnerability is here to stay. It can be managed, but it can’t be eliminated. And that means that those who bear responsibility for defending the network have a persistent challenge of great complexity.
Read Article (Paul Rosenzweig | theconversation.com | 02/24/2016)
The online world ‘does’ change the boundaries of war, at least to date, there hasn’t been the loss of life. That’s realistic and why the president understands that cyberattacks are less than full-scale war, like most of us.
Also, today Nitro Zeus is not an option (whether it existed or not), otherwise we would not be reading about it.
Master Level High-Tech Webinars