How far could cyber war go?

How far could cyber war go?
How far could cyber war go?

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By M. E. Kabay
Security Strategies Newsletter  
Network World

Regular readers may know that I have a longstanding interest in 
information warfare. I was reviewing materials that might be useful in a 
new elective graduate course for the Norwich University MSIA program 
that my friend and colleague Peter Stephenson is planning for us and ran 
across a couple of interesting articles that are available on the Web 
for anyone to read. I=E2=80=99ll review the first in this column and the second 
in the next.

In _NATO Review_ for Winter 2001/2002, Timothy Shimeall (at that time a 
senior analyst with the Computer Emergency Response Team - CERT - 
Analysis Center), Phil Williams (a former NATO Fellow and a professor at 
the University of Pittsburgh) and Casey Dunleavy (former intelligence 
analyst and director of the CERT Analysis Center) argued [1] that 
=E2=80=9Cdefence planning has to incorporate the virtual world to limit physical 
damage in the real.=E2=80=9D

The authors dismiss Web vandalism as =E2=80=9Ca form of harassment or graffiti 
and not as cyber war _per se_.=E2=80=9D They distinguish among three major 
levels of cyber war: =E2=80=9Ccyber war as an adjunct to military operations; 
limited cyber war; and unrestricted cyber war.=E2=80=9D

The first category focuses on =E2=80=9Cachieving information superiority or 
information dominance in the battle space.=E2=80=9D I would put it this way: 
This form of cyber war involves physical or cyber attacks directed at 
military cyber targets and is intended to interfere with C4I [2] 
(command, control, communications, computing and intelligence).

Limited cyber war focuses cyberattack tools on cybernetic targets with 
few real-world modalities but with real-world consequences. Vectors for 
attacks could include networks, malware, denial-of-service techniques, 
and data distortions useful in psychological operations, economic 
warfare and other forms of aggression.

=E2=80=9CUnrestricted cyber war=E2=80=9D is, in the view of the three authors, =E2=80=9CMore 
serious, and perhaps more likely, than limited cyber war.=E2=80=9D This form of 
information-based warfare makes =E2=80=9Cno distinctions between military and 
civilian targets=E2=80=9D and may have distinct physical repercussions =E2=80=9Cfrom 
attacks deliberately intended to create mayhem and destruction.=E2=80=9D

Targets could include any part of the critical infrastructure: =E2=80=9Cenergy, 
transportation, finance, water, communications, emergency services and 
the information infrastructure itself.=E2=80=9D Such attacks could easily result 
in physical harm and even death to members of the civilian population. 
For example, the authors suggest, a denial-of-service attack on, say the 
electrical power grid could cause massive disruption and danger and also 
potentially lead to destabilization of civil order as the population 
lost confidence in government structures.

The authors make the following recommendations (with much detail that I 
am not presenting):

1. Improve =E2=80=9Canticipation and assessment=E2=80=9D;
2. Improve =E2=80=9Cpreventive or deterrent measures=E2=80=9D;
3. Improve =E2=80=9Cdefensive measures=E2=80=9D;
4. Improve =E2=80=9Cmeasures for damage mitigation and reconstitution.=E2=80=9D

In light of this perspective, security and network administrators and 
all who are responsible for ensuring corporate and national information 
assurance (IA) must realize that our work is far more significant than 
simply protecting our own local assets for the benefit of our own 
stakeholders; we are engaged in nothing less than a critical component 
of national security.

I think that this excellent article [1] by some very intelligent and 
highly qualified experts will be useful in educating senior management 
about the importance of IA. I hope you enjoy reading it.


M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information 
Assurance and CTO of the School of Graduate Studies at Norwich 
University in Northfield, Vt.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. 

Site design & layout copyright © 1986-2015 CodeGods