19 July 2014

The Pentagon’s Cyberwarfare Dictionary Reveals Hack Lingo, Tactics

Military figuring out how to talk about—and conduct—network attacks 

Every profession has its own language. And when there’s a language, there must be a dictionary.

So with the U.S. military aggressively embracing cyberwarfare—whatever that means—why shouldn’t the Pentagon also create its own cyberwarfare dictionary? The Website Public Intelligence, which likes to unveil hidden documents, has posted U.S. Strategic Command’s Cyber Warfare Lexicon.

Published in 2009, the Lexicon seems to reflect a U.S. military struggling to define precisely how cyberweapons differ from traditional weapons.

Indeed, the Lexicon borrows much of the language of kinetic—that is, physical—weapons, such as “direct” and “indirect effects” when cyberweapons hit their target … and “duds” and “misfires” when they don’t.

To illustrate the difference between conventional and virtual arms, theLexicon compares a Mark 84 unguided bomb to a cyberweapon. The bomb will detonate with a predictable explosive force regardless of whether it explodes in the jungle or desert.

But when a cyberweapon deploys in an unsuitable environment—the wrong network, data link or computer operating system—then “the weapon is unlikely to ‘detonate,’ or if it does, it will not generate the desired effect,” the Lexicon notes. “Even worse, there may be consequences, such as the weapon revealing itself to the adversary.”

Interestingly, the Cyber Warfare Lexicon includes some examples of targeting orders for cyberweapons.

• Degrade throughput on all channels of a microwave communications tower at specified GPS address by 75 percent beginning at 0630 for three hours.

• Disrupt Internet service at a named cybercafe from 2130 until 2145 for the next three days.

• Destroy the 80-gigabyte hard drive at IP address 207.10.132.15 tonight after 2300, but before 0430.

It’s not that the language is so different than what we use for other military systems. You just have to remind yourself that these weapons aren’t bombs or bullets, but bits and bytes of computer code.

More revealing than the Lexicon’s definitions is a series of surprisingly thoughtful essays on the nature of cyberwarfare. They depict cyberweapons as more finicky than their physical counterparts because of “cyberspace atmospherics.”

Where unguided bombs mainly are affected by a few basic factors such as gravity and wind, cyberweapons transmit wirelessly—and are subject to all the atmospheric phenomena that interfere with radio signals.

An army can also fire X number of grenades or cruise missiles. When the supply runs out, so does the firing. Thus cyberweapons would seem to have an advantage since you can’t run out of virtual bullets.

Not so, the Lexicon warns. “Ironically, our essentially unlimited ability to re-fire cyber weapons is of little value since, if we fired it once and did not achieve the intended effect, firing it one thousand more times generally will not increase our odds of success.”

In other words, a cyberweapon tailored for Windows probably won’t harm a Mac, no matter how many times you try.

Cyberwarfare is by nature a sneaky form of combat, and the Cyber Warfare Lexicon makes no apologies for the fact. “The crowded nature of cyberspace and the proliferation of anonymizing technologies can work to both our advantage and disadvantage, in that attribution can be very difficult for both our adversaries and ourselves.

“Suspicion, which can be based on circumstances and emotions, is not

the same thing as attribution, which requires evidence,” the Lexicon notes.

Translation—if you think we crashed your network, go ahead and try proving it.

You can follow Michael Peck on Twitter at @Mipeck1 or on Facebook. Medium has an app! Sign up for a daily War is Boring email update here. Subscribe to WIB’s RSS feed here and follow the main page here.

No comments: