14 July 2015

The Reality of Cyberwar

By P.W. SINGER and AUGUST COLE 
July 09, 2015
This very same shift is underway in China. In 2011, the Communist Party-controlled China Youth Daily newspaper published an article by two scholars at the Chinese Academy of Military Sciences that summed up in direct terms how the Chinese military establishment viewed what had been going on in cyberspace, from the creation of the U.S. military’s Cyber Command to the revelation of Stuxnet, the damaging offensive cyber-weapon that the U.S. and Israel deployed against Iran’s nuclear program: “Of late, an Internet tornado has swept across the world...massively impacting and shocking the globe. Behind all this lies the shadow of America. Faced with this warm-up for an Internet war, every nation and military can't be passive but is making preparations to fight the Internet war.”

In real terms, this has translated into a buildup of the People’s Liberation Army’s (PLA) cyber capabilities at just as rapid a pace as the U.S. military’s during the same period. Spending on cyber warfare became a “top funding priority,” up a reported 20 percent in the last year alone, and a host of new units were created with the responsibility of “preparing attacks on enemy computer networks.”


While the Chinese military organization responsible for cyber operations is not as open about its structure as the U.S. military’s, many think it falls under the PLA General Staff Department’s Third Department. This entity, based in Beijing, is very similar to the U.S. National Security Agency, with a focus on signals intelligence and code-breaking, making it a natural fit for cyber activities, just as the NSA was for the U.S. cyber efforts. The Third Department has some 130,000 personnel assigned to it. A key part is the Beijing North Computer Center (also known as the General Staff Department 418th Research Institute or the PLA’s 61539 Unit), which some believe to be the Chinese equivalent to the Pentagon’s U.S. Cyber Command. It has at least ten subdivisions involved in “the design and development of computer network defense, attack, and exploitation systems.” There are at least an additional 12 training facilities located around the country, including a special unit located in Zhurihe that is permanently designated to serve as an “informationized Blue Team.” That is, the unit simulates how the U.S. military and its allies use cyberspace and provide targets for Chinese units to hone their skills on in wargames.

If there was a conflict to break out between the U.S. and China, these players will engage in operations far different than the jousting we have seen so far when their nations are not at war. We won’t just see the stealing information or revealing information, but the blocking of information or changing information. And, as such, we will see cyber operations shift from the field of espionage to having actual direct effects on the flow of battle. To make that parallel back to World War II, cyber operations offers the potential of not merely reading the enemy’s radio signals, but seizing control of the radio itself and crashing the plane it sits in.

For example, one of the key advantages of the U.S. military has been its global network of command and control, with the Global Positioning System being a key part of the architecture that allows forces to operate with incredible precision. Indeed, it is used not just by troops in the field to maneuver, but more than 100 American defense systems, from aircraft carriers to individual missiles, rely on GPS coordinates during operations. But that dependence points to a key aspect to target. How bad could it get? In 2010, a software glitch knocked 10,000 military GPS receivers offline for more than two weeks, meaning everything from trucks to the Navy’s X-47 prototype robotic fighter jet suddenly couldn’t determine their locations. Cyberwarfare would seek to make such a software error into a deliberate act, where the simple ability to block access would cause mass confusion and ineffective operations.

That sounds bad, but maybe worse is using access to a system, which is what hacking is all about, not to steal or block information, but to change it. As an illustration, a scene in Ghost Fleet was inspired by Israel’s real world Operation Orchard. In 2007, through a mix of cyber and electronic means, Israel was able to deceive Syrian air defenses into thinking that it was a regular night like any other, when in fact seven Israeli F-15s were flying overhead on their way to drop bombs on a suspected nuclear site.

But here again, it might be worse. Changing information might not just allow physical damage to happen through other means, but even directly cause it. Stuxnet was a wicked little piece of software code, allegedly created by U.S. and Israeli intelligence, that was used to sabotage Iranian nuclear research facilities. It did so by instructing the industrial control systems literally to damage themselves, all the while telling their human operators that everything was functioning well. Of note, both the recipe for Stuxnet is now in the wild, while the very same software it targets, SCADA, is used in everything from traffic lights to US navy warship engine rooms. One U.S. military wargame in which we participated saw an adversary send warships on what was jokingly called the “Carnival Cruise Line Experience,” knocking them out of the fight not with cruise missiles but code.

Or, we might see “battles of persuasion,” where one’s own weapons are instructed to something contrary to owner’s intent. This last week, a NATO patriot missile battery was found to have been hacked and carrying out “unexplained orders.”

Such changes are not just something that can be caused by outside software sneaking in, but might also come through a hardware hack, where the flaws are literally baked into the systems themselves. For example, more than three-quarters of the field-programmable gate arrays in the F-35 strike fighter are made in China and Taiwan. So are the majority of chips in automobiles and wireless medical devices, such as pacemakers and dialysis machines. If that hardware was modified ever so slightly, a kill code could selectively disable the chip and the systems that depend on it. And that code could come from any number of sources. A command could originate in a text or email message. It could be delivered by radio signal to a micro-antenna hidden on the chip. It could even be a simple internal time bomb, programmed at the chip’s inception, to trigger a coordinated shutdown on a certain time and date. The result for the targets would be an experience akin to the first episode of Battlestar Galactica, where the good guys’ aircraft just stopped working all at the same moment, opening them up to a devastating attack.

It is important to note that such targets would likely not be limited to the military world. The first reason is the massive reliance of the U.S. military on the civilian world, whether it be via the massive industry of military service contractors—roughly half the personnel in Pentagon operations are contractors—to the utter dependence of the military on Internet itself, where over 98 percent of U.S. military communications goes over this civilian owned and operated channel.

The second reason is that our networked commerce and infrastructure offers up new pressure points on a population, or “centers of gravity” as the great 19th century military thinker Clausewitz might put it. For instance, between December 2011 and June 2012, the Department of Homeland Security reported that hackers—likely from China—penetrated 23 different oil and gas pipeline companies, which also operate using much of the same vulnerable industrial software as explained above. But the hackers didn’t steal any information from the targets, whether intellectual property or employee credit cards. Instead, they were just setting up “beachheads,” testing vulnerabilities in case they needed to drop the hammer on these pipeline operations later on. As former White House cybersecurity expert Rob Knacke put it, “This incident crosses into what might be called ‘preparation of the battlefield,’ laying the groundwork for military operations.” Here again, one sees the difference between espionage and actual warfare, both the connection, but also the difference.

P.W. Singer is strategist at the New America Foundation. 

August Cole is director of the Art of Future Warfare project at The Atlantic Council. They are the co-authors of Ghost Fleet: A Novel of the Next World War

No comments: