23 August 2016

The next world war is going to be fueled by state-sponsored hacking


Battles in the next world war will be fought in the air, on the ground, and online.

"We've grown used to the fight being in just one domain," Dr. Peter Singer, a strategist at the think tank New America and coauthor of "Ghost Fleet," told Business Insider. "[But] we have these new domains that we've never fought in before, and that's outer space, and cyber space."

While the US has gotten somewhat used to fighting insurgencies and irregular wars, Singer believes the world may be swinging back toward the conventional path, especially as China continues to ramp up its military capabilities.

Singer and August Cole's "Ghost Fleet" put forth a story of what could potentially happen if the US, China, and Russia went to war, and hacking and electronic warfare played a big part in it. Though the book was fictional, all the technology the authors used was drawn from the real world, whether it was currently deployed or in a prototype stage - and it has become recommended reading by the military's top leaders.

"If you're not able to operate the way you want to in cyberspace," Singer said. "That means you can lose battles on land and sea."

Interestingly, the shift to using cyber means of attack instead of conventional ones has already been happening for some time, as Singer explained. We've seen a "micro version" of this new age of warfare playing out recently in Ukraine, Syria, and elsewhere.

Or as one Army officer put it during a 2015 training exercise, "future fights aren't going to be guns and bullets. They're going to be ones and zeroes."
World War 3.0

Singer explained that states can do only four things in cyberspace: Collect, steal, block, and change information. And all of them are happening right now, but not at a scale large enough to consider it a global cyberwar.

"That's what any future cyber conflict is going to involve," Singer said. "A mix of these things."

For example, intelligence agencies already collect mountains of data that's out in the open, and those in the offensive hacking space try to steal more. China, for example, seeks out information on classified military projects like the F-35 fighter so it can develop its own, very similar, counterpart.

Then there's the idea of blocking information from flowing. In a cyber context, that means major distributed denial-of-service campaigns that take websites offline, or website defacements.

But changing data is the crown jewel - that's how states can launch cyber attacks that have real-world consequences on the ground, as was the case in the joint US-Israeli "Stuxnet" attack, which wiped out a large number of Iranian nuclear centrifuges.

"Cyber power is being wielded as a strategic weapon to create facts on the ground with the minimal use of kinetic force," James J. Wirtz, Dean of the Naval Postgraduate School, wrote recently of Russia's cyber campaigns.


The digital battle in the background

Long before Russian boots ever made their mark on the ground in Crimea, the network cables linking the region to greater Ukraine were severed, according to a talk at Black Hat by researcher Kenneth Geers, who edits NATO's "Cyber War in Perspective" series. And distributed denial-of-service attacks against key sites outside of Crimea helped mask Russia's moves.

The future war probably won't employ massive cyberweapons likeStuxnet. Instead, cyber weapons will be used like any other in the military arsenal: instead of artillery to take out a target, a commander may use malware instead.

"If there's something that you can do to prep the battlefield before a kinetic attack or to disrupt defenses during kinetic attacks, why wouldn't a combatant commander turn to that?" Charlie Stadtlander, chief spokesperson for US Army Cyber Command, told Tech Insider in May.

That's exactly how things played out in Ukraine, Singer told us.

"Everything from government websites to banks to individual military units in the field all had the equivalent of a digital blockade thrown up around them. Some of it was through cyber means. Some of it was through electronic warfare means - jamming - but basically communication isn't flowing back and forth," Singer said of cyber attacks against Ukraine.

"They can't get their message out. They can't send their commands down the chain. The units out in the field don't know what's happening. They're sending requests for orders, giving reports of what's happening to them, and nothing is moving. They're virtually isolated."

Singer also told us about an interesting operation carried out by Israel in 2007 called Operation Orchard - a secret bombing run on a suspected Syrian nuclear site.

"They basically hacked into the Syrian air defense network," Singer said, explaining that the radars would still look completely normal to the operators who were monitoring them. "Feeding them false information."

In years past, in order to carry out an airstrike against a hard target with air defenses, an adversary might have had to launch aircraft specifically designed to attack those defense sites, so a follow-on strike group could then go in and bomb their targets. It's what's called suppression of an enemy air defense, or SEAD.

But Israel suppressed those defense sites by using an alleged backdoor "kill switch," according to a report in IEEE Spectrum.


Interestingly, hacking into enemy air defenses is one target mentioned in the Army's "cyber warfare bible," and cyber soldiers recently took part in an exercise of this scenario. And with the US military ramping its own "cyber mission force," it's quite clear the Pentagon hopes to be the victor in this hypothetical World War 3.0.

Or, it may not even happen. But nonetheless, nations are realizing that to be successful during a possible future cyber war, they need to own your potential enemy's networks now.

"Militaries are faced with the uncomfortable fact of hacking in peacetime for wars that may never happen," Geers said.

No comments: