The Landing Zone | 5.17.13
By Alan W. Dowd
Large-scale cyberattacks are
happening so often that it’s nearly impossible to keep track of the onslaught. The
most recent of these came March 20, when computers, servers and networks in
South Korea were disabled by a malware attack cleverly named “DarkSeoul.” The attacks targeted South Korea’s largest banks and its main
television broadcasting companies—rendering 32,000 computers inoperable and
freezing economic activity for tens of thousands. What Gen. Keith Alexander,
commander of U.S. Cyber Command, worries about is the enemy’s
“transition from disruptive to destructive attacks.”
Indeed, cyberattacks can do
far worse than simply disrupt service, disable computers or steal data; they
can destroy facilities, systems and infrastructure that people depend on for life.
Former Defense Secretary Leon Panetta described this sort of cyberattack as
“the next Pearl Harbor.” But that may be an understatement. Pearl Harbor decimated
the Pacific fleet but left America’s vast industrial, communications and
utilities infrastructure untouched. But an orchestrated cyberattack could sever
our transportation arteries, cripple our energy and water utilities, freeze our
financial system, blind our military, and scramble our communications networks.
A Chinese general warns that military
cyberattacks “may be as serious as a nuclear bomb.”
To get a sense of how
important cyberspace is to the United States, think of this invisible domain as
part of the global commons, just like the sea, sky and space. Indeed, Alexander
likens “freedom of action in cyberspace in the 21st century” to “freedom of the
seas…in the 19th century and access to air and space in the 20th century.”
More than 100 countries have “network
exploitation” capabilities. For instance, the recent attacks against South
Korea likely emanated from north of the 38th Parallel. Russia launched
withering cyberattacks against Estonia in 2007 and Georgia in 2008. Iranian
cyberattacks against the Saudi oil industry in 2012 destroyed 30,000 computers.
The U.S. and Israel targeted Iran’s nuclear program with the Stuxnet virus— a
cyber-smart bomb that sabotaged the computers controlling Iran’s uranium-enrichment
program.
And then there’s China. Information-security firm Mandiant reported in February that the PLA’s cyber force—“Unit 61398”—is
conducting “extensive” and “harmful” computer network operations from “four
large networks in Shanghai.” Unit 61398 and related units have attacked government ministries in the U.S., Europe, Japan, India, Taiwan, South Korea,
Australia and dozens of other countries; penetrated computer systems at U.S. defense firms, the Pentagon, NASA and other defense-related
agencies; planted computer components in the United States with Trojan horse codes that could be activated to destroy or disable real-world facilities;
and stolen massive amounts of information.
Alexander has called China’s cyber-espionage “the largest transfer
of wealth in history.” The Pentagon reports China’s cyber-troops are “building
a picture” of “military capabilities that could be exploited during a crisis.”
The good news amidst all this
worrisome news is that Washington is finally allowing the Pentagon to treat
cyberspace like any other theater of operations.
Toward that end, DoD will
spend some $17.5 billion on cybersecurity over next five years, and CYBERCOM will grow from 900 personnel to nearly 5,000
in the next three years.
The expansion is part of a
wider effort at CYBERCOM to field three new forces for the Information Age: a “cyber national mission force” to protect computer
systems and networks that serve critical infrastructure; a “cyber combat
mission force” to assist regional combatant commands in conducting offensive
operations; and a “cyber protection force” to defend the DoD’s networks.
“This is an offensive team that the Defense
Department would use to defend the nation if it were attacked in cyberspace,”
Alexander bluntly explained during recent congressional testimony.
Related, the Pentagon is
putting the finishing touches on “a defined framework for how best to respond
to the plethora of cyber-threats we face,” according to Lt. Col. Damien
Pickart. In other words, the Pentagon is developing rules of engagement for cyberspace.
Finally, top military
planners are mapping everything in cyberspace—all the billions of computers,
devices and related networks that make up this ever-growing invisible domain.
Ominously dubbed “Plan X,” this DARPA research effort will ensure that the United States has “superior
capabilities to rapidly plan, execute, and assess the full spectrum of military
operations in cyberspace.”
All of this—the new
cyber-ROEs, the phalanx of cyberwarfare units, the growing ranks and reach of
CYBERCOM, the enhanced focus on the digital domain, the mapping of cyberspace—is
a function of the growing likelihood that America’s enemies will use cyberspace
to do far worse than simply steal from us or spam us. And it’s long overdue. As
retired Gen. James Cartwright warned when he was vice chairman of the Joint
Chiefs of Staff, “We lack dominance in cyberspace and could grow increasingly
vulnerable if we do not fundamentally change how we view this battlespace.”
Alexander’s efforts provide every indication that the Pentagon has embraced
that change.
To deter a cyber-Pearl
Harbor, the next step is for policymakers to let it be known that the U.S. will
make no distinction between a cyberattack on critical infrastructure and a
traditional kinetic attack. It’s worth noting that Russian military officials
argue that “the use of information warfare against Russia or its armed forces
will categorically not be considered a non-military phase of a conflict,
whether there were casualties or not.”
James Lewis of the Center
for Strategic and International Studies warns there is a risk that North Korea
and other cyber-rogues could “inadvertently trip over some threshold that will
be seen as the use of force or an act of war,” thus accidentally triggering war
in the non-cyber domain.
That explains why some
military thinkers suggest that Washington should respond in kind to the next
cyberattack. Updating a phrase from Cold War parlance, retired
Air Force Lt. Gen. Harry Raduege notes that certain governments “only respond
to somebody that’s going to be able to launch a mutually assured disruption of
them.”Cartwright
has even argued that Washington may have “to do something that’s illustrative”
in order to communicate U.S. seriousness.
That may be exactly what Alexander’s
cyber-warriors are preparing to do.
The Landing Zone is Dowd’s monthly column on national defense and international security featured on the American Legion's website.