What a cyberwar with China might look like
If there is a cyberwar with China, as described in a new hypothetical scenario, it will not necessarily involve power grids being knocked offline and planes falling from the sky.
By Jaikumar Vijayan
March 31, 2011 — Computerworld —
It's August 2020. A powerful and rising China wants to bring the city-state of Singapore into its fold as it has with Hong Kong, Macau and Taipei.
Its first physical attacks against Singaporean assets are still weeks away. But already, China has launched a massive cyber campaign, designed largely to degrade and disrupt the communications capabilities of the U.S., Japan and other allied nations.
Members of the Chinese military's 60,000 strong cyber warfare group have deeply penetrated U.S. defense, government and corporate networks and are already manipulating and controlling them.
When the Chinese army finally launches its first attack against a Singaporean guided missile frigate in the South China Sea in September, U.S armed forces quickly find their communications capabilities severely compromised. Personal computers, radio, satellite communications capabilities and battlefield communication hardware are all but crippled.
Key military networks and servers come under crushing denial of service (DoS) attacks, hampering the military's efforts to mobilize conventional forces. Deliberately injected misinformation flows over the networks to field commanders and to ships at sea.
The conflict ends 55 days later in a standoff between the U.S and the Chinese navy, with a general war being avoided, and Singapore retaining its independence.
But it's the first truly full scale cyberwar launched against the U.S by China, and it's very different from what many had assumed it would look like .
The hypothetical scenario is described in detail in a report in the latest issue of the U.S. Air Force's Strategic Studies Quarterly (PDF document) . The report is authored by Christopher Bronk, a former diplomat with the U.S. State Department and a fellow in IT policy at Rice University's Baker Institute.
The scenario depicts just one way in which a real life cyberwar could unfold and is designed to highlight how such conflicts are very unlikely to be a bolt from the blue.
"Most likely, cyber conflict will be an 'always on' engagement, even if international policy is enacted to forbid it," Bronk writes in the article. "The only certainty in cyber conflict is that conflict there will not unfold in the ways we may expect."
Speaking with Computerworld this week, Bronk downplayed popular perceptions of a cyber Pearl Harbor, in which critical infrastructure targets such as the electrical grid are attacked and taken out.
Such attacks cannot be ruled out entirely but it's unlikely that a nation state would launch one because of the catastrophic response it would trigger.
"I did not try to make the case that it would be some sort of an apocalyptic event. I did not make the case that it would occur in isolation," he said. Instead, a cyberwar will most likely always be part of a broader war, or broader campaign as they were in Georgia and Estonia, he said.