If you did not catch it, the world witnessed the first cyber war in April and May of 2007. The battle took place between Estonia and Russia. At the peak of the battle over 4 million bogus transactions per second were launched and struck their desired targets. Countries all over the world have been developing and implementing cyber warfare strategies designed to defend their infrastructure and impact their enemy’s command and control structure, logistics, transportation, early warning defenses and other critical, military functions.
A cyber war is defined as a conflict that uses hostile, illegal transactions or attacks on computers and networks in an effort to disrupt communications and other pieces of infrastructure as a mechanism to inflict economic harm or upset defenses.
Technology experts and military strategists as well as city and urban planners are collaborating on cyber warfare strategies design to disrupt and defend against critical offensive and defensive operations. The Naval Postgraduate School has defined three levels of offensive cyber capabilities.
1. Simple-Unstructured: the capability to conduct basic hacks against individual systems using tools created by someone else.
2. Advanced-Structured: the capability to conduct more sophisticated attacks against multiple systems and possibly to modify or create basic tools.
3. Complex-Coordinated: the capability for coordinated attacks capable of causing mass-disruption against many defense systems.
Using a combination of the above levels of capabilities cyber war plans are emerging and driving the need for a wide range of cyber weapons. Cyber attacks occur on a much too frequent basis. Many people are unaware that based on the latest statistics, over 6,500 serious computer attacks have been reported in the last minute. In July of 2007 there were nearly three times the number of cyber breaches than in any other single month and nearly 1/3 of all intrusions for the year. Spy-Ops stated that security professionals continue to see a surge in system intrusion attempts, phishing, hacking, and worm and virus outbreaks. Many security experts believe this was the work of a coordinated group of hackers. However, it is not known if the effort had any ties to certain foreign governments. For the second time in seven years, the Internet became the world’s newest battleground as online cyber skirmishes broke out between the US and China. This latest cyber skirmish took place in the summer months of 2007 and threatened to intensify into a full-blown cyber war. Some U.S. cyber security leaders downplayed the severity of the incident, while international experts expressed concerns over the cyber exchange. These recent events have underscored the vulnerability of the United States information and control systems to cyber attacks. A June 2007 report to the U.S. Congress warned that the People’s Republic of China is brewing cyber network attacks which could cause "disruption and chaos" with the "magnitude of a weapon of mass destruction". The Department of Homeland Security reported attacks against the United States were up nearly 900% between 2005 and 2007. Other sources stated the U.S. Department of Defense experiences nearly 3 million network and systems attacks per day. You can be sure that President Bush will use statistics like these in his push to get a $6 billion line item to develop defenses for the Government’s information infrastructure approved in his upcoming budget.
The threat is real and the implications of the cyber war are clearly foreseeable. For this reason alarms are sounding over the proposed sale of a U.S. security technology firm to a Communist Chinese run company. Word of the pending sale spread to Capitol Hill (October 7th) where lawmakers on the House Intelligence and Armed Services committees began urging the U.S. Treasury Department to begin the process to block the deal. This clearly shows the level of concern over offensive and defensive cyber arms. If enemies of the U.S. can not buy their way into the cyber arms race, they will just build them!
The following chart includes an "estimated threat" (on a 1 to 5 scale, 5 being "signficant") calculated by considering the intent and capabilities of each company to conduct cyber warfare against the US.
| Country | Est Mil Budget | Est Status | Est Threat |
| China | $56B | 3 - complex | 4.78 |
| Iran | $9.7B | 2 - advanced | 3.79 |
| Libya | $1.3B | 2 - advanced | 2.86 |
| N Korea | $5.2B | 2 - advanced | 3.03 |
| Russia | $44B | 3 - complex | 4.39 |
This threat matrix was created by Technolytics in cooperation with Spy-Ops and represents their combined view of cyber warfare capabilities. This information is based on derivative open source intelligence, technology evaluations in other weapons systems as well as information obtained from cyber weapons used in attacks that have taken place in the past 18 months. One source reported that sophisticated cyber weapon platforms are being produced at an impressive pace and with impressive quality. According to General James Cartwright, commander of the U.S. Strategic Command, China is already actively engaging in cyber-reconnaissance through the probing military computer systems and networks. It should be noted that China’s military is growing and making technological advances at a pace that is surprising to military and industry experts.
Cyber Weapons
In the mid 90s, a study by the RAND Corporation illustrated the costs of developing the cyber weapons needed for conducting cyber war are extremely modest. That being the case almost every country can afford these efforts. Lani Kass, a senior adviser to USAF Chief of Staff Gen. T. Michael Moseley, is quoted as emphasized the need for the U.S. to develop an offensive cyber capacity. Cyber arms are seen as a first strike weapons used to disrupt the enemy’s command, control and operational infrastructure and possibly create civil unrest through interrupting basic infrastructure and services. In a report developed by Spy-Ops in the fall of 2007, they estimated that about 140 countries have active cyber weapons development programs in place and operational.
Most Common Types of Offensive Cyber WeaponsWireless Network Disruptors
Computer Viruses
Transient Electromagnetic Devices
Malware
Transaction Generators
Contaminated Software
Trojan Horse Software Applications
Hacker Kits / Root Kits
Worms
Key Loggers
Spyware
Password Crackers
Encryption Crackers
Logic Bombs
Back Doors
Spoofing
It should be noted that exploitation kits have been developed for cell phones and game stations to use these devices in distributed denial of service attacks and to steal data.
While many argue the value of a global cyber arms control treaty, the fact is it would be more difficult to enforce than the non-proliferation agreement that is in place today. A few thousands of dollars of computer and networking equipment coupled with a few smart computer people and you have the basic materials for cyber weapons.
INTEL: In the late spring of 2007, the U.S. Navy created a new strategic plan for science and technology. Included in their high-tech weapons were directed energy weapons (ray guns) and cyber weapons for the domination of cyberspace.
Private Sector Impact
The Pentagon is estimated at using over 5 million computers on 100,000 networks at 1,500 sites in 65 countries worldwide. This illustrates just a portion of their computing capabilities and also shows you why cyber arms have become so desirable of U.S. enemies. Military strategists have long focused first strikes on critical military and civilian infrastructure. In the United States and in other countries components of the critical infrastructure is not owned and operated by the government, but by private organizations. It is not difficult to see that as a prime target for a cyber attack. In the U.S. an estimated 85% of critical infrastructure is owned and operated by the private sector. The National Cyber Security Division (NCSD) was created in June 2003 to provide the federal government with a centralized cyber security coordination and preparedness function. This is NOT designed to be the first line of defense. Each and every computer must be protected with a minimum level of defensive capabilities to provide a barrier from turning a business device into a weapon for our enemy. The NCSD is the focal point for the federal government’s interaction with state and local government, the private sector, and the international community concerning cyberspace vulnerability reduction efforts.
"As we move forward in our war against terrorism, it will be as important for us to secure cyberspace as it will be for us to secure the homeland against malicious attacks,"
Rep. Nick Smith
Conclusion
The world has entered a new era of conflict. The new area of conflict concentrates on bits and bytes rather than bombs and bullets. The cyber arms race has begun. Computers have proven to be a very powerful weapon in the militaries arsenal. In 2006, eBay found people trying to auction off newly discovered software vulnerabilities in programs like Internet Explorer, Windows and other Microsoft applications that the majority of computer owners use. These vulnerabilities could be exploited and used as a critical component of a cyber attack. At this time, there are virtually no regulations in place to control the production, sale or trade of cyber arms. Cyber Weapons can be launched from anywhere and can target anywhere in the world. It is also true that our ability to bring those who launch cyber attacks to justice has proven to be quite limited and extremely difficult at best.
Cyber attacks are particularly dangerous because of the world’s reliance on computers, networks and technology. The impact of a cyber attack can be swift and significant. However, the thirteen agencies and offices of the U.S. intelligence community have not reached consensus on the severity of the cyber threat. Western governments and businesses should brace themselves for cyber attacks in the not so distant future. So the only remaining question is, how prepared are you and your organization for a cyber war? #
Kevin G. Coleman is a fifteen year veteran of the computer industry. A Kellogg School of Management Executive Scholar, he was the former Chief strategist of Netscape. Now he is a Senior Fellow and International Strategic Management Consultant with the Technolytics Institute – an executive think-tank. For six years he served on the Science and Technology advisory board for the Johns Hopkins University - Applied Physics Lab, one of the leading research institutions in the United States and served for four years on the University of Pittsburgh Medical Center’s Limbaugh Entrepreneurial Center’s Advisory Board. He has published over sixty articles covering security and defense related matters including UnRestricted Warfare and Cyber Warfare & Weapons. In addition he has testified before the U.S. Congress on Cyber Security and is a regular speaker at security industry events and the Global Intelligence Summit.