• United States



Violation of National Sovereignty

Jun 08, 20097 mins
Business ContinuityCareersData and Information Security

U.S. territorial waters is a belt of coastal waters extending at most twelve nautical miles (about 13.8 miles) from the mean low-water mark of any coastal state. The territorial sea is regarded as the sovereign territory of the United States, although foreign ships (both military and civilian) are allowed innocent passage through it. In addition, this sovereignty also extends to the airspace over and seabed below creating a perimeter of space and time that serves as the outer boundaries of the United States. 

Restricted airspace is an area of airspace in which U.S. authorities have determined that air traffic must be restricted if not continually prohibited for safety or security concerns. It is one of many types of special use airspace designations and is depicted on aeronautical charts with the letter “R” followed by a serial number. Think of this much like a financially significant system with minimum two-factor authentication across a virtual private network at the very least.

According to the FAA, restricted areas denote the existence of unusual, often invisible, hazards to aircraft such as artillery firing, aerial gunnery, or guided missiles. Penetration of restricted areas without authorization from the using or controlling agency may be extremely hazardous to the aircraft and its occupants. In addition, it could lead to your immediate arrest.

Prohibited airspace refers to an area of airspace within which flight of aircraft is not allowed, usually due to security concerns. It differs from restricted airspace in that entry is typically forbidden at all times from all aircraft and is not subject to clearance from air traffic control. Think of this much like a mission critical system embedded within multiple layers of firewalls, intrusion protection systems, data loss prevention, where very keystroke is tracked and access is strictly limited to only those with a need to know with no remote access accessible only from within corporate walls completely segmented from all other corporate networks, at a minimum.

According to the FAA, prohibited areas contain airspace of defined dimensions identified by an area on the surface of the earth within which the flight of aircraft is prohibited. Such areas are established for security or other reasons associated with the national welfare. These areas are published in the Federal Register and are depicted on aeronautical charts.”

Violating prohibited airspace established for national security purposes may result in military interception and/or the possibility of an attack upon the violating aircraft, as in the case of Korean Air Lines Flight 007. Aircraft violating or about to violate prohibited airspace will often be warned beforehand on 121.5 MHz, the emergency frequency for aircraft. All pilots everywhere know of this frequency and requirement.

Imagine the physical penetration of the Pentagon or Fort Knox by way of our territorial boundaries. Imagine the physical penetration of a seaport or a nuclear power plant. Any such penetration by a foreign power would be seen as an act of war and dealt with swiftly and extreme prejudice and malice aforethought.  It would occupy the top spot of every newspaper, every TV news outlet and virally spread throughout the blogosphere. We would have analysts coming out of the woodwork to discuss, pass judgment upon and review scenarios over and over again calling for the resignation of this official and that politician. Everyone worldwide would know of such an incursion and the threat of retaliation could very well manifest itself in the form of worldwide condemnation, sanctions and military action.

The question I pose then is “Why is a virtual incursion of the same type, voracity and impact as a physical penetration of the Pentagon treated much like the family black sheep that no one wants to discuss and whose name is never mentioned at family events?” 

Should cyber security incursions of our sovereignty be kept secret or should they be announced as a physical incursion would be announced? Should cyber security incursions be met with like force? Should it be 10 eyes for an eye? If we had a physical incursion of the seaport at Baltimore that included full access to the harbor of a foreign submarine that included the offloading of fully armed commandos onto our national soil, would that be seen as an act of war? When we have a virtual incursion the Pentagon that included full access to mission critical systems by a foreign nation that included the offloading of various instances of malicious code, would this be seen as an act of war?

Every day we endure virtual border violations that penetrate our defenses. We suffer a continuous flow of probes and scans testing our defenses much like a fighter jet does as it turns on its afterburners within miles of a nations territorial boundaries only to turn away at the last minute. Acquisition radars are activated as are surface to air missile sites as communications explode in a flurry of activity. All this activity is captured by the offending nation as they seek to understand the locations and procedures associated with the US defensive posture. As our attention is focused upon the overt attempts to penetrate our airspace, unseen forces slip by our defenses at a weak point in our perimeter.  








Why is it that we treat virtual violations of our sovereignty much like a Cold War instance of espionage or spying? If the perpetrator is virtually caught, we may accuse the offending country who will surely deny the charges as false and baseless. It is not as if we can put the spy on trial.  

It also surely seems that we are in a virtual arms race including costly defense spending, a massive conventional virtual arms race that will eventually be punctuated by numerous virtual proxy wars unseen by the naked eye and not communicated to the general public. Why is it that an incursion such as Moonlight Maze was not treated as an act of war? Is it due to the relative immaturity of our cyber defenses or the fact that over 10 years later we still do not know the origins of the attack?

Many are concerned with the militarization of the Internet but I think many forget the origins of the Internet and its original intent ( roots are from the military even though it was built without security in mind (it is just like Déjà vu all over again), a bit of an oxymoron to say the least. ). 

The elevation of security into a permanent place within the White House albeit still a layer too low is an evolutionary step in the process to mature information security to the proper position. Much like the Navy is for the sea; the Army for terra firma; the Air Force for the skies; a new service should be created for the virtual airwaves. Much like the Army Air Corps in the 40’s, Cyber Security will eventually move to its rightful position as a separate service that crosses all services but stands alone with both defensive and offensive capabilities.  Until then we will continue to treat virtual violations of our national sovereignty like a bastard stepchild we chose not to mention.