The metaphor of warfare used to apply to cyber-conflict is strained, but is still the paradigm most often used in discussions of this area by government and military. The concepts of “target” and “territory” are vastly different in a network. Likewise, the meanings of terms like: capture, destroy, defend, attack, hold, flank, surround, and many more become at least blurred if not strained. Terms like: authenticate, authorize, spoof, inject, hijack, intercept, crack, overflow, denial, and others seem more at home in cyberspace. Cyberwarfare seems far more like intelligence (spying) operations than conventional military warfare.

“the map is not the territory” – Alfred Korzybski

Cyberwarfare – Virtual Attacks Could Come From Anywhere – []
(watch the video)

Hackers and criminals can do enough harm to foreign or domestic networks on their own, but when backed by nation states, the resources and potential of these mercenaries increase significantly. Millions flock to the World Wide Web for their share of real-time information via Twitter and other social media platforms. But in the blink of an eye, a multitude of connections could be pulled under by a single act of cyber terrorism, as we saw during the 2009 denial-of-service attack when Twitter, Google and other platforms were temporarily taken out by Georgian political activists. The world felt virtual aftershocks for days. But the effects of cyber terrorism aren’t confined to virtual space. Whole communications infrastructures, like air traffic control operations at airports, are vulnerable to attack. One wrong signal or communications blackout could mean a great number of casualties. What’s more is that cyber criminals can exploit weaknesses in networks, transforming personal computers into virtual Trojan armies. Cultivating botnets of computers worldwide can wreak havoc on networks by proliferating spam or harmful viruses. It can also flood those networks with false traffic—like what happens during a denial-of-service attack—in order to cripple portions of the global network, in effect using the most constructive attributes of connectivity for insidious purposes. But familiar scenarios like these raise little concern compared with those we haven’t yet faced.

National Security Strategy is Empty on “Cyberspace” – []

*Yawn*. What a disappointment. So, we’re going to “secure cyberspace” through “investing in people and technology” and “strengthening partnerships.” Lame. Weak. I’d go so far to say irresponsible. It’s clear that the national digital security policy situation has degraded since the President’s speech on cyber security last May. That’s right, it’s been one year and all the President has to show on this is… Howard Schmidt, who is mostly famous for saying “There is no cyberwar” because “There are no winners in that environment.”

Afterbytes: The “Cyberwar Battlefield”
– []

How do you predict an enemy’s operations in a network? It’s simple: you have to be inside their command loop – in other words they have to tell you what they are going to do, and you need to have good enough information to sort the disinformation from reality. Back when I was working on intrusion detection systems, we used to periodically get customers who’d say that they wanted IDS data so they could react in response to an attack. We’d gently explain to them that it’s easy to predict when you’re going to come under attack – because the answer is “constantly.” What you really want to know is not whether you’ll come under attack, but whether the attacks you’re under right now are working. Again, the battlefield metaphor breaks down because the dynamics of attack and defense on a network are nothing like they are on real ground: you can potentially cause entire categories of attack paths to cease to function, or exist, with a single mouse-click. I don’t care if you’re attacking me, I care if you’re succeeding, and the battlefield notion of numerical advantage is meaningless because the defender can (or ought to be able to) reconfigure the battlefield unilaterally. What does this have to do with “predictive” activity? It means it’s pointless – predicting an attack is going to be worthless compared to being able to rapidly react to a successful penetration. To abuse a metaphor a bit, predicting a cyberattack is about as useful as predicting that a sniper’s bullet is going to hit between your eyes after it’s 3/4 of the way through its trajectory. The military value of prediction is pre-emption or re-configuring defenses (in the sniper scenario, that would be: ducking) neither of which may make any sense in a network environment – unless you’re trapped in the battlefield metaphor instead of networked reality.

Cyberwar Plan
Cyber Attack Range
Attack Methodology
Attack vs Defense

Comments are closed.