In lieu of an abstract, here is a brief excerpt of the content:

105 CHAP TER 6 Aggression in Cyberspace KEVIN G. COLEMAN We are now in a world in which cyber warfare is very real. . . . It could paralyze this country, and I think that’s an area we have to pay a lot more attention to. —Leon Panetta, This Week (ABC Television News) Computer intrusions and attacks have become methods for aggression. The frequency of incidents coupled with their implications has driven the Pentagon to formally recognize cyberspace as a domain for military activities for the purposes of organizing, training, equipping, and when directed, operating our forces.1 Technological advances continue to influence the art of war. Perhaps the greatest technological impact came when attacks moved from being physical to being digital. Given that reality, cyberspace now has joined the other traditional conflict domains. However, cyber represents a primary form of attack as well as a support role for other domains. Over the years as technology has matured, advanced traditional domains have become more reliant on microprocessors, computers, and digital networks, and in many cases on the Internet for offensive capabilities, defensive measures, and intelligence collection. Although computer intrusions have been around for decades, recent intrusions are dangerous and have escalated to the point where military leaders have expressed concern.2 Many nations of the world are busy developing, advancing, and implementing computer intrusion and attack strategies and digital weaponry designed to disrupt or destroy hostile military systems as well as critical infrastructure. Today cyber warfare is viewed as a critical component of national security strategy rather than a stand-alone option. The policies, doctrine, strategies, and operational models for conducting cyber warfare are emerging and will change as new weaponry evolves and the lessons from cyber attacks are learned. As Deputy Secretary of Defense Aggression in Cyberspace 106 William Lynn remarked: “There’s no agreed-on definition of what constitutes a cyberattack. It’s really a range of things that can happen—from exploitation and exfiltration of data to degradation of networks or even physical equipment, physical property.”3 The Pentagon established US Cyber Command with dedicated service components and began to define cyber warfare.4 It is paramount that the government leadership and the defense, intelligence, and homeland security communities develop the appropriate doctrine to systematically and appropriately counter the threat of cyber warfare. More than 100 nations are actively developing cyber weapons. Nations such as China, Russia, Iran, India, and North Korea are actively increasing offensive, defensive, and intelligence cyber capabilities. It is important to note that acts of cyber aggression are not restricted to states. Thieves, criminals , activists, and terrorists have perpetrated computer intrusions and participated in cyber attacks. Another important point is that the private sector, in particular owners and operators of critical infrastructure assets, are highly susceptible to becoming targets of cyber attacks. Cyber warfare is a real high-tech threat with the potential of becoming one of the most dangerous and damaging weapons for nations of all sizes and economic standing to employ in gaining the upper hand in modern international conflict. The winners in the cyber domain will be innovative actors with superior technical staffs. CYBER ATTACK PROCESS The North Atlantic Treaty Organization has initiated strategic planning for the next generation of warfare, which includes the cyber dimension of conflict.5 Following large-scale denial-of-service attacks on Estonia in 2007 and Georgia in 2008, the alliance established the Cooperative Cyber Defence Centre of Excellence in Tallinn, staffed by international personnel conducting research and training on cyber warfare.6 Those two assaults on sovereign nations made militaries around the world recognize that they lacked a common language and decision-making framework to effectively respond to threats in the area of cyber aggression. Although many organizations and individuals perceive a cyber attack as an event, they are wrong. It is a process composed of five components: reconnaissance , scanning, system access, malicious activity, and exploitation (see figure 6.1).7 In addition, there are four subprocesses: cyber attack planning, cyber attack design, cyber attack initiation, and attack, which operate in concert to achieve the stated objectives of cyber attack strategy. Reconnaissance deals with acquiring targeting information during the planning phase. If the target is a cell phone, then the first step is to obtain its number and usage patterns when the device is normally on the air. The second step is scan- [3.22.181.209] Project MUSE (2024-04-23 11:12...

Share