Cyberwarfare in the United States

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Cyberwarfare in the United States is the United States Cyber Command's military strategy of Proactive Cyber Defence and the use of cyberwarfare as a platform for attack.[1] The United States Department of Defense sees the use of computers and the Internet to conduct warfare in cyberspace as a threat to national security.[2] The Joint Forces Command issued a statement: "Cyberspace technology is emerging as an "instrument of power" in societies, and is becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. With low barriers to entry, coupled with the anonymous nature of activities in cyberspace, the list of potential adversaries is broad. Furthermore, the globe-spanning range of cyberspace and its disregard for national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies."[3]

However, decades of failure to learn between "silos" in agencies or departments has led to the failure of major United States Armed Forces IT projects and the waste of billions of dollars.[4] Also while the United States federal government has invested heavily in cybersecurity contractors, it has failed to establish standards for these companies or properly manage them.[5] In addition these contractors cost nearly twice as much as federal employees who do the same jobs.[6]

The Five Pillars[edit]

The five pillars is the framework for the United States military strategy for cyberwarfare.[7] The first pillar is to recognize that the new domain for warfare is cyberspace similar to the other elements in the battlespace. The second pillar is proactive defenses as opposed to passive defense. Two examples of passive defense are computer hygiene and firewalls. The balance of the attacks require active defense using sensors to provide a rapid response to detect and stop a cyber attack on a computer network. This would provide military tactics to backtrace, hunt down and attack an enemy intruder. The third pillar is critical infrastructure protection (CIP) to ensure the protection of critical infrastructure. The fourth pillar is the use of collective defense, which would provide the ability of early detection and to incorporate them into the cyberwarfare defence structure. The fifth pillar is maintain and enhance the advantage of technological change. This would include improved computer literacy and increasing artificial intelligence capabilities.

Cyberattack an act of war[edit]

The new United States military strategy, makes explicit that a cyberattack is casus belli for a traditional act of war.[8] This is controversial; Howard Schmidt, the cybersecurity leader of the US, said in March 2010 that "there is no cyberwar... I think that is a terrible metaphor and I think that is a terrible concept. There are no winners in that environment."[9]

In September 2012, the State Department chief legal advisor, Harold Koh, announced that certain cyber attacks may constitute a "use of force", and are subject to international law and rules of war.[10]

In 2013, a U.S. Department of Defense task force stated that nuclear weapons could be used in response to a cyber attack.[11]

Attacks on other nations[edit]

Iran[edit]

In June 2010, Iran was the victim of a cyber attack when its nuclear facility in Natanz was infiltrated by the cyber-worm ‘Stuxnet’, said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyberwarfare.[12][13] It destroyed perhaps over 1000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic programme back by at least two years."[14]

Despite a lack of official confirmation, Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, made a public statement, in which he said, "we're glad they [the Iranians] are having trouble with their centrifuge machine and that we – the US and its allies – are doing everything we can to make sure that we complicate matters for them", offering "winking acknowledgement" of US involvement in Stuxnet.[15]

China[edit]

In 2013, Edward Snowden, a former systems administrator for the Central Intelligence Agency (CIA) and a counterintelligence trainer at the Defense Intelligence Agency (DIA), revealed that the United States government had hacked into Chinese mobile phone companies to collect text messages and had spied on Tsinghua University, one of China’s biggest research institutions, as well as home to one of China’s six major backbone networks, the China Education and Research Network (CERNET), from where internet data from millions of Chinese citizens could be mined. He said U.S. spy agencies has been watching China and Hong Kong for years.[16]

According to classified documents provided by Edward Snowden, the National Security Agency (NSA) has also infiltrated the servers in the headquarters of Huawei, China's largest telecommunications company and the largest telecommunications equipment maker in the world. The plan is to exploit Huawei’s technology so that when the company sold equipment to other countries — including both allies and nations that avoid buying American products — the NSA could roam through their computer and telephone networks to conduct surveillance and, if ordered by the president, offensive cyberoperations.[17]

Other[edit]

  • In 1982, a computer control system stolen from a Canadian company by Soviet spies caused a Soviet gas pipeline to explode. The code for the control system had been modified by the CIA to include a logic bomb which changed the pump speeds to cause the explosion.[18]
  • In 1991, it was reported by the US Air Force that a computer virus named AF/91 was created and was installed on a printer chip and made its way to Iraq via Amman, Jordan.[19] Its job was to make the Iraqi anti-aircraft guns malfunction; however, according to the story, the central command center was bombed and the virus was destroyed.[20] The virus, however, was found to be a fake.[20]
  • In 1998, in order for US and NATO to bomb Serbian targets successfully in Kosovo, the USA needed to hack into the Serbian air defense system and trick the Serbian Air Traffic Controllers.[21] The US accomplished its goal so well that there was concern about continuing or escalating the attacks because the US didn't want to hack into any further Serbian targets because of fear of damaging civilian targets.[citation needed]

Defense Industrial Base Cybersecurity and Information Assurance[edit]

In response to cyberattacks that occurred during the Bush years, and denied stronger tools by the Republican congress, Obama has used executive authority to join together government and private sector cyber security to be able to respond to cyber attacks directed at the American defense industry in general.[22]

United States Cyber Command components[edit]

United States Cyber Command[edit]

The United States Cyber Command (USCYBERCOM) is a United States armed forces sub-unified command subordinate to United States Strategic Command. USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."[23]

Army Cyber Command[edit]

The Army Cyber Command (ARCYBER) is an Army component command for the U.S. Cyber Command.[24] ARCYBER has the following components:

Marine Corps Forces Cyberspace Command[edit]

United States Marine Corps Forces Cyberspace Command is a functional formation of the United States Marine Corps to protect infrastructure from cyberwarfare.[28]

Navy Cyber Forces[edit]

The Navy Cyber Forces (CYBERFOR) is the type commander for the U.S. Navy's global cyber workforce. The headquarters is located at Joint Expeditionary Base Little Creek-Fort Story. CYBERFOR provides forces and equipment in cryptology/signals intelligence, cyber, electronic warfare, information operations, intelligence, networks, and space. In September 2013, the United States Naval Academy will offer undergraduate students the opportunity to major in Cyber Operations.[29]

Twenty-Fourth Air Force[edit]

The Twenty-Fourth Air Force (24 AF) is a Numbered Air Force (NAF) with the United States Air Force (USAF). The USAF is consolidating its cyberspace combat forces into 24 AF.[30] The Twenty-Fourth Air Force, will be the Air Force component of United States Cyber Command (USCYBER). The 24AF has the following components:

United States Tenth Fleet[edit]

The United States Tenth Fleet is a functional formation of the United States Navy. It was first created as an anti submarine warfare coordinating organization during the Battle of the Atlantic in the Second World War. It has been reactivated as Fleet Cyber Command. The tenth fleet components are:

Events[edit]

Cyberwar defense team
  • Systems in the US military and private research institutions were penetrated from March 1998 for almost two years in an incident called Moonlight Maze. The United States Department of Defense traced the trail back to a mainframe computer in the former Soviet Union but the sponsor of the attacks is unknown and Russia denies any involvement.
  • Titan Rain was the U.S. government's designation given to a series of coordinated attacks on American computer systems since 2003. The attacks were labeled as Chinese in origin, although their precise nature (i.e., state-sponsored espionage, corporate espionage, or random hacker attacks) and their real identities (i.e., masked by proxy, zombie computer, spyware/virus infected) remain unknown.
  • In 2007, the United States government suffered "an espionage Pearl Harbor" in which an unknown foreign power...broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information.[31]
  • In 2008, a hacking incident occurred on a U.S. Military facility in the Middle East. United States Deputy Secretary of Defense William J. Lynn III had the Pentagon release a document, which reflected a "malicious code" on a USB flash drive spread undetected on both classified and unclassified Pentagon systems, establishing a digital beachhead, from which data could be transferred to servers under foreign control. "It was a network administrator's worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary. This ... was the most significant breach of U.S. military computers ever and it served as an important wake-up call", Lynn wrote in an article for Foreign Affairs.[32]
  • On 1 April 2009, U.S. lawmakers pushed for the appointment of a White House cyber security "czar" to dramatically escalate U.S. defenses against cyber attacks, crafting proposals that would empower the government to set and enforce security standards for private industry for the first time.[34]
  • On 7 April 2009, The Pentagon announced they spent more than $100 million in the last six months responding to and repairing damage from cyber attacks and other computer network problems.[35]
  • In December 2009 through January 2010, a cyber attack, dubbed Operation Aurora, was launched from China against Google and over 20 other companies.[36] Google said the attacks originated from China and that it would "review the feasibility" of its business operations in China following the incident. According to Google, at least 20 other companies in various sectors had been targeted by the attacks. McAfee spokespersons claimed that "this is the highest profile attack of its kind that we have seen in recent memory."[37]
  • In February 2010, the United States Joint Forces Command released a study which included a summary of the threats posed by the internet: "The open and free flow of information favored by the West will allow adversaries an unprecedented ability to gather intelligence."[3]
  • On 19 June 2010, United States Senator Joe Lieberman (I-CT) introduced a bill called "Protecting Cyberspace as a National Asset Act of 2010",[38] which he co-wrote with Senator Susan Collins (R-ME) and Senator Thomas Carper (D-DE). If signed into law, this controversial bill, which the American media dubbed the "Kill switch bill", would grant the President emergency powers over parts of the Internet. However, all three co-authors of the bill issued a statement that instead, the bill "[narrowed] existing broad Presidential authority to take over telecommunications networks".[39]
  • In August 2010, the U.S. for the first time is publicly warning about the Chinese military's use of civilian computer experts in clandestine cyber attacks aimed at American companies and government agencies. The Pentagon also pointed to an alleged China-based computer spying network dubbed GhostNet that was revealed in a research report last year.[40] The Pentagon stated that the People's Liberation Army was using "information warfare units" to develop viruses to attack enemy computer systems and networks, and those units include civilian computer professionals. Commander Bob Mehal would monitor the PLA's buildup of its cyberwarfare capabilities and "will continue to develop capabilities to counter any potential threat."[41] In response to these and other clandestine cyber attacks by China, Amitai Etzioni of the Institute for Communitarian Policy Studies has suggested that China and the United States should agree to a policy of mutually assured restraint with respect to cyberspace. This would involve allowing both states to take the measures they deem necessary for their self-defense while simultaneously agreeing to refrain from taking offensive steps; it would also entail vetting these commitments.[42]
  • In 2010, American General Keith B. Alexander endorsed talks with Russia over a proposal to limit military attacks in cyberspace, representing a significant shift in U.S. policy.[43]
  • In 2011 as part of The Anonymous attack on HBGary Federal information about private companies such as Endgame systems who design offensive software for the Department of Defense were revealed. It was shown that Endgame systems job applicants had previously "managed team of 15 persons, responsible for coordinating offensive computer network operations for the United States Department of Defense and other federal agencies."[44]
  • In October 2012, the Pentagon was to host contractors who "want to propose revolutionary technologies for understanding, planning and managing cyberwarfare. It is part of an ambitious program that the Defense Advanced Research Projects Agency, or DARPA, calls Plan X, and the public description talks about 'understanding the cyber battlespace', quantifying 'battle damage' and working in DARPA's 'cyberwar laboratory.'"[45]

See also[edit]

Further reading[edit]

References[edit]

  1. ^ "American Forces Press Service: Lynn Explains the U.S Cybersecurity Strategy". Defense.gov. 
  2. ^ DOD – Cyberspace[dead link]
  3. ^ a b "The Joint Operating Environment", Report released, 18 Feb 2010, pp. 34–36
  4. ^ Nolan, John. "Reports: Air Force's troubled technology projects cost millions." Dayton Daily News, Ohio, 17 June 2012.
  5. ^ Thompson, Loren. "Five Things The Government's Cybersecurity Providers Should Have – And Usually Don't." Lexington Institute, 18 June 2012.
  6. ^ Rahija, Bryan. "The Cost of Contractor Computer Engineering Services." POGO, 25 June 2012.
  7. ^ "Official: NATO Should Build A 'Cyber Shield'". Red Orbit. 16 September 2010. 
  8. ^ New York Times: Pentagon to Consider Cyberattacks Acts of War
  9. ^ "White House Cyber Czar: ‘There Is No Cyberwar’" Wired magazine, 4 March 2010
  10. ^ Aram Roston (18 September 2012). "U.S.: Laws of war apply to cyber attacks". Army Times. Retrieved 24 February 2013. 
  11. ^ Conte, Andrew. "Nuke option necessary in case of massive cyberwar, report concludes.". Stripes.com. 
  12. ^ AFP: Stuxnet worm brings cyber warfare out of virtual world. Google.com (1 October 2010). Retrieved 8 November 2011.
  13. ^ Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon | Video on. Ted.com. Retrieved 8 November 2011.
  14. ^ "US General: Iran's Cyber War Machine 'A Force To Be Reckoned With'". Business Insider. Retrieved January 2013. 
  15. ^ Gary Samore speaking at the 10 December 2010 Washington Forum of the Foundation for Defense of Democracies in Washington DC, reported by C-Span and contained in the PBS program Need to Know ("Cracking the code: Defending against the superweapons of the 21st century cyberwar", 4 minutes into piece)
  16. ^ Rapoza, Kenneth (2013-06-22). "U.S. Hacked China Universities, Mobile Phones, Snowden Tells China Press". Forbes. 
  17. ^ SANGER, DAVID; PERLROTH, NICOLE (March 22, 2014). "N.S.A. Breached Chinese Servers Seen as Security Threat". The New York Times. 
  18. ^ "Cyberwar: War in the fifth domain". The Economist. 1 July 2010. Retrieved 4 July 2010. 
  19. ^ Smith, George. "Iraqi Cyberwar: an Ageless Joke." SecurityFocus. 10 Mar 2003. Web. 11 Oct 2009. <http://www.securityfocus.com/columnists/147>.
  20. ^ a b George Smith (10 March 2003). "Iraqi Cyberwar: an Ageless Joke". Securityfocus.com. 
  21. ^ Hancock, Bill. "Security Views." Computers & Security 18 (1999): 553–64. ScienceDirect. Web. 11 October 2009. <http://www.sciencedirect.com/science?_ob=MImg&_imagekey=B6V8G-463GSGP-2-1&_cdi=5870&_user=47004&_orig=search&_coverDate=12%2F31%2F1999&_sk=999819992&view=c&wchp=dGLzVlz-zSkWA&md5=a6d6590f9a8954864a1abbd91dd0a981&ie=/sdarticle.pdf>.
  22. ^ Reed, John. "Pentagon expanding public-private cyber information sharing program." Foreign Policy Magazine, 27 September 2012.
  23. ^ U.S. Department of Defense, Cyber Command Fact Sheet, 21 May 2010 http://www.stratcom.mil/factsheets/cc/
  24. ^ US Department of Defense (24 May 2010). "DoD Release No. 420-10 Establishment of Army Forces Cyber Command". defense.gov. Retrieved 24 May 2010. 
  25. ^ "20091203 IO Newsletter v10 no 03". 
  26. ^ Patrick Jackson (15 March 2010). "Meet USCybercom: Why the US is fielding a cyber army". BBC News. Retrieved 10 July 2010. 
  27. ^ "News Release: Army Forces Cyber Command Headquarters Standup Plan Announced". Defense.gov. Retrieved 10 July 2010. 
  28. ^ "Fort Mead News: USMC Cyber Command". Ftmeade.army.mil. 28 January 2010. Retrieved 10 July 2010. 
  29. ^ Mike Hoffman (8 June 2013). "Naval Academy Launches Cyber Operations Major". DefenseTech.org. 
  30. ^ Frequently Asked Questions
  31. ^ "Cyber War: Sabotaging the System". CBS News. 6 November 2009. 
  32. ^ The Washington Post: Pentagon computers attacked with flash drive[dead link]
  33. ^ "White House Eyes Cyber Security Plan". CBS News. 9 February 2009. 
  34. ^ Warrick, Joby; Pincus, Walter (1 April 2009). "Senate Legislation Would Federalize Cybersecurity". Washingtonpost.com. 
  35. ^ "Pentagon Bill To Fix Cyber Attacks: $100M". CBS News. 7 April 2009. 
  36. ^ "A new approach to China". Blogspot. 12 January 2010. Retrieved 17 January 2010. 
  37. ^ "Google Attack Is Tip Of Iceberg", McAfee Security Insights, 13 January 2010
  38. ^ pdf
  39. ^ Senators Say Cybersecurity Bill Has No 'Kill Switch', informationweek.com, 24 June 2010. Retrieved on 25 June 2010.
  40. ^ "ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People's Republic of China 2010" (PDF). 
  41. ^ AP: Pentagon takes aim at China cyber threat
  42. ^ Etzioni, Amitai, "MAR: A Model for US-China Relations," The Diplomat, September 20, 2013, [1].
  43. ^ Post (4 June 2010). "WSJ: U.S. Backs Talks on Cyber Warfare". Online.wsj.com. 
  44. ^ Haroon Meer (11 March 2011). "Lessons from Anonymous on cyberwar". Al Jazeera English. 
  45. ^ Shane, Scott (26 September 2012). "U.S. Officials Opening Up on Cyberwarfare". The New York Times. 
  46. ^ "Chase, NYSE Websites Targeted in Cyber Attacks.". Retrieved 15 March 2013. 
  47. ^ "Phase 2 Operation Ababil.". Retrieved 15 March 2013. 
  48. ^ "Bank Attackers Restart Operation Ababil DDoS Disruptions.". Retrieved 15 March 2013.