Friday, September 5, 2008

CyberWar: A Threat Worth Considering

In the May 31 issue of the National Journal there was a report that speculation is growing throughout defense and security establishments that the recent blackouts in Florida and the Northeast, which occurred shortly after the US Navy demonstrated its ability to shoot down a satellite, was in fact caused by hackers emanating from China, specifically the PLA.

One can never be certain whether reports such as this are simple hysteria, or are based upon real evidence. Another rumor that circulated recently in the Pentagon was that the Southern California wild fires that destroyed so much near San Diego were actually set by Al Qaeda. As someone who spends a fair amount of time looking at terrorism data, I’d place that rumor in the possible but unlikely bin.

But the hacking rumor seems like it may have more substance. According to Tim Bennett, former president of the Cyber Security Industrial Alliance, U.S. intelligence officials have claimed that the PLA gained access to a network that controlled electric power systems serving the Northeaster U.S. Forensic systems analysis had confirmed that the sources was indeed the PLA.

Bennett’s claim was corroborated by a second information security expert, who said that the intention was probably to map the power system, but accidentally triggered the blackouts when they succumbed to a “what happens if I pull on this moment.”
Map the power system? Now why would they want to do that? The less paranoid may say that it’s because the Chinese have large infrastructure problems of their own and wish to learn how we do it. I suppose that’s reasonable enough, but it seems to me there’s plenty of ways to get our help on that legitimately. What’s more, then why would it be done by the PLA?

The Chinese have a tradition of asymmetric warfare, and have invested heavily in cyberwarfare initiatives. DoD and other government agencies have reported huge spikes in cyber attacks on all of their systems, as hackers attempt to gain access and compromise security. This is information that I can personally verify in that I’ve heard these claims come directly from the senior leadership of the Air Force.

But this information is not compartmentalized in the halls of the Pentagon. Representative Jim Langevine said that his staff has examined several hacker networks and claims that the results have shown that China is the primary concern for invasive hacking on American systems.

But the handiwork of Chinese hackers has not been limited to government. The private economic sector has been hit especially hard by cyber attacks. Businesses have related stories in which their Chinese counterparts already knew all of their bottom line positions and would open negotiations there. In 2007, while visiting Beijing, clandestine spyware programs were discovered on devices used by Commerce Secretary Carlos Gutierrez that were designed to remove information from those systems.

Stephen Spoonamoore, CEO of Cybrinth, a computer security firm, claims that executives from the Fortune 500 companies had document stealing code planted on their computers while traveling in China.

The attacks on the civilian sector have not gone unnoticed in Washington either. Because most of the infrastructure in the U.S. is privately owned, the government finds it difficult to compel operators to better monitor systems. Of further concern is that much of the security software unitized is designed by others, often off-shore. The concern is that the existence of backdoors or other problems may not become known until after the damage has been done.

The defense department declared for the first time in 2007 that attacks against U.S. Government sites have come largely from China. In March, Air Force General Kevin Chilton, chief of U.S. Strategic Command claimed that the Pentagon has its own cyberwar plan. In a statement to the Senate Armed Service Committee he asked appropriators for an “increased emphasis” on cyberwarfare in order to conduct “network warfare.” Currently the Air Force is in the process of setting up Cyberspace Command, comprised of 160 individuals at a handful of bases.

The issue has not escaped notice by the President. President Bush has crafted an executive order to layout out a broad plan to shore up government network defenses. This ambitious plan comes with an ambitious price tag of 30 billion dollars (the entire budget of Homeland Security is 50 billion).

Unfortunately, “The U.S. government doesn’t really have a policy on the use of these techniques,” says Michael Vatis, former director of the FBI’s National Infrastructure Protection Center. “They take place, and people have strong suspicions…. But as long as they’re not able to prove it, there’s very little that they can do about it. And so there’s often not as much outrage expressed.” I think this attitude is unfortunate, but it’s common. Because I spent a dozen years doing professional programming, I know several well placed IT professionals in industry and government. Few if any feel that there’s a significant threat.

Yet, if Chinese hackers are able to map our energy grids, and then shut them down by hacking into our systems, one has to wonder what else they’ve accomplished. It seems foolish that this threat should be taken as lightly as it is by the civilian sector especially.

In their now infamous book Unrestricted Warfare, by PLA Colonels Qiao Liang and Wang Xiangsui, the point is made unequivocally that cyberwarfare is an essential part of Chinese conflict planning with the United States. Russia has also shown the effectiveness of Cyberwarfare in their recent trysts in Eastern Europe. All of this begs the question, why is Cyber Command composed of only 160 people?

In the last round of SBIR RFPs issued by the DoD, there are several initiatives to find ways to train people on the threats of hacking and cyberwarfare. But unfortunately, no initiatives were present for training on how to combat it, or, more importantly, how to incorporate offensive and defensive cyber warfare measures into doctrine, planning, or strategy. So far it seems that the approach to cyber warfare is underdeveloped at best, criminally negligent at worst.

To relate all of this to wargaming, it seems to me that if the old SPI were around today, this is a warfare topic they’d be tackling. Joseph Miranda has made some efforts to design abstract games on the topic, but few seem that interested. This is unfortunate. Cyberwar may in fact be the number one warfare methodology in the 21st century, affecting us economically and socially, not to mention militarily. And, given the technological dependence of today’s armed services, it seems to me it should be a top concern for those involved in defense planning.

Lately I’ve seen several talented designers show interest in designing new games on NATO/Warsaw Pact conflict of the 1980s. I don’t get it. We stand on the verge of new vistas in the development and advancement of modern conflict doctrine, yet our best minds are preoccupied with the war that never happened. Our hobby has a legacy; one that placed our best designers of the 1970’s and ‘80s into professional positions of planning the real thing. Where is that legacy of designers today?

Cyberwar, it appears, is a reality, and one that is much more significant and threatening than most of us probably imagined. I encourage you, whether designer or player, to think about how we can incorporate cyberwarfare into our gaming lexicon. Someone, clearly, has to do it. Why not us?

No comments: