Conquest libicki
“The real impetus is that the more cyberspace is ritical to a nation’s economy and defense, the more attractive to enemies is the prospect of crippling either or oboth via attacks on or through it.” 1
The term cyberspace coined in William Gibson’s classic 1984 Neuromancer 5
4 tenets of cyberspace
- Cyberspace is a replicable construt
- There has to be a master set of rules for any given space
- Some mechanisms and systems across different forms of cyberspace are persistent
- There are three layers to cyberspace, and teh conquest of each has vastly different meaning
- Physical - Only as effective as infrastructure is difficult to replicate 8*
- Syntactic layer - If my knowledge of rules is greater than yours, I may be able to get machines to do what I want even if you physically control them
- Semantic layer - information critical to humans or connected devices. Control of this layer may allow me to change the way you perceive reality
“Since the 1990s, … actions in [cyberspace] have been considered part of a briader topic, infirmation warfare.” 11
5 types of information warfare are currently in use, and two hypothetical
Commad and control warfare
Intelligence ased warfare
Electronic warfare
Psychological operations
Hacker warfare
Economic and informatoinn warfare
Cyberwarfare
16-17
Shift from warfare to operations in terminology to describe activities that could occur during peacetime within the military adopted in 1996
The anglo-saxon clarity of warfare should not be mistaken as lost in the change of terminology 17
“In the early 1990s, victims of most computer viruses acquried them by booting them up forom an infected floppy disk”
3 waves followed - macro viruses, worm, and viruses specific to PDAs and digital telephone waves 18
Information can be destroyed or degraded. Duplicity can avoid destrcution, while proclivity in misleading information can degrade the value of stealing information 20-1
Information used to manage information can have value, such as protocol, programs, or files on system management attacks on information and information systems are distinct entities,content and management 22
Unlike physical operations, cyber operations are much more likely to result in a stalling out or non-operating system than an operating system under false commands because computers are very effective at recognizing false information 27 */ this is where syntactic control is important
The intent and legal treatment of computer network attacks (hacking) and exploitation is different, though the mechanisms and skills requisite for each are similar. “Destruction of information is more likely than eavesdropping to be percieved as an act of war” 29
To compare a nuclear threat to a cyberthreat is like a firestorm vs. a snow storm. Different cities have different resiliencies to snowstorms, but not firestorms, snowstorm costs are greater but distributed, and the negative effects of a snowstorm are temporary for the most part while firestorms leave permanent damage. 39
One major break in this analysis is that nuclear warfare is real and happened while a large scale cyberattack has not yet been experienced in wartime 41
Information Warfare against Command and Control
Assessing War
Assessing cybersecurity
- Cyber damage assessment in battle
- Relative Strength of our own cyberforces as advantage
Vulnerabilities in context of pre-existing conditions systems, architectures and definitions
Impacts effects to cybersystems and those dependent on them
Liklihoods chaces that an attack initiates * chances that an attack is realized once initiated
267
Effects of cybersecurity breach
Operational effects
Monetary losses
Rep effects
270
A risk estimate may be prepared as a vector of scores 274
Law of Armed Conflict (LOAC)
Civlian cyber targest in conflict zone may be OK, some opponents may not follow LOAC 278
Russian partisans in Georgia
Aggressive cyber attacks
Defaced websites
Interruption of internet xion
-- LOAC prohbits participation of partisans in warfare without direct state control
UN Charter and LOAC apply to cyberspace 281
>> Tallin Manual
Security for McAffee detected 100k new malware samples per day in 2012 282
Surviving cyber War
Victoria’s Secret DDoS
Don’s Best Sports: Private defense against DoS:
- Robust Servers
- High levels of Bandwidth
63
Spurious BGP as DoS attacks: Youtube in Pakistan 70
@War
“Reachback” -> synthesis of tac and strat intel, developed after the “Prophet” intelligence machinery, designed for Korea, proved ineffective against a decentralized enemy such as those found in the Middle East.
No comments:
Post a Comment