The new cyber arms race
By Mark Clayton, Christian Science Monitor, March 7, 2011
Arlington, Va.; and Idaho Falls, Idaho—Deep inside a glass-and-concrete office building in suburban Washington, Sean McGurk grasps the handle of a vault door, clicks in a secret entry code, and swings the steel slab open. Stepping over the raised lip of a submarinelike bulkhead, he enters a room bristling with some of the most sophisticated technology in the United States.
Arlington, Va.; and Idaho Falls, Idaho—Deep inside a glass-and-concrete office building in suburban Washington, Sean McGurk grasps the handle of a vault door, clicks in a secret entry code, and swings the steel slab open. Stepping over the raised lip of a submarinelike bulkhead, he enters a room bristling with some of the most sophisticated technology in the United States.
Banks of computers, hard drives humming on desktops, are tied into an electronic filtering system that monitors billions of bits of information flowing into dozens of federal agencies each second. At any given moment, an analyst can pop up information on a wall of five massive television screens that almost makes this feel like Cowboys Stadium in Arlington, Texas, rather than a bland office building in Arlington, Va.
The overriding purpose of all of it: to help prevent what could lead to the next world war.
Specifically, the “Einstein II” system, as it is called, is intended to detect a large cyberattack against the US. The first signs of such an “electronic Pearl Harbor” might include a power failure across a vast portion of the nation’s electric grid. It might be the crash of a vital military computer network. It could be a sudden poison gas release at a chemical plant or an explosion at an oil refinery.
Whatever it is, the scores of analysts staffing this new multimillion-dollar “watch and warn” center would, presumably, be able to see it and respond, says Mr. McGurk, the facility director. The National Cybersecurity and Communications Integration Center (NCCIC, pronounced en-kick) is one of the crown jewels of the Department of Homeland Security (DHS). It is linked to four other key watch centers run by the FBI, the Department of Defense (DOD), and the National Security Agency (NSA) that monitor military and overseas computer networks.
They are monuments to what is rapidly becoming a new global arms race. In the future, wars will not just be fought by soldiers with guns or with planes that drop bombs. They will also be fought with the click of a mouse a half a world away that unleashes carefully weaponized computer programs that disrupt or destroy critical industries like utilities, transportation, communications, and energy. Such attacks could also disable military networks that control the movement of troops, the path of jet fighters, the command and control of warships.
“The next time we want to go to war, maybe we wouldn’t even need to bomb a country,” says Liam O’Murchu, manager of operations for Symantec Security Response, a Mountain View, Calif., computer security firm. “We could just, you know, turn off its power.”
In this detached new warfare, soldiers wouldn’t be killing other soldiers on the field of battle. But it doesn’t mean there might not be casualties. Knocking out the power alone in a large section of the US could sow chaos. What if there were no heat in New England in January? No refrigeration for food? The leak of a radiation plume or chemical gas in an urban area? A sudden malfunction of the stock market? A disrupted air traffic control system?
These are the darkest scenarios, of course—the kind that people spin to sell books and pump up budgets for new cyberwar technology. Interviews with dozens of cyberconflict experts indicate that this kind of strategic, large-scale digital warfare—while possible—is not the most likely to happen. Instead, some see a prolonged period of aggressive cyberespionage, sabotage, and low-level attacks that damage electronic networks. As one recent study done for the Organization for Economic Cooperation and Development put it: “It is unlikely that there will ever be a true cyberwar.”
Yet others say that conclusion might be too conservative. The fact is, no one knows for sure where digital weaponry is heading. The cyber arms race is still in its infancy, and once a cybershot is fired, it’s hard to predict where the fusillade might end. In the seconds or minutes it might take staffers at the NCCIC to detect an attack, it could have already spread to US water supplies, railway networks, and other vital industries. How does the US military respond—or even know whom to retaliate against? If it does hit back, how does it prevent cyberweapons from spreading damage electronically to other nations around the world?
Policy experts are just beginning to ask some of these questions as the cyberweapons buildup begins. And make no mistake, it is beginning. By one estimate, more than 100 nations are now amassing cybermilitary capabilities. This doesn’t just mean erecting electronic defenses. It also means developing “offensive” weapons.
Shrouded in secrecy, the development of these weaponized new software programs is being done outside public view and with little debate about their impact on existing international treaties and on conventional theories of war, like deterrence, that have governed nations for decades.
“Here’s the problem—it’s 1946 in cyber,” says James Mulvenon, a founding member of the Cyber Conflict Studies Association, a nonprofit group in Washington. “So we have these potent new weapons, but we don’t have all the conceptual and doctrinal thinking that supports those weapons or any kind of deterrence. Worse, it’s not just the US and Soviets that have the weapons—it’s millions and millions of people around the world that have these weapons.”
In the new cyber world order, the conventional big powers won’t be the only ones carrying the cannons. Virtually any nation—or terrorist group or activist organization—with enough money and technical know-how will be able to develop or purchase software programs that could disrupt distant computer networks.
And the US, because it’s so wired, is more vulnerable than most big powers to this new form of warfare. It’s the price the country may one day pay for being an advanced and open society.
“If the nation went to war today, in a cyberwar, we would lose,” Mike McConnell, director of national intelligence from 2007 to 2009, told a US Senate committee a year ago. “We’re the most vulnerable. We’re the most connected. We have the most to lose.”
Definitions of what constitute a “cyberattack” or “cyberwar” vary, but experts roughly agree the US is now immersed in a continuous series of cyberconflicts. These are with state and nonstate actors, from Russia and China to criminal gangs and online protest groups.
“Are we in a cyberwar now?” asks John Bumgarner, research director at the US Cyber Consequences Unit, a Washington-based think tank, who once was a cyberwarrior with the US Army. “No, not yet. Are we being targeted and our nation’s networks attacked and infiltrated by nations that may be our adversaries in the future? Yes.”
“We in the US tend to think of war and peace as an on-off toggle switch—either at full-scale war or enjoying peace,” says Joel Brenner, former head of counterintelligence under the US Director of National Intelligence. “The reality is different. We are now in a constant state of conflict among nations that rarely gets to open warfare…. What we have to get used to is that even countries like China, with which we are certainly not at war, are in intensive cyberconflict with us.”
As well armed as the US is, its defenses are porous. The US may have the mightiest military in the world, but it is also the most computerized—everything from smart bombs to avionics to warship controls—making it unusually vulnerable to cyberassault.
The DOD’s communication system includes some 15,000 computer networks and 7 million computing devices. According to the Pentagon, unknown attackers try to breach its systems 6 million times a day. More than a few attempts have succeeded.
Hackers are believed to have stolen key elements of the F-35 jet fighter a few years ago from a defense contractor. In 2008, infiltrators used thumb drives to infect the DOD’s classified electronic network, resulting in what Deputy Defense Secretary William Lynn later called the “most significant breach of US military computers ever.”
Unlike many of its potential adversaries, the Pentagon is heavily reliant on computer networks. Over the past two decades, US industry, along with the military and federal agencies, have linked some networks and elements of the nation’s infrastructure—power plants, air traffic control systems, rail lines—to the notoriously insecure Internet. It makes it easier, faster, and cheaper to communicate and conduct business—but at a cost. Almost all electrical power used by US military bases, for instance, comes from commercial utilities, and the power grid is a key target of adversaries.
“We’re pretty vulnerable today,” says a former US national security official. “Our defense is superporous against anything sophisticated.”
No comments:
Post a Comment