Tuesday, April 21, 2015

Will Cyberwarfare Trump Aerospace Power?

By James McFarlin

Congress meets this month to consider the 2016 National Defense Authorization Act and appropriations bill.

Members will debate how to ensure America is prepared to meet tomorrow's national security challenges.

Given the accelerating rate of growth in military power across the globe, this is no easy task. China has a growing ballistic and cruise missile inventory possessing the capability to strike over long ranges. Iran fields a ballistic missiles arsenal able to strike across the Middle East and Europe. Russia has long possessed sophisticated ballistic and cruise missiles.

The cost of defending against such growing threats with traditional aerospace satellite surveillance and anti-missile systems has accelerated to the point where some congressional members of the House Armed Services Committee are suggesting a reevaluation of U.S. defense capabilities before 2016 spending commitments are made.

Such deliberations will be incomplete and perhaps near-obsolete unless a looming threat filling the horizon is addressed.

Cyber attacks against U.S. institutions are not a new phenomenon, Private and government networks have long been the target of cyber espionage, theft and disruption. Moreover, such attacks are becoming increasingly sophisticated and more frequent. Recent reports show a 2015 acceleration in attacks of 42% over 2014 levels.

At the same time, advancements in cyber technology are propelling increased use of cloud computing and mobile devices, making U.S. networks even more vulnerable to intrusions by state-sponsored organizations, hackers and terrorists.

In the December 2014 attack against Sony Pictures Entertainment, assailants stole films and internal records and destroyed data files and computer networks. Physical violence was threatened against Americans if the studio released its upcoming film "The Interview" depicting the assassination of N. Korea dictator Kim Jong-un. The confused, conflicting, and oft-reversed Sony and U.S. response to such threats showcased America's unpreparedness for cyber events for the world to see.

Admiral Michael Rogers, director of the National Security Agency and US Cyber Command, recently warned the house Intelligence Committee of even more dramatic cyber risks. He emphasized that assaults against the networks of industrial-controls systems - the electronic brains behind operation of infrastructure such as the electrical grid, nuclear power plants and air traffic control systems - would cause widespread damage and civilian deaths.

"There shouldn't be any doubt in our minds that there are nation-states and groups with the capability to do this," Adm. Rogers said.

Congress will no doubt give the priorities for future defense spending its serious attention. One can hope lawmakers are aware of the near-geometric expansion of cyber weapons and the increased threats such capabilities contribute to the vulnerability of U.S. networks and critical infrastructure.

Are ever-more advanced generations of existing weapons systems the path to America's future security or are they missing the mark in the cyber age?

Today's technology-fueled global environment suggests that cyber warfare trumping aerospace power may be more a matter of 'whenthan 'if,' and sooner rather than later. A new era has begun.

Monday, April 13, 2015

ISIS vs. Silicon Valley Cyber Wars

By James McFarlin

Terrorist groups such as ISIS are increasingly using social media tools as means of recruitment, training, fundraising and radicalization.  Some estimates place ISIS's volume of Twitter posts alone at 90,000 per day.

Facebook, YouTube, Instagram and other tools also form the basis for the radicals' command and control systems, providing ideal communication and planning tools with which to coordinate attacks.

ISIS and other groups' adept use of social media has attracted an estimated 3,000 Westerners to come to Syria and join the fight.  ISIS also produces a slick monthly English-language magazine named Dabiq.  This professionally-produced publication spreads messages of jihad and hate as well as instructions for terrorist actions such as bomb building and law enforcement avoidance.

Countering such messages is an increasingly difficult task for U.S. security agencies. Terrorist websites can and do pop up in alternative form if taken down, continuing their work.

Frustrated with its lack of social media reach against the terrorists, U.S. authorities have recently turned to America's tech titans to help counter the militants.  Foreign governments have also joined the fray.  French Interior Minister Bernard Cazeneuve recently visited Silicon Valley, urging U.S. tech firms to do more to rid their services of extremist postings.

This awkward relationship has also been aggravated as foreign governments recently assailed American social media companies as being too complicit with the U.S. National Security Agency.

Being drawn into a global war is a foreign experience for tech firms, and leaves them increasingly struggling with uncomfortable requests obliging them to spy on their own users.  Not complying places the firms in the position of being accused of supporting the broadcasting of hateful images that incite terrorism and facilitate radicalization.

Companies such as Apple which have pushed encryption in their products have produced cries of protest from U.S. security agencies.  The FBI, for example, suddenly finds itself less able to tap into the firm's public communications streams.

Other unintended consequences await U.S. firms.  Twitter employees recently received death threats from ISIS groups when the company removed online terrorist content from its data streams.  ISIS has also called out for the assassination of two American imams who have spoken out against the terrorist group's ideology using social media.

Where will these conflicting interests and needs lead?  No one knows for certain.  But the battlefields of the "Twitter wars" as they are sometimes called are clearly in their infancy.  Such conflicts will most certainly be played out in vigorous, unexpected ways over the coming months and years.

Friday, April 3, 2015

Obama Cyber Sanctions: Reality or Illusion?

By James McFarlin

Affirming that cyber threats "pose one of the most serious economic and national security challenges to the United States," President Barack Obama on April 1 announced the intent to level sanctions against hackers, foreign state-owned corporations and nation-states that harmfully attack U.S. critical information networks.

Serious questions remain, however, as to whether such sanctions will have the intended deterrent effect.  Or even take place at all.  Let's look at three major questions on the viability of such actions:

Attribution.  Affirmatively placing blame for attacks is a tricky, many times inconclusive and in all cases elusive endeavor.  Many remember the wide discussion, even heated arguments, over who was actually responsible for the Sony Pictures hack.  The government claimed it was North Korea.  I have been in presentations where impressive evidence was presented that the real attackers were, in one case, Russian, and in a second case, Sony insiders.  This is not an unusual circumstance.

Without confirmation of attacker's identity, how can sanctions or retaliatory action of any type be launched?  They can't.

Type of Response.  What level of sanctions are warranted by specific cyber theft, espionage, or other attacks? What is the process of determination and which government body makes such decisions?  It is widely believed, for example, that the U.S. fumbled the handling of the Sony attacks.

Who is to say future government cyberattack responses under Obama's sanctions order will be any different?  This is unproven territory where it is best to tread carefully.

Foreign Retaliation.  We are living in a world where unintended consequences abound. What if foreign hackers sanctioned for cyber attacks decide to change identities (easily done, in many ways) and make additional, even more damaging attacks on the U.S., such as to our power grid or transportation systems?  What if a nation-state sanctioned for espionage against the U.S. retaliates by stopping all trade with specific American technology firms?

It is not too hard to see that Pandora's Box, once opened by tenuous and perhaps unproven sanctions actions, can rain even more harmful cyber dangers on the U.S.

The point is, the problems of attribution, lack of response definition and the level of potential  'what ifs' may very well checkmate the U.S.-levied sanctions in many, unintended ways, severely limiting the implementation of such actions.

If such sanctions occur at all.  In which case, we have an illusion and a few headlines, nothing more.