Michael Senft
"History doesn't repeat itself but it oftentimes rhymes.”
-- Mark Twain
“Why did the lessons of Stuxnet, Wannacry, Heartbleed too Shamoon travel unheeded?” asked the inquisitive pupil to the doleful professor, whose withered, prematurely-aged seem upward bore witness to the shattering of a hyperconnected world. Today students enquire the same questions almost the Russo-Japanese War too the Castilian Civil War. Voluminous accounts detailed the terrible lethality of modern weaponry at the Siege of Port Arthur too the Battle of Mukden, which foretold the unimaginable bloodshed of the First World War. [1] Likewise, the Castilian Civil War was a harbinger of blitzkrieg warfare too the unspeakable carnage unleashed during the Second World War. [2,3,4] Despite insightful analysis too almost clairvoyant assessments, the lessons from both conflicts were largely ignored every bit they ran counter to prevailing views, established organizational structures too pre-ordained plans. Are nosotros whatsoever dissimilar today?
The Shadow of Stuxnet
“Cyber activity is a agency to an destination for each adversary.”
-- Benjamin Runkle [5]
It may live a daze to some, but figurer systems too software are less secure today than they were inward the 1970’s, due to exponential increases inward complexity. [6] More complex systems receive got to a greater extent than lines of code too to a greater extent than interactions within the code, which increment probability of safety vulnerabilities. [7] Pervasive interconnectivity combined amongst complex, systemic dependency on data engineering scientific discipline systems, mixed amongst compressed engineering scientific discipline evolution cycles too ironically cyber safety inquiry receive got converged to create a tinderbox of volatility. Influenza A virus subtype H5N1 mere spark has the potential to transform this tinderbox into a global conflagration. Although the footing today is vastly dissimilar than that of that of 1914, contemporary geo-political events travel along to foster a similar delicate surroundings pre-disposed to a “Guns of August” event, where offensive cyber activity initiates a chain reaction of escalation that shatters our hyperconnected world. The probability of a cyber “Guns of August” lawsuit increases exponentially every bit systemic technical too operational vulnerabilities emerge from the shadows of pervasive complacency too fail spanning decades. The proliferation of poorly safety Internet of Things (IoT) devices, render a rapidly recruitable bot-army ready to execute cyber-attacks at a moment’s notice. [8] Speed of execution, technical abstraction too the complexities of attribution provides fertile footing for misconceptions, miscalculations too mistakes inward responding to offensive cyber activity. [9] As highlighted inward Attributing Cyber Attacks,“governments larn to create upward one's psyche how to create attribution, too they larn to create upward one's psyche when attribution is expert plenty for action.” [10]
Given the considerable challenges of attribution too potential touching of offensive cyber activity, fifty-fifty a small-scale cyber-attack past times nation-state or non-state actors tin sow fertile footing for misconceptions, miscalculations too mistakes, which could Pb to responsive actions taken past times i or to a greater extent than impacted countries. It is slow to forget the First World War did non start directly after the assassination of Archduke Franz Ferdinand, but rather weeks after next rejected ultimatums from Austro-Hungarian Empire for Serbia to submit to several unpalatable demands too demands past times Deutschland for Russian Federation to stop their mobilization of military machine forces. [11] Influenza A virus subtype H5N1 scenario where i nation demands around other to manus over an private or grouping of hackers identified every bit existence responsible for a specific cyber-attack is quite plausible, every bit is the prospect this demand existence refused for political or other reasons.
Today rigid cyber-attack capabilities tin live easily acquired from diverse legal too illegal marketplaces, much similar the bomb thrown at Archduke Ferdinand’s vehicle too the pistol that fatally wounded him were readily available inward 1914. [12] The secretive nature of these offensive cyber capabilities has created a global digital arms race inward the shadows of cyberspace. Cyberspace provides an surroundings where the assailant possesses the first too maintains a distinct wages over the defender. As a result, the inflexible mobilization timetables of the First World War receive got been replaced past times the tyranny of microseconds to execute a outset bang inward venture to retain the initiative.
Cult of the Offense
“The best defence is a expert offense.”
-- Jack Dempsey
While countries publicly denounce offensive cyber activity, espionage executed via cyber agency is treated every bit an acceptable the world behavior. Existing international constabulary carried over to cyberspace allows that “responsible nations may bear out cyber espionage (violating a system’s confidentiality), but they may non bear out cyber-attacks (operations that violate a system’s integrity or availability)”. [13] Even though organizations such every bit the UN urge global rules for cyber warfare, the mightiness to violate a system’s confidentiality inward peacetime nether the guise of espionage, all but ensures the digital arms race volition travel along to accelerate since violation of a system’s confidentiality also provides, inward most cases, the mightiness to violate that system’s integrity and/or availability. [14]
This prototype has created the cult of the law-breaking inward cyberspace. The French cult of the law-breaking drove French strategy heading into World War 1, which was codified inward Plan 17. Plan 17, focused exclusively on law-breaking because “the offensive lone is suited to the temperament of French soldiers.” [11] Despite having obtained an early on version of the Schlieffen programme inward 1904, French forces were deployed render superior numbers against High German forces inward Alsace too Lorraine instead of defending against the main High German thrust through Belgium. Limited French success inward Alsace too Lorraine rapidly became irrelevant every bit High German forces rapidly outflanked French forces deployed on their shared border.
The contemporary cult of the law-breaking is reluctant to admit that the Internet has created an exposed, high-speed, low-cost assail vector against U.S critical infrastructure too key resources, which is vulnerable to a broad gain of adversaries seeking to impairment U.S. interests. The authors of Plan 17 fixated their hopes, strategy too preparation on the law-breaking at the expense of defensive operations, refusing to admit inconvenient realities that ran counter to their preordained plans.
We Slept at Dawn
"Everyone has a programme until they larn punched inward the mouth.”
-- Mike Tyson
Cyber-attacks are enabled through the exploitation of vulnerabilities, non through generation of force. [15] The investment inward defensive cyber operations has been considerable, but defensive concerns travel along to live secondary to ensuring the availability of information technology systems too offensive cyber operations rest the priority for resources. This despite overwhelming evidence that State too nonstate actors are focused on disrupting U.S. advantages inward communications. [16]
The investments inward defensive cyberspace operations receive got been centered on defense-in-depth, where multiple layers of safety controls are included within an information technology system. Defense-in-depth is expert inward theory, but it provides footling protection when a scheme tin endure a total compromise from a unmarried unknown attack. [6] Security measures Apple too Google implement inward their mobile operating systems on phones too tablets are meaningless if an adversary tin gain access to the scheme nitty-gritty via a vulnerability inward i of the many sub-components of the telephone such every bit the wi-fi or Bluetooth controller. [17] Both our hardware too software are Frankenstein-like creations built from sub-components sourced from a myriad of Original Equipment Manufacturers (OEM) operating on razor sparse turn a profit margins too millions of lines of code, oftentimes kludged together every bit rapidly every bit possible to sell to consumers, amongst safety a secondary concern. [18,19,20] Even to a greater extent than insidious are commutation hardware pattern vulnerabilities such every bit Meltdown too Spectre, which existed unknown for decades. [21,22] The likelihood of hereafter unknown attacks capable of a consummate scheme compromise brings into inquiry the wisdom of a defense-in-depth focus.
The forts of Liege too Namur were the epitome of defense-in-depth inward 1914, amongst disappearing gun turrets, interlocking fields of burn too 30-foot deep moats. [23] Designed to concur out for weeks nether continuous attack, these fortifications fell inward ii days, victims of a siege assail past times previously unknown gigantic cannons. While the outcome of an unknown cyber-attack lacks the visceral touching of a 16.5 inch shell, their effect is the same, neutralizing defenses to enable swift exploitation.
In his presentation at USENIX 2016 titled “Disrupting Nation State Hackers,” Rob Joyce, the erstwhile Chief of Tailored Access Operations, National Security Agency highlighted "If you lot actually desire to protect your network, you lot actually receive got to know your network." [24] How many organizations set inward the fourth dimension to know their network ameliorate than the people who designed it too the people who are securing it? Compare this amongst the grade of travail existence applied to obtain the same grade of noesis of target networks for offensive purposes.
John Boyd – Reloaded
“He who tin handgrip the quickest charge per unit of measurement of modify survives.”
-- John Boyd
Observe, Orient, Decide, too Act. The OODA loop is the refinement of John Boyd’s voluminous plant on agreement conflict too strategy. Regardless of warfighting domain, the combatant able to consistently execute the OODA loop to a greater extent than rapidly gains a decided wages every bit their adversary’s decision-making physical care for becomes overwhelmed past times continuous change. [25] In Patterns of Conflict, Boyd highlighted the initial success of Blitzkrieg at the start of the Second World War was enabled past times mission-focused Auftragstaktik that provided subordinates liberty of activity resulting inward “many (fast-breaking) simultaneous too sequential happenings to generate confusion too disorder”. [26, 27] The importance of Auftragstaktik cannot live understated every bit it enabled High German forces to larn within the French OODA loop, magnifying friction too producing paralysis which ultimately brought almost French collapse, despite the French possessing the wages inward discover too lineament of tanks too extensive fortifications.
Patterns of Conflict also provides a useful template to analyze cyberspace conflict. At a strategic level, applying the OODA loop to defence of U.S critical infrastructure too national safety systems exposes a complex labyrinth of legal authorities too byzantine Cold War era command too command structures. Cold War era assumptions too timelines enhance questions on the mightiness of the U.S. authorities to effectively coordinate response too execute recovery actions to address a wide-scale cyber-attack too the cascading effects that would result. At the operational too tactical levels, questions are raised on the mightiness of DoD too other authorities agencies, operating nether dissimilar authorities, chains of command, too interconnected networks configured amongst dissimilar cybersecurity systems, physical care for too procedures, to effectively execute the OODA loop rapidly plenty to adequately response to adversary activity. The challenges of rapidly too accurately executing the OODA loop inward cyberspace provides fertile footing for the same misconceptions, miscalculations too mistakes that sounded the guns of August.
Lessons from history highlight the importance of executing the OODA loop to a greater extent than rapidly than an adversary, regardless of the domain. Cyberspace is the zenith of a rapidly changing warfighting domain, which demands fully knowing too agreement the devices, safety too technologies within our data engineering scientific discipline networks to rapidly discover adversary cyber activity. Likewise, rapidly feeding, processing too fusing this data into accurate orientation for determination making requires adaptive, agile too efficient processes too procedures.
The 2018 National Defense Strategy recognizes the demand to evolve innovative operations concepts, which is critically needed inward the execution of cyberspace operations. [28] Rapidly executing the OODA loop for cyberspace operations requires a prototype shift inward the command too command of cyberspace operations, transitioning from a traditional overstep downward hierarchy, to a to a greater extent than agile too adaptive create grounded inward disciplined initiative. One such concept is a wirearchy, defined every bit a “dynamic two-way period of time of mightiness too say-so based on knowledge, trust, credibility too a focus on results.” [29] While the concept of a wirearchy seems radical, too thence was the widespread work of radios to execute military machine operations at the start of the Second World War. Pre-World War Two French tactical focus emphasized conformance to planned maneuvers, which resulted inward only 20 per centum of their tank forcefulness existence fielded amongst radios. This is inward stark contrast to the near-universal fielding of radios to High German tanks prior to the start of the Second World War that enabled Auftragstaktik too Blitzkreig. [30] Established organizational structures too pre-ordained plans within the French military machine derailed whatsoever attempts to plain radios to tanks to a greater extent than widely, until it was besides late. The French sense during the First too Second World War are lessons that overemphasis on either the law-breaking or defence tin termination inward strategic defeat, piece highlighting the importance of agile too adaptive command too command structures capable of rapidly executing the OODA loop. Only fourth dimension volition tell if operational concepts inward organizing too employing cyber forces are able to evolve to encounter the challenges of hereafter conflict, or if these innovative operational concepts are stifled because they ran counter to prevailing views, established organizational structures too pre-ordained plans.
Reflections on Trusting Trust
“You can't trust code that you lot did non totally create yourself.”
-- Ken Thompson
“It is hard to larn a human being to sympathise something, when his salary depends upon his non agreement it” [31] the professor wryly replied. “Who actually benefits from secure computers?” he said amongst a morose smile. “Consumers larn less expensive systems too software amongst to a greater extent than features, companies are able to sell anti-virus too other cyber safety products too services too governments are able to to a greater extent than easily execute espionage too majority surveillance operations. Stuxnet, Wannacry, Heartbleed, Shamoon, these were all alarm shots that were largely ignored because resolving their origin campaign within an opened upward Internet ecosystem required expensive, disruptive too problematic solutions involving tradeoffs betwixt security, privacy too availability.” Perhaps only the trauma of catastrophe tin inflame the prototype shift necessary to overcome a half-century of cyber safety complacency too comprehend the hard efforts required to bang a residue betwixt safety too availability. thirty days sealed the fate of a generation a century ago. Perhaps only thirty milliseconds volition live needed to seal the fate of another.
The views too opinions expressed are those of the writer too non necessarily the positions of the U.S. Army, Department of Defense, or the U.S. Government.
References
[1] Sisemore, J. (2003). The Russo-Japanese War, Lessons Not Learned. United States Army Command too General Staff College. Retrieved from http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA430841
[2] Oppenheimer, P. (1986). From the Castilian Civil War to the Fall of France: Luftwaffe Lessons Learned too Applied. Institute for History. Retrieved from http://www.ihr.org/jhr/v07/v07p133_Oppenheimer.html
[3] Corum, J. (1998). The Castilian Civil War: Lessons Learned too Not Learned past times the Great Powers. The Journal of Military History. Retrieved from www.jstor.org/stable/120719
[4] Pisano, D. (2013). American Military Aviation inward the Interwar Years too After: Some Historical Reappraisals.Smithsonian National Air too Space Museum. Retrieved from https://airandspace.si.edu/stories/editorial/american-military-aviation-interwar-years-and-after-some-historical-reappraisals
[5] Runkle, B. (2016). The Best Strategy for Cyber Conflict May Not Be a Cyber Strategy. Retrieved fromhttps://warontherocks.com/2016/11/the-best-strategy-for-cyber-conflict-may-not-be-a-cyber-strategy/
[6] Garfinkel, S. (2016). The Cybersecurity Mess. Retrieved from http://simson.net/ref/2016/2016-12-14_Cybersecurity.pdf
[7] McCabe Software, Inc. (n.d.). More Complex = Less Secure. Retrieved from
[8] Greenberg, A. (2017). The Reaper IOT Botnet Has Already Infected a Million Networks. Retrieved fromhttps://www.wired.com/story/reaper-iot-botnet-infected-million-networks/
[9] Davis, J. (2017). Stateless Attribution: Toward International Accountability inward Cyberspace. Santa Monica, CA: Rand Corporation. Retrieved fromhttps://www.rand.org/content/dam/rand/pubs/research_reports/RR2000/RR2081/RAND_RR2081.pdf
[10] Rid, T. & Buchanan, B. (2015). Attributing Cyber Attacks, Journal of Strategic Studies, 38:1-2, 4-37. Retrieved from http://dx.doi.org/10.1080/01402390.2014.977382
[11] Tuchman, B. (1962). The Guns of August. London: Penguin, 2014. Print.
[12] The Economist. (2013). The Digital Arms Trade. The Economist (US). Retrieved fromhttps://www.economist.com/news/business/21574478-market-software-helps-hackers-penetrate-computer-systems-digital-arms-trade
[13] Libicki, M. (2017). The Coming of Cyber Espionage Norms. 2017 ninth International Conference on Cyber Conflict (CyCon). Retrieved fromhttps://ccdcoe.org/sites/default/files/multimedia/pdf/Art%2001%20The%20Coming%20of%20Cyber%20Espionage%20Norms.pdf
[14] Khalip, A. (2018). U.N. Chief Urges Global Rules for Cyber Warfare. Retrieved fromhttps://www.reuters.com/article/us-un-guterres-cyber/u-n-chief-urges-global-rules-for-cyber-warfare-idUSKCN1G31Q4
[15] Libicki, M. (2009). Cyberdeterrence too Cyberwar. RAND Corporation. Retrieved fromhttps://www.rand.org/content/dam/rand/pubs/monographs/2009/RAND_MG877.pdf
[16] U.S. Department of the Army. (2014). The Army Operating Concept, Win inward a Complex World. TRADOC Pamphlet 525-3-1. Retrieved from http://www.tradoc.army.mil/tpubs/pams/tp525-3-1.pdf .
[17] Greenberg, A. (2017). How a Bug inward an Obscure Chip Exposed a Billion Smartphones to Hackers. WIRED. Retrieved from https://www.wired.com/story/broadpwn-wi-fi-vulnerability-ios-android/
[18] Mishkin, S., & Palmer, M. (2012). Foxconn survives on sparse slices of Apple. Financial Times. Retrieved fromhttps://www.ft.com/content/170a225c-0356-11e2-a284-00144feabdc0
[19] Schneier, B. (2014). The Internet of Things is Wildly Insecure – And Often Unpatchable. WIRED. Retrieved from https://www.wired.com/2014/01/theres-no-good-way-to-patch-the-internet-of-things-and-thats-a-huge-problem/
[20] The Economist. (2017). Why Everything is Hackable. The Economist (US). Retrieved fromhttps://www.economist.com/news/science-and-technology/21720268-consequences-pile-up-things-are-starting-improve-computer-security
[21] Project Zero. (2018). Reading Privileged Memory amongst a Side-Channel. Retrieved fromhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
[22] McLellan, P. (2018). Why You Shouldn’t Trust Ken Thompson. Retrieved fromhttps://community.cadence.com/cadence_blogs_8/b/breakfast-bytes/posts/why-you-shouldn-t-trust-ken-thompson
[23] Battle of Liège. (2018). Wikipedia. Retrieved fromhttps://en.wikipedia.org/wiki/Battle_of_Li%C3%A8ge#The_Fortified_Position_of_Li%C3%A8ge
[24] Joyce, R. (2016). Disrupting Nation State Hackers. USENIX 2016 Presentation. Retrieved fromhttps://www.usenix.org/conference/enigma2016/conference-program/presentation/joyce
[25] Osinga, F. (2007). Science, Strategy too War: The Strategic Theory of John Boyd. London: Routledge.
[26] Boyd J. (1986). Patterns of Conflict. Retrieved from http://www.dnipogo.org/boyd/pdf/poc.pdf
[27] Widder, W. (2002). Auftragstaktik too Innere Führung. Military Review. Retrieved fromhttp://www.ramblemuse.com/rmtp/wp-content/uploads/2010/06/Widder_2002_Auftragstaktik_MilRevr.pdf
[28] U.S. Department of Defense. (2018). Summary of the 2018 National Defense Strategy of the U.S. of America. Retrieved from https://www.defense.gov/Portals/1/Documents/pubs/2018-National-Defense-Strategy-Summary.pdf
[29] Wirearchy. (2018). Retrived from http://wirearchy.com/what-is-wirearchy/
[30] Larew, K. (2005). "From Pigeons to Crystals: the evolution of radio communication inward U.S. Army tanks inward World War II”. The Historian
[31] Sinclair, U. (1994). I, candidate for governor: too how I got licked. Berkeley: University of California Press.
Buat lebih berguna, kongsi:
