Cliff Redding
Nov 9, 2011
Featured

Modern warfare: U.S. will attack cyberspace enemies

After land, sea, air and space, cyberspace has become what some call “the fifth domain.” And it has to be protected. Cyber warfare. In light of the recent incidents of foreign hackers zeroing in on the country’s digital infrastructure, the United States government needs to be more open about its development of offensive cyber weapons and spell out when it will use them as it grapples with an increasing barrage of attacks.    

 

The latest attacks occurred this summer, between July and September, and used “PoisonIvy” via emails. Auto companies and human rights groups have also been affected.  

 

“We’ve got to step up the game; we’ve got to talk about our offensive capabilities and train them; to make them credible so that people know there’s a penalty to this,” said Marine Gen. James Cartwright.  As the No. 2 uniformed officer in the U.S. military, Cartwright -- who retired in August as the vice chairman of the Joint Chiefs of staff -- is right on point with his statement, and the four-star Marine’s professional opinion is in line with several industry experts.      

 

Last year, Google was forced to shut down its China-based search engine after complaining of cyber attacks from China against its email service.  As a result of this back-and-forth, the United States and China have accused each other of industrial espionage -- and things have begun to heat up.    

 

According to California-based security firm Symantec Corp., cyber attacks traced to China have been tied to at least 48 chemical and military-related companies in an effort to steal technical secrets. Many of these attacks were traced to a Chinese man in his 20s in Hebei Province, central China.    

 

In February, another security firm, McAfee Inc., said hackers from China stole information from oil companies in the U.S., Taiwan, Greece and Kazakhstan. The hackers were seeking info on operations, financing and bidding for oil fields.   McAfee said in August it had discovered a five-year-long hacking campaign, Operation Shady Rat, against more than 70 governments, international institutions, corporations and think tanks. So, the issue is getting more intense.     

 

The task of dealing with this issue has been on our radar for a while now and at least there has been an ongoing campaign under way to address it. Something is better than nothing. But we can do better.   Two years ago, President Barack Obama declared America’s digital infrastructure to be a “strategic national asset.” About a year later, in May 2010, the Pentagon set up its new U.S. Cyber Command,(USCYBERCOM).

 

The United Kingdom, one of our longtime allies, has also put together a cyber-security and “operations centre” based in Government Communications Headquarters (GCHQ), the British equivalent of our National Security Security Agency.     

 

In the U.S., however, Cyber Command is only set up to protect the military, whereas the government and corporate infrastructures are primarily the responsibility respectively of the Department of Homeland Security and private companies. Basically, everything but the military is on its own. Every man for himself, to a point.

 

Cartwright is right. Right on point. Currently we are at DEFCON 5 -- the lowest level of military readiness. We certainly don’t have to move to DEFCON 1, the highest level of military readiness, where the issue of cyber attacks and protecting the fifth element is concerned (and we NEVER would want to go there) but somewhere between DEFCON 3 and DEFCON 4 would be more comforting to many.

 

The U.S. needs to “step up the game,” as he puts it. Think about what could happen if we didn’t take cyber warfare seriously. It is imperative that we do. Before it is too late.