X hits on this document





17 / 34


deaths of those requiring such services but also in a loss of confidence in the government’s ability to provide basic services and protection. As it became apparent that the attack was impacting other infrastructure such as commu- nications, transportation and water, the levels of fear and loss of confidence would begin to impact the basic social fabric. Attacks against the financial infrastructure would erode the capacity of business to function normally and raise questions among the public about the security of their personal finances, including retirement accounts, invest- ments and personal savings. Military networks, all of which utilise commercial communications pathways, would also be hampered, undermining command and con- trol, logistics and both preparedness and operations. In unrestricted cyber warfare, virtual attacks can have conse- quences that are real, profound and far-reaching.

The irony is that those nations, like the United States and its NATO Allies, that have the capacity to excel in cyber war as an adjunct to military operations — and can achieve information dominance over the battlefield — are also those most vulnerable to unrestricted cyber war. There are, however, measures that can be taken to reduce these vulner- abilities.

Cyber warfare is not fundamentally different from con- ventional, physical warfare. When conducted by a nation state, it is integrated into a defined strategy and doctrine, becomes part of military planning and is implemented with- in specific parameters. Consequently, it is subject to analysis and warning in much the same way as other military opera- tions. Indeed, there are several ways of reducing vulnerabil- ity to cyber war. These include anticipation and assessment, preventive or deterrent measures, defensive measures and measures for damage mitigation and reconstitution.

The Clausewitzian notion that war is an extension of pol- itics by other means provides the basis for the development and implementation of a reliable warning system for cyber threat. Prior to an attack, whether cyber or conventional, there is usually an element of political confrontation. Awareness of an escalating political conflict, recognition and analysis of developing cyber-warfare capabilities, and detection and assessment of attack precursors all provide warnings of impending cyber attacks. While still being developed, methodologies to provide warning can be com- bined with coordinated and sophisticated survivability strategies to increase the likelihood of recognition, response and recovery from a concerted cyber attack.

Warning methodologies are all the more important because of the difficulties inherent in identifying and assessing a sophisticated cyber attack. Differentiating a network attack from accidental factors (such as a surge in demand for certain information on the network) or imple- mentation mistakes (such as errors in the portion of a serv- er’s operating system that processes network traffic) is nei- ther quick nor easy. Moreover, even when it is clear that an

18 NATO review

attack is underway, the defender must correlate multiple pieces of information (each of doubtful quality) to gain a better understanding of the actions involved in the attack, before deciding how best to respond. The degradation of network service, data quality or capacity makes this diffi- cult, especially if the data on the network cannot be trusted.

Preventive or deterrent measures are difficult in the cyber world, partly because of the ability of attackers to remain anonymous. An unrestricted cyber-war offensive, however, would almost certainly provide some clues as to their identity. One of the issues for decision-makers in NATO countries for the future will therefore be whether such attacks lead simply to cyber retaliation or to retaliato- ry actions in the physical world, or both. Notions of link- age, escalation and deterrence that were familiar during the Cold War have to be re-examined in relation to new kinds of contingencies. Indeed, it might be that strategies of deterrence could have an impact in cyber space — at least against unrestricted offensives.

Defences can also be developed with some expectation of success. In the near term, modern network attack almost always favours the aggressor. In the long term, this advan- tage may shift to the defenders, as they identify the means of attack and block them by patching vulnerabilities and insulating network connections. Moreover, information networks can be made more robust. Essential network serv- ices can be isolated in order to maintain mission capability. Physical security and personnel training can minimise the threat of malicious insider activity. And firewalls and intru- sion detection systems can be configured in such a way as to provide warning and response systems for both public and private infrastructures.

Finally, it is necessary to develop a capacity for damage mitigation and reconstitution. Network design should inte- grate notions of robustness and survivability (based in part on the availability of other means to perform critical mis- sions), while contingency plans for the continued imple- mentation of critical roles and missions with far less cyber connectivity are essential. Insulated intranets that can oper- ate efficiently and safely without wider connections offer considerable promise in this respect.

All this is, of course, easier said than done. The obstacles to enhanced network survivability are many and varied. Security is often an afterthought rather than an integral part of network design. Government and business have different approaches to security and its provision. Dependence on computer networks often goes unquestioned. And the lines of responsibility in government are often blurred and con- fused by overlapping and competing jurisdictions. Yet all these difficulties can be overcome with a mixture of politi- cal will, organisational commitment, careful planning and systematic implementation. Defence planning needs to incorporate the virtual world, if there is to be any chance of limiting physical damage in the real world.

Winter 2001/2002

Document info
Document views85
Page views85
Page last viewedWed Oct 26 06:22:39 UTC 2016