Cyber War and America’s Response

TYW27

Verified Military
Joined
Jan 15, 2013
Messages
133
Location
East Tennessee
Could you say that's by design? Seems that gives one an out when determining the response. The cyber side worries me like nothing else. It's far scarier than anything kinetic in my opinion.

100%. Same here. I believe this will be the next equivalent to a nuclear arms race. And we probably have no idea how bad a cyber attack can be until someone else pulls the cyber trigger.

I read the article NPR put out about fighting ISIS through the Cyber realm. They (ISIS) had their own IT admins and an entire TEAM of IT?! And look how much they could do. Now scale that up to a Cyber army of about 100 people. Scale the technology and capabilities up and....yea that’s a scary picture.
 

frostyred

Army HUMINT
Verified Military
Joined
Sep 5, 2019
Messages
111
I think the international community defines a cyber attack as an action in cyberspace that destroys or manipulates something. This can be physical destruction, like when Stuxnet destroyed a centrifuge in an Iranian nuclear facility, or cyber destruction like when the US deleted a Hezbollah database after they took over a British tanker. Denying someone service, like what Russia did to Estonia a few years back, also qualifies. I think that we need to define a third category. Hacking into a military target like the Pentagon is one thing but hacking into our critical infrastructure is another. Where do you put the red lines? What do you do when someone crosses them? Do you respond in kind or with a kinetic attack? No one has good answers to these questions.

I think the argument there is that it depends on who/what body does it, right? At least, from a policy standpoint.

This is part of the reason I'm happy the Pentagon is finally figuring out their shiz re: information warfare, because it should lead to us having a clearer direction on how to respond to things; as the military figures out what it's left and right limits are regarding who they're pew-pewing with data guns, the rest of the country will probably follow suit.

How the Defense Department is reorganizing for information warfare

Which is also why I love how ARCYBER is oriented, or at least how Fogerty is pushing.

https://www.c4isrnet.com/smr/inform...tlines-ten-year-plan-for-information-warfare/
 

Gunz

Combined Action
Verified Military
Joined
Jun 29, 2014
Messages
7,387
Location
Decisive Terrain
The attack levels were defined during the Obama administration with Level 5 being a catastrophic cyber attack on military and infrastructure networks, an attack that could likely, directly or indirectly, cause death and destruction.

And as far as response, I suppose it would depends on the amount of damage caused by the attack. A severe cyber attack on critical infrastructure that endangers lives and causes mass chaos ought to warrant full military retaliation. Just my 2c
 
Last edited:

frostyred

Army HUMINT
Verified Military
Joined
Sep 5, 2019
Messages
111
The PRC’s invested billions in the technology. No doubt the Russians are engaged in R&D, as are government and private sector entities in the US and elsewhere; Google, IBM and others working on the computers themselves and various research groups working on the antidotal PQC.
Anyone who wants to learn about how China's using data in lots of scary ways should listen/read to AI Superpowers, very interesting for the person who doesn't know much about China and their cyber/data related exploits.
 

Kheenbish

Verified Military
Joined
Dec 24, 2012
Messages
227
I think the international community defines a cyber attack as an action in cyberspace that destroys or manipulates something.
Having worked in the private and military areas for cybersecurity, each sector seems to define the actions differently for different purposes.

From what I've experienced, a cyber attack defined in the private sector is an action taken to gain access or disable an operation launched from one computer to another.

This definition falls in line with the attacks mentioned but also phishing attacks where the goal isn't to disable an operation with that action, but to gain further information to potentially breach a network and either gain further access or disable an operation further on. Yes, an intrusion might not hinder an operation, but that information is used as a piece to stop an operation in the future.

I think a major issue is we are tripping over ourselves trying to define what is an isn't an attack. We spend a lot of time categorizing DCO, OCO, CNO, etc.

I think all intrusions should be seen as an attack as most are the first step in the chain to conduct follow on operations, everything starts with reconnaissance.
 

frostyred

Army HUMINT
Verified Military
Joined
Sep 5, 2019
Messages
111
I think all intrusions should be seen as an attack as most are the first step in the chain to conduct follow on operations, everything starts with reconnaissance.
I think the problem ends up being that we haven't built a dependable structure to whose sandbox is whose; Critical infrastructure should probably fall under the umbrella of State Dept, but the DoD barely has it going, so I'm sure State and every other entity is even FARTHER behind.
 

Kheenbish

Verified Military
Joined
Dec 24, 2012
Messages
227
I think the problem ends up being that we haven't built a dependable structure to whose sandbox is whose; Critical infrastructure should probably fall under the umbrella of State Dept, but the DoD barely has it going, so I'm sure State and every other entity is even FARTHER behind.
True and if we define intrusions as attacks that opens up a can of worms of setting a standard that could end up going badly for us.
 

TYW27

Verified Military
Joined
Jan 15, 2013
Messages
133
Location
East Tennessee
The attack levels were defined during the Obama administration with Level 5 being a catastrophic cyber attack on military and infrastructure networks, an attack that could likely, directly or indirectly, cause death and destruction.

Far scarier are the implications suggested by the development of quantum computerization, so potentially destructive that efforts to counter it—post-quantum cryptography—have been underway since 2016 or so even though quantum computers are maybe 10-15 years away from a fully functioning model.

The PRC’s invested billions in the technology. No doubt the Russians are engaged in R&D, as are government and private sector entities in the US and elsewhere; Google, IBM and others working on the computers themselves and various research groups working on the antidotal PQC.

And as far as response, I think it depends on the amount of damage caused by the attack. A severe cyber attack on critical infrastructure that endangers lives and causes mass chaos ought to warrant full military retaliation. Just my 2c

Yea, I tried to find what you were referring to on the CISA and NIST websites and couldn’t see anything. Not even with a Google search - nothing close to what you mentioned at least
 

GOTWA

Half Faceless Man
Verified Military
Joined
Jul 3, 2017
Messages
1,066
Yea, I tried to find what you were referring to on the CISA and NIST websites and couldn’t see anything. Not even with a Google search - nothing close to what you mentioned at least

I can only imagine what an RMF package will look like in 10 years.
 

frostyred

Army HUMINT
Verified Military
Joined
Sep 5, 2019
Messages
111
Yea, I tried to find what you were referring to on the CISA and NIST websites and couldn’t see anything. Not even with a Google search - nothing close to what you mentioned at least
Which part of that were you trying to find?
 

Gunz

Combined Action
Verified Military
Joined
Jun 29, 2014
Messages
7,387
Location
Decisive Terrain
Well, I'm going back to 2013. It was proposed during the Obama Administration after the NSA attack. Now whether or not it was officially adopted by CIST or the Trump Administration, I can't say. I do remember that it came under some criticism at the time and I assumed it was official and still existed. My apologies.

1469556024341645.png
 

Attachments

  • 1469556024341645.png
    1469556024341645.png
    361.6 KB · Views: 4

frostyred

Army HUMINT
Verified Military
Joined
Sep 5, 2019
Messages
111
Well, I'm going back to 2013. It was proposed during the Obama Administration after the NSA attack. Now whether or not it was officially adopted by CIST or the Trump Administration, I can't say. I do remember that it came under some criticism at the time and I assumed it was official and still existed. My apologies.

Obama institutes new directive on cyberattacks
 

Locksteady

Member
Joined
Feb 14, 2012
Messages
657
I mean, it shouldn't. We have to take the same mentality as big companies such as Microsoft and assume that either networks have already been compromised (which, in most of these instances, is true) and mitigate what we can. Informationalized warfare is a bitch because it's got so, so many more vectors of attack.
Agreed.

To this point, the extent to which information technology is inextricably intertwined with Chinese software and hardware in the supply chain makes an avoidance-based national cybersecurity policy unrealistic. The most feasible security approach seems to be one that recognizes the inevitability of penetration due to that increasingly shared technology environment and, like you said, does its best to mitigate the inevitable without crippling American businesses and the pace of tech innovations in the process.
 

frostyred

Army HUMINT
Verified Military
Joined
Sep 5, 2019
Messages
111
Agreed.

To this point, the extent to which information technology is inextricably intertwined with Chinese software and hardware in the supply chain makes an avoidance-based national cybersecurity policy unrealistic. The most feasible security approach seems to be one that recognizes the inevitability of penetration due to that increasingly shared technology environment and, like you said, does its best to mitigate the inevitable without crippling American businesses and the pace of tech innovations in the process.
Part of that is changing the common mentality on privacy, and what the basic steps are for achieving that. The U.S. populace en masse has only recently began accepting the idea of VPN usage; I bet even fewer realize how easy it is to encrypt information; and I doubt that most state and local leadership has any measurable and dependable degree of tech literacy.
 

TYW27

Verified Military
Joined
Jan 15, 2013
Messages
133
Location
East Tennessee
Well, I'm going back to 2013. It was proposed during the Obama Administration after the NSA attack. Now whether or not it was officially adopted by CIST or the Trump Administration, I can't say. I do remember that it came under some criticism at the time and I assumed it was official and still existed. My apologies.

View attachment 37940

To clarify I didn’t mean that I thought your information was wrong or inaccurate. I just couldn’t find Level 4 or 5 Cyber Attacks on those websites. I did a brief Google around but the closest I found was a small business Cyber Threat module.

EDIT - see it now. Technically you could classify the SUNBURST attack as at least a level 4. It WILL cause danger to national security.
 

TYW27

Verified Military
Joined
Jan 15, 2013
Messages
133
Location
East Tennessee
Just read a ZDNet article that says this SUNBURST cyberattack is the Cyber Pearl Harbor we have been fearing. It does seem like the biggest hack on the US so far. So I guess we’re about to start defining the lines a lot more. I’m hoping (and a little worried) at where that might take us.

Will we retaliate with a counterattack in the cyber world? Will we do a virtual island hopping campaign that ends with a cyber attack warhead?
 

Kheenbish

Verified Military
Joined
Dec 24, 2012
Messages
227
Great article from the Center for Strategic and International Studies about how the IC needs to adapt to the growing cyber and technological advances

The actual report is long, but there are a lot of good points made throughout the study.

Report
 

Florida173

SOF Support
Joined
Oct 14, 2008
Messages
2,320
Location
NCR
Great article from the Center for Strategic and International Studies about how the IC needs to adapt to the growing cyber and technological advances

The actual report is long, but there are a lot of good points made throughout the study.

Report

My organization contributed to some of this.. and I have yet to read it in full, but I'm going to manage my expectations on what it says. I'll follow up later.
 

Kheenbish

Verified Military
Joined
Dec 24, 2012
Messages
227
My organization contributed to some of this.. and I have yet to read it in full, but I'm going to manage my expectations on what it says. I'll follow up later.
I found some of it to be common sense, but I've learned what is common sense to me is not always clear to those in leadership positions.
 
Top