By Jose Nazario
It’s been yet another busy month for all of us, and especially in this space (cyber conflict and cyber warfare). DARPA’s PlanX BAA was released along with a new BAA dubbed ‘VET’ to investigate hardware security based on the Congressional report on Huawei and ZTE, Syria cut off Internet for their citizens, and much more. The links below caught my eye as being notable events in the past month.
The three-day all-India executive meeting of the Rashtriya Swayamsevak Sangh (RSS), the 87-year-old organisation, came to an end at suburban Kelambakkam here on Sunday, with a call to formulate a comprehensive national security policy.
Contending that China posed a threat in cyber technology and communications, a resolution said the neighbouring country, with huge investments in cyber warfare security, had become so strong that it could cripple the technological capabilities of even advanced nations such as the U.S.
In a bid to boost cooperation in the cyber security domain, India and the UK today decided to to conduct their Cyber Dialogue on a bi-annual basis to achieve objectives such as reducing the risk of threats from cyberspace to international security and tackle cyber crime. This was announced after a comprehensive discussion between external affairs minister Salman Khurshid and his British counterpart William Hague on wide-ranging issues, including defence, counter-terrorism and cyber security.
A Joint Statement on Cooperation between India and the United Kingdom on Cyber Issues was also issued on the occasion.
MADISON, SD – Cyber warfare isn’t just a Hollywood plot line. It’s real. The United States is ramping up protection against a growing number of attacks on federal defense and security networks. If successful, foreign attackers could severely cripple those networks, leaving the nation vulnerable.
DAMASCUS – Syrian Internet and mobile phone links remained cut for a third straight day on Saturday, an AFP correspondent in Damascus reported, amid US accusations the government is deliberately seeking to deprive the opposition of communications.
Note: Over the weekend of December 1-2, 2012, Syrian connectivity was restored.
“DoD relies on millions of devices to bring network access and functionality to its users,” said Tim Fraser, DARPA program manager. ”Rigorously vetting software and firmware in each and every one of them is beyond our present capabilities, and the perception that this problem is simply unapproachable is widespread. The most significant output of the VET program will be a set of techniques, tools and demonstrations that will forever change this perception.”
DARPA is soliciting innovative research proposals in the area of understanding, planning, and managing military cyber operations in real-time, large-scale, and dynamic network environments. Plan X will conduct novel research into the nature of cyberwarfare and support development of fundamental strategies needed to dominate the cyber battlespace. Proposed research should investigate innovative approaches that enable revolutionary advances in science, devices, or systems. Specifically excluded is research that primarily results in evolutionary improvements to the existing state of practice.
Blogs & Opinion Pieces
Interestingly, the U.S. is in a good position to outspend its adversaries on proactive defense. Proactive defense can be our differentiator and a serious deterrent to war.
Cybersecurity policy must focus on solving the software security problem — fixing our broken systems first. We must refocus our energy on addressing the glass house problem instead of focusing on building faster, more accurate rocks to throw. We must identify, understand and mitigate computer-related risks. We must begin to solve the software security problem.
The Middle East is increasingly on the receiving end of cyber-warfare strikes, more so than any other region in the world, experts estimate. And the attacks have been among the most damaging.
The experts are now publishing their views. A draft manual outlining how existing international laws can be applied to conflicts in cyberspace was published by Cambridge University Press in September. Prepared by an international group of experts at the invitation of the North Atlantic Treaty Organization Cooperative Cyber Defence Centre of Excellence, the 215-page study “The Tallinn Manual on the International Law Applicable to Cyber Warfare” examines existing international law that allows countries to legally use force against other nations, as well as laws governing the conduct of armed conflict. The rules of conventional warfare are more difficult to apply in cyberspace, making this analysis critical.
Why Your Intuition About Cyber Warfare is Probably Wrong
by Matthew Miller, Jon Brickey and Gregory Conti
The laws of physics, however, are counterintuitive in cyberspace. In cyberspace, our understanding of the “laws of physics” is turned on its head. Weapons can be reproduced instantly, “bullets” travel at near the speed of light, destroyed targets can be brought back from the dead, and a seventeen year old can command an army. As human beings we are at a distinct disadvantage when thinking intuitively about cyber warfare. In this article we study where our intuition fails us in cyber warfare and suggest alternate ways to think about the conduct of cyber war that account for the vast differences between the kinetic and the non-kinetic fight. A correct understanding and appreciation of these differences and common misconceptions is absolutely necessary to conduct cyber warfare and to integrate cyber effects into the kinetic battlefield.