NOTE: I'm behind on all of the projects I'm working on. This is one of a couple of posts I'll make on the topic of cyber warfare before I dump this line of thinking to work on more important things. I'm not really that interested in working nation-security policy issues.
_______________
I spent most of this week doing some thinking about cyber deterrence/warfare to pay my bills. Here's some thinking outside of the constraints of the process:
Overall I have a very cynical view of any new effort in cyberwarfare. Why? With al Qaeda winding down as a threat and fighting the Taliban proving to be a relatively boring regional game (they aren't global threat worthy), everyone in the defense establishment seems to be searching for a new threat to hype to keep the big $$ flowing. The one they have decided to hype is the perception that the Chinese government is stomping all over US computer systems (particularly those systems run by the government and DoD contractors). Additionally, my cynical view is in part driven by my dismay in seeing lots of the old cold war and global war on terrorism (GWOT) profiteers migrating into this new area, with everyone wearing new hats but playing same over the top Wagnerian opera that served us so poorly the last time. As is often the case when dealing with US security policy, it's disheartening and depressing, particularly since the US as a nation, doesn't have the money to play these games anymore.
So, putting that cynical view to the side, what do I think is going on?
The first observation is that vast bulk of the growing wave of hacking going on is economic. It's a transfer of wealth from those that have it to those that have the technical chops to take it (it's a process that's very similar in nature to what global financial elites are doing to the rest of us -- with similar levels of complexity and secrecy). James Fallows came to roughly the same conclusion in his recent column in the Atlantic magazine. This is the bleeding elephant in the room. The transfer of wealth being accomplished this way is massive and growing daily.
The second observation is that that the vast majority of the hacking is being done by individuals, small groups, and is being catalyzed by bazaars of violence. Granted, some of it is being conducted by nation-states (including our own, but at a ratio much, much less than many in the US security establishment would like), usually outsourced, but the bulk is freelance. The sharp Evgeny Morozov, writing for Foreign Policy magazine last year summed up my position nicely:
...no matter what the governments are cooking in their own cyber-kitchens, they have no absolute - if any - control over open-source cyberwarfare: as it gets cheaper to wage, more and more players would engage in it. Thinking about these issues in the old "government vs government" paradigm of classical warfare is not going to be of much help; we need an entirely new theory of cyberwarfare, which would factor in all the assymetries.The third observation is that, according the theory of warfare that drives the evolution of development of cyberwar (namely: open source warfare), if we do eventually see massive systems disruption in Western democracies (a cyber 9/11), it will most likely be done by a small private groups (global guerrillas) and not major nation-states. Nation-states are too connected to each other and beholden to the global financial/economic system to attempt anything so stupid (this is not naive, the retribution would be fierce). However, a disruption made by global guerrillas could be used as a pretext for a massive, and ill advised, counter offensive at the nation-state level that would cause a cascade of global collapse.
So, what do you do with these three observations? Here's what is currently on the table from the government's perspective:
- Rework the time proven policy nuclear deterrence (MAD) into some sort of new policy on cyber deterrence. It would require DoD and US intelligence offensive cyber capabilities on a massive scale to allow deep and persistent intrusions (and the ability to disrupt at will) into most of the critical systems that run every nation-state (China and Russia in particular, although no state would be immune) as well as every major corporation.
- Defend everything. Simply, get the US security establishment deeply involved, to the point of actively controlling the cyber defense of every system upon which the nation relies (foreign and domestic).
This is probably enough for today.