why cyberwarfare won’t become violent…
Cyber espionage is a lot more effective than an all out attack. So why are we being told to brace for the latter rather than deal with the former?
A while ago, I wrote about the overhyped dangers of cyberattacks and the problems with using them to ruin an opponent’s infrastructure as imagined by doomsayers on Capitol Hill. And while the media is slowly but surely getting closer down to earth about the threat, a proper scholarly rebuke has been published to give the press even more guidance on what cyberwarfare is really like and why it’s not the long anticipated holy grail of asymmetric engagement for rogue nations.
Short version? Since there’s a limit on how much an attack would do to a militarily superior enemy, an attacker would have to back up actions in cyberspace with planes, ships, missiles, and even good, old fashioned boots on the ground when a conventional response comes, and the militarily powerful nation states that may be targeted are far from helpless against hackers and malware, and will also launch their own cyberattacks on enemy infrastructure when provoked. So if you really think you could zap a major regional or global player into submission with a virus, you’ll need to rethink your strategy…
As mentioned in previous posts, an advanced energy and transportation infrastructure is huge, and though it’ll have its vulnerabilities, the sheer number of thoroughly researched and tested exploits it would take to impact even a small part of it would be daunting even for a fully fledged hacker army working around the clock. Salvos in a cyber war would rely on the assumption that the discovered vulnerabilities haven’t been patched, many of the targets are exactly what the hackers think they are, and that the exploits won’t be detected long enough for all the viruses to open back doors to critical systems while the IP addresses won’t change until the green light for the attack is given.
Oh, and once this massive effort is discovered, expect most of the exploits used to get a quick patch, which means that new exploits will have to be found to mount a new attack. Disguising an attack is also getting progressively harder as militaries and intelligence agencies find new ways around obfuscation tools or how to hijack them to trace previously untraceable attacks. And that raises the possibility of cyber war triggering a conventional one if the attack is severe enough or physically hurts the target nation’s civilians.
All that said, there may be an important caveat to consider. Both the academic rebuke and the objections to a lot of popular cyberwarfare gloom and doom address the idea of malware being used as a weapon, just like the Stuxnet virus was thought to have been used. In reality, cyberwars may actually employ spyware like the newly found Flame suite which has silently been infecting computers in the Middle East and North Africa for a few years at least. Rather than trying to crudely bludgeon each other’s infrastructure, nation states seem to be focused on gathering intelligence to better aim diplomatic brawls and conventional strikes. And that makes a great deal of sense.
Why huff and puff to shut off a power plant two two after months if not years of painstaking effort when you can precisely identify where and how to carry out a attack, or sneak a peek at what your enemy might be planning behind closed doors? It’s much easier and more effective anyway since you have fairly well known and difficult to patch attack vectors to exploit, vectors like social media, e-mail, or servers which haven’t been properly updated and store easily accessible and weak passwords. Infiltrations can be subtle and last much longer without requiring esoteric knowledge. Unlike we’ve been told so many times, cyberwar won’t get here with a bang but with an insidious whisper, and its main goal won’t be to destroy, but to quietly steal.