Cyber War and America’s Response

GOTWA said:
Could you say that's by design? Seems that gives one an out when determining the response. The cyber side worries me like nothing else. It's far scarier than anything kinetic in my opinion.
Click to expand...

100%. Same here. I believe this will be the next equivalent to a nuclear arms race. And we probably have no idea how bad a cyber attack can be until someone else pulls the cyber trigger.

I read the article NPR put out about fighting ISIS through the Cyber realm. They (ISIS) had their own IT admins and an entire TEAM of IT?! And look how much they could do. Now scale that up to a Cyber army of about 100 people. Scale the technology and capabilities up and....yea that’s a scary picture.
 
Teufel said:
I think the international community defines a cyber attack as an action in cyberspace that destroys or manipulates something. This can be physical destruction, like when Stuxnet destroyed a centrifuge in an Iranian nuclear facility, or cyber destruction like when the US deleted a Hezbollah database after they took over a British tanker. Denying someone service, like what Russia did to Estonia a few years back, also qualifies. I think that we need to define a third category. Hacking into a military target like the Pentagon is one thing but hacking into our critical infrastructure is another. Where do you put the red lines? What do you do when someone crosses them? Do you respond in kind or with a kinetic attack? No one has good answers to these questions.
Click to expand...

I think the argument there is that it depends on who/what body does it, right? At least, from a policy standpoint.

This is part of the reason I'm happy the Pentagon is finally figuring out their shiz re: information warfare, because it should lead to us having a clearer direction on how to respond to things; as the military figures out what it's left and right limits are regarding who they're pew-pewing with data guns, the rest of the country will probably follow suit.

How the Defense Department is reorganizing for information warfare

Which is also why I love how ARCYBER is oriented, or at least how Fogerty is pushing.

https://www.c4isrnet.com/smr/inform...tlines-ten-year-plan-for-information-warfare/
 
The attack levels were defined during the Obama administration with Level 5 being a catastrophic cyber attack on military and infrastructure networks, an attack that could likely, directly or indirectly, cause death and destruction.

And as far as response, I suppose it would depends on the amount of damage caused by the attack. A severe cyber attack on critical infrastructure that endangers lives and causes mass chaos ought to warrant full military retaliation. Just my 2c
 
Last edited:
Gunz said:
The PRC’s invested billions in the technology. No doubt the Russians are engaged in R&D, as are government and private sector entities in the US and elsewhere; Google, IBM and others working on the computers themselves and various research groups working on the antidotal PQC.
Click to expand...
Anyone who wants to learn about how China's using data in lots of scary ways should listen/read to AI Superpowers, very interesting for the person who doesn't know much about China and their cyber/data related exploits.
 
Teufel said:
I think the international community defines a cyber attack as an action in cyberspace that destroys or manipulates something.
Click to expand...
Having worked in the private and military areas for cybersecurity, each sector seems to define the actions differently for different purposes.

From what I've experienced, a cyber attack defined in the private sector is an action taken to gain access or disable an operation launched from one computer to another.

This definition falls in line with the attacks mentioned but also phishing attacks where the goal isn't to disable an operation with that action, but to gain further information to potentially breach a network and either gain further access or disable an operation further on. Yes, an intrusion might not hinder an operation, but that information is used as a piece to stop an operation in the future.

I think a major issue is we are tripping over ourselves trying to define what is an isn't an attack. We spend a lot of time categorizing DCO, OCO, CNO, etc.

I think all intrusions should be seen as an attack as most are the first step in the chain to conduct follow on operations, everything starts with reconnaissance.
 
Kheenbish said:
I think all intrusions should be seen as an attack as most are the first step in the chain to conduct follow on operations, everything starts with reconnaissance.
Click to expand...
I think the problem ends up being that we haven't built a dependable structure to whose sandbox is whose; Critical infrastructure should probably fall under the umbrella of State Dept, but the DoD barely has it going, so I'm sure State and every other entity is even FARTHER behind.
 
frostyred said:
I think the problem ends up being that we haven't built a dependable structure to whose sandbox is whose; Critical infrastructure should probably fall under the umbrella of State Dept, but the DoD barely has it going, so I'm sure State and every other entity is even FARTHER behind.
Click to expand...
True and if we define intrusions as attacks that opens up a can of worms of setting a standard that could end up going badly for us.
 
Gunz said:
The attack levels were defined during the Obama administration with Level 5 being a catastrophic cyber attack on military and infrastructure networks, an attack that could likely, directly or indirectly, cause death and destruction.

Far scarier are the implications suggested by the development of quantum computerization, so potentially destructive that efforts to counter it—post-quantum cryptography—have been underway since 2016 or so even though quantum computers are maybe 10-15 years away from a fully functioning model.

The PRC’s invested billions in the technology. No doubt the Russians are engaged in R&D, as are government and private sector entities in the US and elsewhere; Google, IBM and others working on the computers themselves and various research groups working on the antidotal PQC.

And as far as response, I think it depends on the amount of damage caused by the attack. A severe cyber attack on critical infrastructure that endangers lives and causes mass chaos ought to warrant full military retaliation. Just my 2c
Click to expand...

Yea, I tried to find what you were referring to on the CISA and NIST websites and couldn’t see anything. Not even with a Google search - nothing close to what you mentioned at least
 
TYW27 said:
Yea, I tried to find what you were referring to on the CISA and NIST websites and couldn’t see anything. Not even with a Google search - nothing close to what you mentioned at least
Click to expand...

I can only imagine what an RMF package will look like in 10 years.
 
Kheenbish said:
Yea, I tried to find what you were referring to on the CISA and NIST websites and couldn’t see anything. Not even with a Google search - nothing close to what you mentioned at least
Click to expand...
Which part of that were you trying to find?
 
Well, I'm going back to 2013. It was proposed during the Obama Administration after the NSA attack. Now whether or not it was officially adopted by CIST or the Trump Administration, I can't say. I do remember that it came under some criticism at the time and I assumed it was official and still existed. My apologies.

1469556024341645.png
 

Attachments

  • 1469556024341645.png
    1469556024341645.png
    361.6 KB · Views: 4
Gunz said:
Well, I'm going back to 2013. It was proposed during the Obama Administration after the NSA attack. Now whether or not it was officially adopted by CIST or the Trump Administration, I can't say. I do remember that it came under some criticism at the time and I assumed it was official and still existed. My apologies.
Click to expand...

Obama institutes new directive on cyberattacks
 
frostyred said:
I mean, it shouldn't. We have to take the same mentality as big companies such as Microsoft and assume that either networks have already been compromised (which, in most of these instances, is true) and mitigate what we can. Informationalized warfare is a bitch because it's got so, so many more vectors of attack.
Click to expand...
Agreed.

To this point, the extent to which information technology is inextricably intertwined with Chinese software and hardware in the supply chain makes an avoidance-based national cybersecurity policy unrealistic. The most feasible security approach seems to be one that recognizes the inevitability of penetration due to that increasingly shared technology environment and, like you said, does its best to mitigate the inevitable without crippling American businesses and the pace of tech innovations in the process.
 
Locksteady said:
Agreed.

To this point, the extent to which information technology is inextricably intertwined with Chinese software and hardware in the supply chain makes an avoidance-based national cybersecurity policy unrealistic. The most feasible security approach seems to be one that recognizes the inevitability of penetration due to that increasingly shared technology environment and, like you said, does its best to mitigate the inevitable without crippling American businesses and the pace of tech innovations in the process.
Click to expand...
Part of that is changing the common mentality on privacy, and what the basic steps are for achieving that. The U.S. populace en masse has only recently began accepting the idea of VPN usage; I bet even fewer realize how easy it is to encrypt information; and I doubt that most state and local leadership has any measurable and dependable degree of tech literacy.
 
Gunz said:
Well, I'm going back to 2013. It was proposed during the Obama Administration after the NSA attack. Now whether or not it was officially adopted by CIST or the Trump Administration, I can't say. I do remember that it came under some criticism at the time and I assumed it was official and still existed. My apologies.

View attachment 37940
Click to expand...

To clarify I didn’t mean that I thought your information was wrong or inaccurate. I just couldn’t find Level 4 or 5 Cyber Attacks on those websites. I did a brief Google around but the closest I found was a small business Cyber Threat module.

EDIT - see it now. Technically you could classify the SUNBURST attack as at least a level 4. It WILL cause danger to national security.
 
Just read a ZDNet article that says this SUNBURST cyberattack is the Cyber Pearl Harbor we have been fearing. It does seem like the biggest hack on the US so far. So I guess we’re about to start defining the lines a lot more. I’m hoping (and a little worried) at where that might take us.

Will we retaliate with a counterattack in the cyber world? Will we do a virtual island hopping campaign that ends with a cyber attack warhead?
 
Great article from the Center for Strategic and International Studies about how the IC needs to adapt to the growing cyber and technological advances

The actual report is long, but there are a lot of good points made throughout the study.

Report
 
Kheenbish said:
Great article from the Center for Strategic and International Studies about how the IC needs to adapt to the growing cyber and technological advances

The actual report is long, but there are a lot of good points made throughout the study.

Report
Click to expand...

My organization contributed to some of this.. and I have yet to read it in full, but I'm going to manage my expectations on what it says. I'll follow up later.
 
Florida173 said:
My organization contributed to some of this.. and I have yet to read it in full, but I'm going to manage my expectations on what it says. I'll follow up later.
Click to expand...
I found some of it to be common sense, but I've learned what is common sense to me is not always clear to those in leadership positions.
 

Similar threads

R.Caerbannog
Economic shifts in Central America and China
2
Replies
27
Views
1K
R.Caerbannog
R.Caerbannog
RackMaster
Army launches direct commissioning program for civilian cybersecurity experts
2 3
Replies
44
Views
8K
Teufel
Teufel
Mister_Geek
  • Locked
Cyber Warfare, he cool guys behind the screens
Replies
3
Views
2K
racing_kitty
racing_kitty
DA SWO
The Siege of Jadotville
Replies
5
Views
2K
RackMaster
RackMaster
dmcgill
Australia's Response to the Islamic State Threat
Replies
10
Views
5K
dmcgill
dmcgill
Back
Top