This week the major Western powers are considering military response to the chemical attacks in Syria.
Presumably, our military cyber offensive initiatives have already infiltrated key networks in the region with sleeper agents – malware silently residing on computers collecting intelligence and quietly feeding back information on the regime’s communications. The official term for this is Computer Network Exploitation (CNE). These agents would have Command & Control capability whereby we are able to remotely distribute and trigger disruptive payloads to sabotage and destabilise an enemy’s systems. In addition, PRISM-style hacking could provide considerable advantages from intercepting the communications of adversaries, particularly if agents drill-down below the metadata.
One characteristic of cyber warfare is attribution – the difficulty of identifying the attacker. I have previously posted about the probability of cyber warfare here.
In addition to harvesting communication data, cyber weapons could disrupt or destroy communications systems. A Syrian army without proper communications is a much reduced threat to the Syrian population. We don’t know our military’s cyber capability such as whether there are weapons in the cyber arsenal which can disrupt an enemy’s missile launch or guidance systems. We have already seen the power of Stuxnet in curtailing Iran’s nuclear capability. We’ve also seen what Barnaby Jack could do with an ATM – if he lived longer, just imagine what he could have done with a missile system. If Mr Jack had figured out how to kill a man through his pacemaker from 30 paces, think of what he could have done to an enemy’s battle tank.
Years ago, I served in the military in a low-tech age, before the invention of the PC. We were conscripted for a year or two after High school, and trained for an African guerrilla war – boots, a rifle and sweat. A generation later, my nephew served in Iraq as a US Marine, in a more high-tech age where boots, rifle and sweat were augmented by night-vision goggles and precision missiles.
In a later arena in Afghanistan, high-tech battle reached new levels with remote drones isolating and protecting pilots thousands of miles from harm. Today we are equipped with sophisticated cyber capabilities isolating their operators even further from danger. It is a low risk weapon with huge potential disruptive capability, at a low casualty rate.
The arms race of the cold war, measured in terms of the number of nuclear warheads contained in Inter-Continental Ballistic Missiles (ICBMs), has been replaced by a cyber war of malware, botnets, DDoS, RATs, and Stuxnet-type hardware manipulation. As was evidenced during WWII, active combat will rapidly increase the pace of cyber warfare innovation and technology advancements.
Cyber will become an increasingly important component of warfare over the coming decades. During the past few years, there has been much discussion on cyber warfare implications, attribution, legal issues, retaliation scenarios. Many of these theoretical issues are about to meet hard cold reality, as active cyber actions are commenced against Syria.
It is time to test our current cyber offensive capabilities and make use of cyber’s clean, low risk elements, to disrupt Assad’s regime and save lives in the Syrian arena.