[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] How far could cyber war go?
From: InfoSec News <alerts () infosecnews ! org>
Date: 2007-07-27 6:24:51
Message-ID: Pine.LNX.4.61.0707270124390.17525 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.networkworld.com/newsletters/sec/2007/0723sec2.html
By M. E. Kabay
Security Strategies Newsletter
Network World
07/26/07
Regular readers may know that I have a longstanding interest in
information warfare. I was reviewing materials that might be useful in a
new elective graduate course for the Norwich University MSIA program
that my friend and colleague Peter Stephenson is planning for us and ran
across a couple of interesting articles that are available on the Web
for anyone to read. I'll review the first in this column and the second
in the next.
In _NATO Review_ for Winter 2001/2002, Timothy Shimeall (at that time a
senior analyst with the Computer Emergency Response Team - CERT -
Analysis Center), Phil Williams (a former NATO Fellow and a professor at
the University of Pittsburgh) and Casey Dunleavy (former intelligence
analyst and director of the CERT Analysis Center) argued [1] that
"defence planning has to incorporate the virtual world to limit physical
damage in the real."
The authors dismiss Web vandalism as "a form of harassment or graffiti
and not as cyber war _per se_." They distinguish among three major
levels of cyber war: "cyber war as an adjunct to military operations;
limited cyber war; and unrestricted cyber war."
The first category focuses on "achieving information superiority or
information dominance in the battle space." I would put it this way:
This form of cyber war involves physical or cyber attacks directed at
military cyber targets and is intended to interfere with C4I [2]
(command, control, communications, computing and intelligence).
Limited cyber war focuses cyberattack tools on cybernetic targets with
few real-world modalities but with real-world consequences. Vectors for
attacks could include networks, malware, denial-of-service techniques,
and data distortions useful in psychological operations, economic
warfare and other forms of aggression.
"Unrestricted cyber war" is, in the view of the three authors, "More
serious, and perhaps more likely, than limited cyber war." This form of
information-based warfare makes "no distinctions between military and
civilian targets" and may have distinct physical repercussions "from
attacks deliberately intended to create mayhem and destruction."
Targets could include any part of the critical infrastructure: "energy,
transportation, finance, water, communications, emergency services and
the information infrastructure itself." Such attacks could easily result
in physical harm and even death to members of the civilian population.
For example, the authors suggest, a denial-of-service attack on, say the
electrical power grid could cause massive disruption and danger and also
potentially lead to destabilization of civil order as the population
lost confidence in government structures.
The authors make the following recommendations (with much detail that I
am not presenting):
1. Improve "anticipation and assessment";
2. Improve "preventive or deterrent measures";
3. Improve "defensive measures";
4. Improve "measures for damage mitigation and reconstitution."
In light of this perspective, security and network administrators and
all who are responsible for ensuring corporate and national information
assurance (IA) must realize that our work is far more significant than
simply protecting our own local assets for the benefit of our own
stakeholders; we are engaged in nothing less than a critical component
of national security.
I think that this excellent article [1] by some very intelligent and
highly qualified experts will be useful in educating senior management
about the importance of IA. I hope you enjoy reading it.
-=-
M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information
Assurance and CTO of the School of Graduate Studies at Norwich
University in Northfield, Vt.
[1] http://www.cert.org/archive/pdf/counter_cyberwar.pdf
[2] http://www.c4i.org/whatisc4i.html
_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas,
the world's premier technical event for ICT security
experts. Featuring 30 hands-on training courses and
90 Briefings presentations with lots of new content
and new tools. Network with 4,000 delegates from
70 nations. Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on
June 1 so register today. http://www.blackhat.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic