On March 28, 2014, Gen. Keith Alexander retired as director of the National Security Agency (NSA) and Cyber Command (CyberCom). Secretary of Defense Chuck Hagel gave a speech to honor his 40 years of military service. In the speech, Hagel said that by 2016, the number of personnel employed by CyberCom would grow to over 6,000. “General Alexander has helped leaders across DOD recognize that cyberspace will be a part of all future conflicts,” Sec. Hagel said. “And if we don’t adapt to that reality, our national security will be at great risk.”
The U.S. government’s efforts to recruit cybersecurity professionals have focused on both the military and efforts in the private sector. Earning a Master of Science in Information Security degree (click here to explore these programs) is one way to enter the cybersecurity profession. In programs like this, students learn to recognize different cyberspying techniques in action. Examining some of these techniques, used by both domestic and international organizations, provides a glimpse of what CyberCom could employ in a cyberoffensive.
Low-Level Surveillance
Surveillance has always been a component of military strategy, and low-level hacking is one of the most basic cyberoffensives in CyberCom’s arsenal. The U.S. already utilizes low-level hacking to keep tabs on other governments, on businesses and on individuals. In some cases, the U.S. has asked other governments to look into the activities of its own citizens.
According to documents obtained by The New York Times from the infamous Edward Snowden, the U.S. government once asked Australia to spy on a U.S. law firm that was representing the Indonesian government in a trade negotiation.
Additionally, Bloomberg reported that the NSA became aware of the Heartbleed vulnerability two years before it was revealed to the public. By exploiting Heartbleed, the NSA was able to obtain passwords and data to support its surveillance mission.
Denial-of-Service (DoS) Attacks
Estonia, part of the former Soviet Union, is referred to as “the most wired country in Europe.” In 2007, a denial-of-service (DoS) attack virtually shut down Estonian government websites, banks, universities and media outlets. The Estonian government stopped the attacks by blocking out all international Web traffic.
The DoS attacks, which were accompanied by nationwide protests, were designed to challenge the government’s decision to remove a Soviet war monument in the city of Tallinn. DoS attacks flood servers with traffic so that the servers cannot operate, or they use logic/software attacks to force system errors. The U.S. could feasibly use DoS attacks as part of a cyberoffensive.
Malware
A British defense firm called BAE Systems has reported a sophisticated piece of malware used to lift data from Ukrainian computer. The malware, nicknamed “Snake,” has targeted media, government and activist organizations in Ukraine. Cybersecurity experts suspect that the Russian government launched Snake because the malware operates in the Moscow time zone and contains some code written in Russian.
However, Snake is mild compared to the full-blown cyberoffensive that Russia mounted against Georgia’s government in 2008. Russia managed to shut down most of Georgia’s communications systems, leaving the government only able to communicate by fax machine. CyberCom could feasibly use similar attacks to cripple government, media and financial websites in other parts of the world.
Attacks on Infrastructure
In 2010, Kaspersky Labs released information on the Stuxnet worm. The worm, which most experts believe was developed by the U.S. and Israel, attacked Iranian nuclear enrichment facilities, causing hundreds of high-speed centrifuges to malfunction. Most systems in the developing world, including telecommunications, utilities, public health facilities and financial systems are dependent upon computers and upon the Internet for operations. Stuxnet provided a sobering preview of what could happen if a government mounted a cyberoffensive against a power plant, a public transportation system or other vital piece of infrastructure.
It’s prudent for the U.S. government to enhance its cyberwarfare and cyberprotection capabilities. According to Hagel, the U.S. government plans to pursue cybertactics with an eye toward preserving American values. “Our responsibility, all of us, whatever the revolutions in technology, is to guard not only our nation, but also the fundamental character of our open society,” Hagel concluded in his speech.
Chuck Hagel image by Halifax International Security Forum from Wikimedia Commons.
Full-Spectrum Cyber Capabilities: What a U.S. Cyberoffensive Could Look Like,
