Analysis on Defense and Cyber Warfare

Thursday, July 08, 2010

Theresa Payton


Article By Steven Elliott

The art of war has dramatically changed over the last hundred years with the invention of the airplane and the atom bomb.  The next evolution could involve the Internet, computer security experts, and cyber warfare. 

In a recent ABC interview, CIA Director Leon Panetta declared “we are now in a world in which cyber warfare is very real. It could threaten our grid system.  It could threaten our financial system…it could paralyze this country, and I think that's an area we have to pay a lot more attention to.”  

Cyber warfare attacks are becoming increasingly popular and these attacks can and have caused significant damage to both countries and companies by stealing massive amounts of classified data and crippling economies.   

This report focuses on what cyber warfare is, how it can affect the wars of tomorrow, and which nations are at the forefront of developing cyber war offensive and defensive strategies. 


·      There is a growing concern over cyber warfare and cyber terrorism.·      Many countries, such as China, Russia, and the United States, are starting to increase their cyber warfare offensive and defensive capabilities.

·      Cyber attacks are mainly focused on gathering information or causing financial or infrastructural damage. 


·      Increase private sector cyber security by using up-to-date antivirus software, firewalls, encryption, strong passwords, and training employees on safe computing practices.

·      Increase research in cyber security, to which the White House has allocated around 350 million dollars for the 2011 fiscal year (NITRD budget).

·      Assess whether or not cyber warfare will help with current conflicts.


Cyber warfare is a relatively new concept that, as of May 2010, is still undefined by the United States Department of Defense (Jackson 2010).  In a broad sense, cyber warfare is a war fought in cyberspace using computers and the Internet.   

Cyber war is not limited necessarily just between countries, as Google found out earlier this year (Zetter 2010).  Countries have the ability to attack private companies, which could cause power outages, massive financial theft, or the loss of private information of millions of people.   

This very real high tech threat has the potential to become a dangerous and damaging new tool for nations to gain the upper hand in an international conflict.


 ·      There is a dramatic increase in the number of cyber warfare attacks and attempted attacks.

·      Enemy nations are developing new techniques to break into computers and networks.

·      There will be an increase in cyber defense spending and the development of new national and international laws related to permissible types of cyber warfare.

·      Nations will form cyber warfare divisions creating an increased need for computer security professionals.

·      Private companies will have restrictions on how unprotected their networks are allowed to be and will be forced to increase their cyber security.


Cyber attacks are happening more frequently and the threat from cyber attacks are growing every day. Israel, Estonia, the United States, Brazil, Russia, Georgia, and several other countries have been assaulted in the last three years alone (Eshel 2010, Boyd 2010, Kroft 2009, Danchev 2008).  

Also, in the last few months, at least 34 companies were attacked by a “highly sophisticated” strike that originated from China (Zetter 2010).  There are also thousands of unreported attacks on banks and companies every year (Kroft 2009). 

These attacks are largely underreported or kept quiet because companies are afraid to report their concern since “it might impact their business” said Sean Henry, formerly in charge of FBI’s cyber division (Kroft 2009).   

These assaults steal terabytes of classified data, personal information, hundreds of millions of dollars, and plunge cities into darkness (Kroft 2009).   Depending on the target and the attacker’s motive, the way that attacks can occur, can be vastly different. 

Attackers could hack into a network and just sit and watch the network traffic, which would allow the intruder to read documents and capture sensitive information (Kroft 2009).  

The attacker could shut down a network using a denial of service attack, which could cost a company millions of dollars or shut an entire country down (Boyd 2010).  Electric providers are one of the most vulnerable and most dangerous targets of attacks. 

In a demonstration, security experts were able to hack into a power generator and literally made it destroy itself (Kroft 2009).  The real world consequences of an actual assault could knock out a power plant for months.

The US has started making its own computer chips for nuclear missiles because evidence of embedded applications put in place by foreign intelligence agencies has been found (Kroft 2009).   

Ebombs can be used to actually fry computer systems (Knapp, Kenneth J., and William R. Boulton 2006), and according to Senator Carl Levin the Chairman of the Senate Committee on Armed Services “cyber weapons are approaching weapons of mass destructions in their effect” (Singel 2010). 

To prevent future attacks, many nations are creating cyber defenses to protect their citizens against the threat of cyber warfare.  The main powers in the cyber warfare arena are China, Russia, and the United States, but many other countries are developing their own programs, such as Great Britain, South Korea, France, Israel, Iran, and North Korea (Kroft 2009, Clark 2009, Sung-ki 2009, Eshel 2010, Coleman 2008). 

 NATO has even started planning for the next generation of warfare by building the Cooperative Cyber Defence Centre of Excellence built in Estonia, after the cyber attacks on that nation in 2007. 

The US Congress has set aside $17 billion for cyber security offensive and defensive initiatives (Kroft 2009).  The amount is a massive increase from even ten years ago, but money alone will not be enough to solve an impending problem from an unknown source.


·      The number of cyber attacks will increase, both on private industry and governments.  According to Symantec, they “identified more than 240 million distinct new malicious programs in 2009, a 100% increase over 2008.” (Symantec annual report)·      Many nations, including Israel, China, South Korea, and the United States, will further develop cyber armies to combat a new threat.

·      Research funding for computer security will increase.  From the 2008 fiscal year to the 2011 fiscal year, the amount spent on computer security research has increased by 133 million dollars (NITRD budget).

·      There will be a push for countries to educate children in high tech fields.  The United States 2011 fiscal budget has set aside 477.2 million dollars for Science, Technology, Engineering, and Math (STEM) programs (US budget 2011).

·      Policies will be implemented to ensure that the US is at the forefront of both the offensive and defensive ends of cyber warfare.

·      International policies will be put in place to limit the damage one nation may do to another.

·      Policies will be implemented to determine what constitutes an act of cyber war.


·      Policies must be put in place to ensure a standard for private companies’ computer and network security.

·      Policies have to be enacted so that the military knows which techniques they are and are not allowed to perform, when engaging in cyber warfare.

·      The US military mindset has to evolve to include high tech well-trained computer security experts in cyber attack and defensive units.

·      Create defensive plans against known attack methods.

·      Increase funding for computer security research.

·      Increase public awareness of the potential threat and give tips for effective computer security practices.

The author, Steven Elliott, is an Intern at Fortalice working under the tutilage of Theresa Payton. 

SOURCESBoyd, Clark. "Cyber-war a Growing Threat Warn Expert." BBC NEWS. 17 June 2010. Web. 24 June 2010. .

Clark, Colin. "StratCom Plows Ahead on Cyber." DoD Buzz | Online Defense and Acquisition Journal. 29 June 2009. Web. 24 June 2010. .

Coleman, Kevin. "Iranian Cyber Warfare Threat Assessment | Defense Tech." Defense Tech. 23 Sept. 2008. Web. 24 June 2010. .

Danchev, Dancho. "Coordinated Russia vs Georgia Cyber Attack in Progress." ZDNet. 11 Aug. 2008. Web. 24 June 2010. .

Eshel, David. "Israel Adds Cyber-Attack to IDF." 10 Feb. 2010. Web. 24 June 2010. .

Jackson, William. "DOD Struggles to Define Cyber War -- Government Computer News." Government Computer News. 12 May 2010. Web. 24 June 2010. .

Knapp, Kenneth J., and William R. Boulton. "Cyber-Warfare Threatens Corporations: Expansion Into Commercial Environmentspansion Into Commercial Environments." 1 Apr. 2006. Web. 24 June 2010. .

Kroft, Steve. "Cyber War: Sabotaging the System - 60 Minutes - CBS News." CBS News. 8 Nov. 2009. Web. 24 June 2010. .

Singel, Ryan. "Cyberwar Commander Survives Senate Hearing." Wired News. 15 Apr. 2010. Web. 24 June 2010. .

Sung-ki, Jung. "Cyber Warfare Command to Be Launched in January." The Korea Times. 01 Dec. 2009. Web. 24 June 2010. .

Zetter, Kim. "Google Hack Attack Was Ultra Sophisticated, New Details Show." Wired News. 14 Jan. 2010. Web. 24 June 2010. .

Cooperative Cyber Defence Centre of Excellence. Tallinn, Estonia. .

"FY 2011 ED Budget Summary: Summary." U.S. Department of Education. Web. 28 June 2010. .

"NITRD Goes Open." National Coordination Office for Networking and Information Technology Research and Development (NCO/NITRD). Web. 28 June 2010. .

"Symantec Report Shows No Slowdown in Cyber Attacks." Symantec - AntiVirus, Anti-Spyware, Endpoint Security, Backup, Storage Solutions. 27 May 2010. Web. 28 June 2010. .

Possibly Related Articles:
Security Management Cyberwar
Post Rating I Like this!
Mister Reiner It seems to me that we've been trying to implement these recommendations for the past 10 years without much success.

The real problem is that we are relying on third party products to protect the operating system and detect compromise. Computers will never be secure until the hardware, operating system and applications are inherently secure.

I really don't understand why we continue to allow the computer industry to sell us insecure technology. Is it because we believe that computing cannot be made 100% secure? Is it because we expect hackers to be able to break into networks and computers? Is it because we can’t stop crime from happening in the physical world, so we don’t expect someone to be able to stop crime in the cyberworld?

More education, policy, research and third party security products are not the answer. The answer lies in re-engineering computing technology from the ground up.
Anthony M. Freed Sorting out vulnerabilities, risks and actual threats and acting accordingly is becoming more difficult as the data provided by vendors becomes more granular - as Lance's example points out.

Nothing beats an independent security consultant who only serves the client, not the sales department for a product or service.
Mister Reiner @Lance Miller,

I actually do believe that it's possible to engineer a computer can be 100% secure. Based on current technology and security paradigms, it's impossible.

We all know that hackers can test their code to avoid detection by IDS and IPS, so staying on top of alarm-based data is not the answer. People are way too over reliant on alarm-based data to catch those who don't generate any alarms.

Look at it this way: Computer security was designed for people who play by the rules. Hackers don't play by rules, they make up their own rules - i.e. buffer overflows. Engineers need to take several steps backwards and ask themselves: How do we absolutely guarantee that it isn't possible to perform a buffer overflow? Using "bolt-on" third party tools to try to watch for and prevent a buffer overflow is wasted time and effort. Cure the disease, not the symptoms.

Hacking isn't black magic. Everything that there is to know about hacking is known. It's code versus code and with the right people, focus and effort, the hacking problem can be solved.

I acknowledge that my views are unpopular with people, but re-engineering is the only thing that makes sense at this point. All these "band aid" security tools and monitoring capabilities aren't getting us anywhere.

For more food for thought, stop by my blog.

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.