Recent events have shown that certain nations are ready and willing to use cyberwarfare to push national agendas. What does this mean to nations — and businesses — that rely on the Internet for their economy or defense?
Estonia appears to be the first nation to become the target for governmentally sponsored cyberwarfare. Although NATO is hesitant to accuse the Russian government, Estonia is clearly pointing the finger at Moscow. The result of moving a Soviet era war memorial, the alleged attack on Estonia's information infrastructure appears to be an alternative to overt military or economic action.
Russia isn't the only nation focused on taking advantage of the growing importance of the Internet to wage war. In a U.S. Department of Defense report to Congress, China is reported to consider information warfare a key element of its national defense and first-strike capabilities. According to the report:
The PLA [People's Liberation Army] has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks. In 2005, the PLA began to incorporate offensive CNO [Computer Network Operations] into its exercises, primarily in first strikes against enemy networks.
It's no secret that China has been the alleged source of attacks against Western information resources, including the United States and the United Kingdom, over the past several years. (See Chinese hackers seek U.S. access.) So how vulnerable are we in the United States? Are we capable of protecting our military and economic infrastructure against cyberwarfare?
We haven't been very successful so far. There have been several instances in which Chinese hackers gained access to Department of Defense systems. (See Cyber-espionage: How vulnerable are we?) But this is only the tip of the proverbial iceberg. The growing dependence on the Internet by businesses and financial institutions appears to be providing a growing opportunity for disruption of our national economy.
Abandoning the Internet is one answer, but it doesn't make much sense. The global public network has proven its value many times over. However, more attention must be paid to identifying and stopping disruption to national infrastructures.
As much as I hate to say it, intervention at the federal level to help facilitate a concerted defensive effort appears to be the only answer. Just as we design, implement, and manage intrusion defense technology for our businesses, we must be prepared to work together to provide the same level of protection on a national level.
The U.S. government is moving slowly in this direction, but I don't believe its efforts are keeping pace with the growing threats posed by our "global competitors." Unless we pay the same attention to information defense as we do to geographic defense, we may eventually find ourselves too vulnerable to maintain a position of strength in global politics.
Tom is a security researcher for the InfoSec Institute and an IT professional with over 30 years of experience. He has written three books, Just Enough Security, Microsoft Virtualization, and Enterprise Security: A Practitioner's Guide (to be published in Q1/2013). Before joining the private sector, he served 10 years in the United States Army Military Police with four years as a military police investigator. He has an MBA and CISSP certification. He is also an online instructor for the University of Phoenix.