There are several notions from current military strategists, information technology experts, and futurists who will harp until they’re blue in the face about what cyber warfare looks like. There was a decent movie about hostile hacker(s) that attacked Western infrastructure called, Blackhat. An apt name to coincide with the three types of hackers: black, gray, and white. But with all these theories floating around, have any of them actually engaged in cyber warfare between nation states?
How about, can any of them talk about it? I can.
The attack on our networks are no different than an attack on an airbase in Asia or an Army garrison in Germany or Poland. The hacking of the Office of Personnel Management’s background investigation files is akin to stealing nuclear codes. John Schindler does an excellent job describing how this hack and theft can be offensive counterintelligence:
the real pros engage in offensive counterintelligence, which aims at recruiting spies inside the enemy camp, particularly inside the opposing intelligence service. That’s how you gain control of the enemy’s central nervous system: You know what he knows about you, hence you can deceive him at a strategic level.
But how is this dangerous beyond the games that spies play? Because of the way the Chinese and Russians see us… as the enemy. We are and will always be The Main Enemy to them until we are so severely hampered that we cannot function as a competitor on the world stage (best case) or we cease to exist as a functioning republic (worst case). Make no mistake about it, they are in this to win while we’re busy playing by the Queensberry Rules. That’s a better analogy that I originally planned: Russia and China are MMA fighters and we’re boxers- that mentality is not suitable to winning.
Think of the damage a Edward Snowden could cause during a shooting war. Game over.
Total war is everywhere and the adversary will use everything, all the time, at their disposal. Building spy networks to identify the actual computer networks we use for various governmental, military, and intelligence functions. The OPM hack was just the start and it won’t be the last. Cyber warfare does not necessarily mean a power plant being shut down nor does it mean someone defaces a website. It means using one’s network against them for whatever purpose the adversary desires.
I am involved in testing security measures and I see it during every assessment. Sometimes we don’t get the network from the outside but we get someone inside the building who can facilitate access to the correct computer. Other times the cyber team I partner with hacks a security manager’s terminal and puts me on the access roster. Then I’m in and unquestionable because I’m “cleared”. But most satisfying and disturbing is when I’m able to give the cyber team access and see the damage they can do. Notional planes have been shot down because they were able to collect battle plans on the network. Ships have been sunk. The scenario above where we moved numbers around on supply requests? All the time… but we also do it to operational planners. Instead of a strike package of 10 aircraft, you get 4 because of maintenance issues.
Cyber warfare is not just 1s and 0s. It’s physical and has a very real affect on the battlefield. Which, to our adversaries is everywhere.