2012 was a heck of a year for cyber security and one theme in particular dominated the discussion: the shift toward destructive attacks that can cause physical damage in a way previously reserved for iron weapons. Besides that, we saw nations scrambling to adopt norms of behavior for cyber warfare and strategies for dealing with the threat of destructive cyber attacks. Oh yeah, and the U.S. government got really into the shift from desktop to mobile.
Destructive cyber attacks are here to stay.
Destructive and potentially destructive cyber attacks were unleashed against the U.S. and its allies in 2012. First, reports emerged throughout the year that the software that controls U.S. power plants has been penetrated by hackers who might be trying to gain control of the power systems or simply destroy them using a Stuxnet-style piece of malware. As Defense Secretary Leon Panetta said in October, hackers "are targeting the computer control systems that operate chemical, electricity and water plants, and those that guide transportation thorough the country." The U.S. government knows of "specific instances where intruders have gained access" to these systems. "They are seeking to create advanced tools to attack these systems and cause panic, destruction and even the loss of life." In August, Saudi Arabia's Aramco oil company was struck with the Shamoon virus, which destroyed 30,000 of its computers. That same month, Qatar's Ras Gas was hit by Shamoon, a virus that inflicted what Panetta called "the most destructive [cyber] attack that the private sector has seen to date." Expect more of the same in 2013.
The U.S. was behind Stuxnet (allegedly)
Yes, we've been hearing about Stuxnet destroying Iran's uranium enrichment centrifuges at its Natanz facility since 2010, but it was always a bit of a mystery as to who had created the weapon. While there was plenty of speculation (sometimes well informed, sometimes not) about the U.S. or Israel, it wasn't until David Sanger's June 1, 2012 article in the New York Times that we got a really good view of its origins: a secret cyber offensive dubbed Olympic Games, a widespread cyber campaign aimed at slowing Iran's ability to build nuclear weapons that has spanned the administrations of Presidents George W. Bush and Barack Obama. Its crown jewel, in public anyway, is Stuxnet. At the time it was discovered, security researchers considered it one of the most advanced and complex worms they had ever seen. In the years since, even more advanced cyber espionage tools like Flame and Gauss (which may also be American-made) have emerged. However, Stuxnet is the weapon that may have publicly ushered in the era large cyber attacks capable of causing physical damage (though you should look up the 1982 Trans Siberian Pipeline explosion).
The U.S. reveals that it's working on a doctrine of cyber deterrence.
"Doctrine" may not be the perfect word for it, but Defense Secretary Leon Panetta pretty much said in October 2012 that if another nation hits the United States with a cyber weapon, it reserves the right to respond in kind. His comments haven't been officially dubbed doctrine yet but they made it sound an awful lot like the Pentagon is applying a new spin on the Cold War approach to nuclear deterrence. "We won't succeed in preventing a cyber attack through improved defenses alone," said Panetta. "If we detect an imminent threat of attack that will cause significant physical destruction or kill American citizens, we need to have the option to take action to defend the nation when directed by the President. For these kinds of scenarios, the [Defense Department] has developed that capability to conduct effective operations to counter threats to our national interests in cyberspace." While he didn't use the word offense, it was pretty clear that he was saying "If you hit us, or even pull your arm back to hit us, we will hit you."
The Pentagon is developing cyber fire support on demand.
Let's not forget the military's efforts to develop ways for commanders in the field to call for cyber "fire support" the same way they can for airstrikes or artillery fire. The Army and Marine Corps "borrowed" an Air Force model allowing troops to do just that, Killer Apps reported in September. While we know almost nothing about the U.S. military's offensive cyber capabilities, we do know that combatant commanders can quickly request cyber fire support from U.S. Cyber Command in Maryland. We also know that the military is working to eventually make cyber fires on demand available to less senior troops in combat. First however, traditional military planners must understand how to effectively use cyber in operations.
NSA's mobile devices.
The National Security Agency and the Defense Information Systems Agency (DISA -- the U.S. military's very own Internet service provider) are rolling out a series of commercially derived smart phones and tablets designed to allow troops and spies to analyze and share classified information. As Killer Apps reported in September, U.S. spies must currently use a number of super expensive devices to transmit classified info. NSA and DISA are working to change that by giving them secure, devices that run Google's Android operating system. This would reduce the cost of each phone or tablet, as well as the number of devices each person with a high-level clearance would need. The phone will allow operatives to "gather large [intelligence] reports and on the devices themselves do some forms of manipulation in order to derive key pieces of information from that," said Deborah Plunkett, NSA's director of information assurance. "Think about everything you can do on your personal device. We'd like to be able to do that in the national security space."
Can't you just imagine spies using their tablets to watch a video feed from a drone or pass targeting data to one another?
John Reed reports on the frontiers of cyber war and the latest in military technology for Killer Apps.