/

Preparing for cyberwarfare

by Michael Richardson

The realm of conflict between states that could lead to war has expanded in recent years. The United States and other major military powers are gearing up to defend themselves from attack in cyberspace, just as they have done in the past from land, sea, air and outer space attack. The U.S. has identified, but not yet named, more than 20 nations that now have military units dedicated to employing cyber technology in war. The roll call certainly includes China and Russia, as well as the U.S. itself.

China said in May that its armed forces would conduct their first cyber exercises in June to “test new types of combat forces.” The exercises would involve “digitalized units, special operations forces, army aviation and electronic counter forces,” the official Xinhua news agency said. Earlier this year, Russia’s Defense Minister Sergei Shoigu gave the General Staff several months to complete proposals to set up an army cyber command by the end of 2013.

However, Western cyber officials and analysts say that the announcements by China and Russia formalize moves that are already well established. A 2011 survey commissioned by the United Nations Institute for Disarmament Research found that 33 states, including China and Russia as well as the U.S., included cyber warfare in their military planning and organization.

Japan was not on this list. But like many other countries, it, too, has since taken steps to protect itself from cyber attack. This is because cyberspace — the globally connected network computers, and wired or wireless communication devices — is critical for the functioning of modern governments, armed forces and economies.

The U.S. Department of Defense officially made cyberspace a new domain of warfare in 2011. It has a rapidly growing Cyber Command under a general who also heads two related intelligence agencies. One collects huge volumes of electronic data from around the world on America’s cyber adversaries. The other is mandated to protect US national security systems from infiltration and disruption.

Despite big cuts in U.S. military spending, another 4,000 information technology specialists are due to join Cyber Command in the next four years, quadrupling its size. This will happen as an additional $23 billion is invested in cyber security.

Outlining the program on June 27, the chairman of the U.S. Joint Chiefs of Staff, army Gen. Martin E. Dempsey, said that he expects cyberspace missions to become a dominant factor in military operations. But what will the rules of military engagement be in this largely lawless and opaque digital frontier?

Speaking in Singapore on June 1 at the Shangri-La Dialogue on Asia-Pacific security, U.S. Defense Secretary Chuck Hagel noted that the Obama administration had repeatedly expressed concerns about the growing threat of cyber intrusions, some of which appeared to be tied to the Chinese government and military.

But he added a significant caveat: “To try to figure out where a cyber attack has come from, who initiated it, (and) for what reason, that’s not quite as easy as the days when you could identify a navy sailing across the ocean … or an army crossing a border to attack you.”

Still, this has not stopped the U.S. from recently updating its rules of engagement for cyber warfare for the first time in seven years, and developing emergency procedures to guide rapid responses to attacks judged to have serious national security or economic consequences.

“One thing is clear,” Gen. Dempsey said. “Cyber has escalated from an issue of moderate concern to one of the most serious threats to our national security. We now live in a world of weaponized bits and bytes, where an entire country can be disrupted by the click of a mouse.”

The U.S. says it’s concerned with two broad kinds of cyber threats. One is against critical government, military and civilian infrastructure, such as electricity and water supply, transportation and communication networks, and financial services.

In the last two years, detected intrusions into America’s vital infrastructure have increased 17-fold. The computer control systems that run U.S. chemical, electrical, water and transport sectors have all been probed by hackers. As long ago as 2009, national security officials warned that cyber spies from China, Russia and other unnamed countries had penetrated the U.S. electricity supply grid, leaving behind software programs that could be activated to disrupt the system during a crisis or war.

The second main area of concern about cyber threats is the large-scale theft of valuable U.S. government, military, private sector and allied country secrets, either by state-sponsored hackers or criminals. Japan is known to share these concerns and the two allies have recently increased their cyber cooperation.

The head of Cyber Command, Gen. Keith B. Alexander, told a congressional panel on June 12 that hostile cyber programs and capabilities were growing, evolving and spreading. “We believe,” he said, “(that) it is only a matter of time before the sort of sophisticated tools developed by well-funded state actors find their way to groups or even individuals who, in their zeal to make some political statement, do not care about the collateral damage they inflict on bystanders and critical infrastructure.”

Alexander added that on a scale of one to ten, with ten being strongly defended, “our critical infrastructure’s preparedness to withstand a destructive cyber attack is about three, based on my experience.”

Meanwhile, at Cyber Command three kinds of teams are preparing to operate around-the-clock. “National mission” teams will counter foreign cyber attacks on the U.S. A second, larger, set of “combat mission” teams will support combatant commanders in carrying out military operations in the field.

A third group of “cyber protection” teams, the largest category, will operate and defend the computer and communication networks, including satellites in outer space, that support U.S. and allied operations around the world. About one-third of these teams are scheduled to be working by September, with the rest phasing in over the following two years.

Alexander told Congress in March that offence, in other words retaliation, would be part of the teams’ mission if the U.S. was attacked in cyberspace. “Thirteen of the teams we’re creating are for that (offensive) mission set alone,” he said. “We’re also creating 27 teams that would support combatant commands and their planning process for offensive cyber capabilities.”

Assuming the U.S. could positively identify the source, what kind of foreign cyber attack would prompt a response? And how would the U.S. respond? Rules of military engagement are always classified to keep such knowledge from adversaries.

However, it is widely assumed that a destructive cyber attack on the U.S. would be met with a similar retaliatory response. Dempsey said this might not necessarily be the case and that it could, instead, be a conventional military response.

Under the U.S. Constitution, the elected president, as commander in chief of the armed forces, would have to decide whether a foreign cyber attack was sufficiently serious to be declared a hostile act, and thus an act of war.

Given the particular foggy nature of cyber space, and the difficulty in tracing the source of disguised cyber attacks, it is likely that U.S. President Barack Obama would err on the side of caution.

Michael Richardson is a visiting senior research fellow at the Institute of Southeast Asian Studies in Singapore.