23 June 2019

The New Game of Double-Jeopardy: Offensive Cyberwarfare Attacks on "Virtual Territory"

According to a report by Ellen Nakashima in The Washington Post late yesterday afternoon, offensive cyber strikes were launched Thursday night by personnel with U.S. Cyber Command that  disabled Iranian computer systems used to control rocket and missile launches in response to its downing Thursday of an unmanned U.S. surveillance drone.
The subsequent reaction:Two days later the Trump administration on Saturday warned industry officials to be alert for cyberattacks originating from Iran.
> Ellen Nakashima notes in her report, "The White House declined to comment, as did officials at U.S. Cyber Command. Pentagon spokeswoman Elissa Smith said: “As a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning.'"
> . . . On Saturday, the Department of Homeland Security issued a warning to U.S. industry that Iran has stepped up its cyber-targeting of critical industries — to include oil, gas and other energy sectors and government agencies, and has the potential to disrupt or destroy systems. . .
“There’s no question that there’s been an increase in Iranian cyber activity,” said Christopher Krebs, director of DHS’s Cybersecurity and Infrastructure Security Agency. “Iranian actors and their proxies are not just your garden variety run-of-the-mill data thieves. These are the guys that come in and they burn the house down.”
Krebs, in an interview, said, “We need everyone to take the current situation very seriously. Look at any potential incidents that you have and treat them as a worst-case scenario.
 
This is not you waiting until you have a data breach . . . This is about losing control of your environment, about losing control of your computer.”
“The reality is we’ve been seeing more and more aggressive activity for quite some time,” he said. “It’s just getting worse.”

All these offensive and defensive actions are a reflection of a new Cyber Command strategy — called “defending forward” — that its leader, Gen. Paul Nakasone, has defined as operating “against our enemies on their virtual territory.” 
The Implications of Defending Forward in the New Pentagon Cyber Strategy
by Guest Blogger for Net Politics
September 25, 2018
Link to the source:
Council on Foreign Relations
 
Ben Buchanan is an assistant teaching professor at Georgetown University and the author of The Cybersecurity Dilemma. You can follow him @BuchananBen
_________________________________________________________________________________
". . . it was hard to know if the intruders were setting up for a significant cyberattack or if they were just gathering intelligence. In light of this ambiguity, and due to some particular operational factors endemic to hacking efforts, nations are likely to assume the worst and not give the intruders the benefit of the doubt. It seems reasonable to expect that, as hard as it is to differentiate between intelligence collection and attack in cyber operations, it is even harder still to distinguish between defending forward and attacking forward. If  the new strategy permits U.S. operators to be more aggressive than what the NSA was previously doing, that could have significant implications for escalation risks.  
. . . policymakers and scholars should not pretend that defending forward is an entirely new concept nor one without its own associated dangers.