Wednesday, August 20, 2008

Implications of Russian Cyber Battles






Implications of
Russian Cyber Battles

By Colin Clark

When the history of the Russian invasion of Georgia is written, one of the most revealing discussions may center on the role of cyber warfare.

Some questions that will need answering: Just when did Russian hackers begin their attacks on the Georgian websites. Just what role did NATO — especially Estonian and American — cyber warriors have in guiding the Georgian response. Was the enormous three-week attack on Estonia last April from Russia a practice run for the Georgian attack?

When the Russians crippled Estonia’s cyber infrastructure, NATO dispatched top cyber war experts to investigate and to improve the Estonians’ electronic defenses.

It seems reasonable that, in the event of a true combined operation against the Georgians, NATO dispatched cyber experts to help though I haven’t confirmed that yet. There are numerous reports that Estonia has sent cyber warriors to help the Georgians combat both countries historic nemesis.

Official and unofficial Pentagon spokesmen refused to comment on whether the US might or might not be assisting the Georgians in their efforts to protect their Internet infrastructure.

However, one source said that if any US agency would be helping the Georgians it would be the Department of Homeland Security. The reason: if the Russians were to learn the Pentagon was assisting the Georgians they could claim the US was waging cyber war against them.

And US policy is that attacks on our computer systems can be considered an act of war, a logic the Russians would be sure to follow.
If DHS is assisting the Georgians then we can make it very clear that US efforts are purely defensive. Also, DHS is home to the Computer Emergency Response Team.

All this raises questions about the US approach to cyber warfare — not defensive and security measures, but the willingness to use the web to attack an enemy to blunt or cripple their offensive capabilities.

As one of my wittier sources put it earlier today: Are the Georgians really more afraid of a cyber attack than of all those missiles raining down on their heads. The global World Wide Web may be incredibly resilient, but local web connections can be seriously disrupted by those old timey capabilities known as kinetics. Destroy phone or cable connections –easily done with artillery or bombs — and you’ve made it a lot harder to rebuild and reconnect than would a denial of service attack. On top of the destruction, an enemy can send a much clearer and simpler signal than can be done through cyber attacks. On the other hand, it is the very ambiguity of a cyber attack that can make it such a powerful tool in the times before a conflict erupts. Ask the Russians and the Estonians.

No comments: