“…state and non-state actors have demonstrated that acts of cyber-crime, cyber-terrorism, and cyber-warfare will continue to be increasingly disruptive threats to our complex lives…”
A couple of months ago I spoke on the subject of cyber-threats to a small evening gathering. Because the group represented very diverse backgrounds, I focused on cyber-threats at the macro level as they impact our human future. With President Obama and this administration recently speaking openly about the relationship between National Security and cyber hacking of U.S. corporations, this subject is worthy of further dialogue.
Cyber-security vulnerabilities are a direct fall-out from the complexity we find in our modern information technology driven world. Unless we choose to live an isolated, self sufficient life in the mountains or deserts, our lives are dependent upon global infrastructures that are each dependent upon the information infrastructure that enables high productivity.
Just seventy-five years ago life’s primary infrastructures were only minimally interdependent. Today they are highly interdependent. As a result, global productivity has improved several-fold since the satellite and fiber telecommunications systems made it possible to touch almost every corner of our planet. This communications capacity, in turn helped usher in the era of global job markets and distributed manufacturing of goods and services. Today the flow-control aspects of energy, water, food, money, raw materials, and finished products are all critically interdependent upon the computing and telecommunication infrastructures associated with each.
Interestingly, it was just 24 years ago when Tim Berners-Lee, while working at the European Organization for Nuclear Research (CERN), wrote his infamous paper on “Information Management: A Proposal” that created the blueprint for the World Wide Web. In that short period of time, the web has become “the” engine of global productivity. Today it is virtually impossible to find a business or government organization that operates without the aid of information technology and the interconnection of the World Wide Web.
However, like all complexity growth, the cost of productivity gain is the counter-productive opportunity for crime and disruption. This was the case when man invented basic tools, and as these tools graduated into continental and global infrastructures, like rail lines and shipping lines, criminal and military operations emerged to exploit the new complexities. When taken as a whole, the World Wide Web and the billions of associated computing resources, represents our planets greatest complexity. It is, therefore, not a stretch to understand that cyber-threats are the most complex form of threat the world has known, to date.
To restate this more succinctly–life has evolved by what some call the law of rising complexity. Shared information is the enabling foundation of complexity as we have learned in biology-complexity, ecology-complexity, and now socioeconomic-complexity. Rising complexity enables opportunities for new threats. Cyber-threats represent the greatest opportunity to disrupt our modern socio-economic way of life and will remain so until a higher form of complexity emerges.
Cyber-threats are fundamentally about three things;
- Intercepting information in motion so that it can be stopped, diverted, or changed;
- Accessing information at rest so that it can be stolen, modified, or erased; and,
- Denying cyber services by overwhelming the information infrastructure so that information can not be accessed or delivered.
High-level examples of all three attack vectors have been seen over the past few years. For example, denial of service attacks disrupted the Country of Estonia for several weeks in April of 2007, intercept attacks may have been responsible for 15% of the world’s internet traffic being routed to Chinese computers in November of 2010, and over the past two years Chinese hackers have uploaded the Department of Defense’s F22 and F35 fighter blueprint data from defense industry computers.
In this Country concern for cyber-threats has been on the rise over the past two Presidential administrations. During his recent State of the Union address in January, President Obama stated, “America must also face the rapidly growing threat from cyber-attacks.” Just this month President Obama’s National Security Advisor, Tom Donilon delivered a stern message to China stating that, “The United States will do all it must to protect our national networks, critical infrastructure, and our valuable public and private sector property.”
Criminal and National Security cyber attacks are not the only outlet in the world of cyber-threats. Hacker-terrorist groups are using hacker tools and techniques to deliver political and social messages, and to deliver damaging retribution against businesses and governments. A recent You Tube post by the hacker group “Anonymous,” warns the people of the U.S. against the demise of our Country brought about by anti-constitutional government actions, and leaves open the possibility of cyber-attacks against our government institutions.
Shifting subjects slightly, this April in San Diego, at the Armed Forces Communications and Electronics Association (AFCEA) symposium, I will moderate a panel of experts in a discussion on the subject of Information as a warfare area. Warfare area in this context means an area of warfare that has become formalized and evolved through a cadre of dedicated military personnel, processes and material systems to more effectively wage war in that area. For example anti-air and anti-submarine warfare are the outgrowth of the introduction of airplanes, missiles, submarines, and torpedoes as instruments of war.
It should be a lively discussion…
…by definition, state and non-state actors have demonstrated that acts of cyber-crime, cyber-terrorism, and cyber-warfare will continue to be increasingly disruptive threats to our complex lives…
… and therefore, it will require dedicated resources to counter these vulnerabilities.