What is your e-mail address?
My e-mail address is:

Do you have a password?
Forgot your password? Click here
close


    CYBERSECURITY

    U.S. already at war in cyberspace, experts say

    SAN FRANCISCO — Cyber warfare is a reality, and the United States already has been engaged by a number of adversaries, a panel of experts said today at the RSA Security Conference.

    “There is no question we are in the midst of a cyberwar,” added Dmitri Alperovitch, vice president of threat research at McAfee.

    Because the war involves infiltration, espionage and sabotage rather than conventional weapons, it looks much like the Cold War waged by the United States and the Soviet Union in the post-World War II 20th century. But there are important differences, the panelists said. The Cold War was bipolar, with just two sides; there are many players in the cyberwar, and they each can have different goals.

    “We knew what the rules of engagement were during the Cold War,” said Ed Giorgio, president of Ponte Technologies, who worked at the National Security Agency for 30 years. But no one knows what rules we are playing by now. “If we play the game by a different set of rules than our adversaries, we are going to lose. The rules of engagement are important.”

    One of the greatest differences between the Cold War and the current cyber war is that we knew our Cold War adversaries. Today, we do not necessarily know the source of the cyberattacks that are hitting and sometimes penetrating our information systems.

    “Direct technical attribution is difficult, if not impossible,” said Ed Skoudis, a senior security consultant at InGuardian, who is working at the National Defense University on a project on the use of cyber power. The lack of knowledge has an impact on the kind of response the United States can make. Although an attack may appear to come from one country, “You can’t jump to the obvious conclusion that the country is behind it.”

    Alperovitch said that although attribution may be difficult, it is not impossible. “We have a number of capabilities to determine attribution,” he said, including diplomatic and intelligence channels.

    Keeping the cyber war from evolving into a shooting war ultimately will depend on developing a set of rules to play by, said Thomas Fuhrman, a partner at Booz Allen Hamilton who works with the Defense Department. “Looking forward, what we need are cyber war rules,” Fuhrman said. “Today, there are no rules.”

    Issues of state sovereignty, privacy rights, and criminal and international law have not been addressed in this arena. Rules and norms for this new type of war eventually will emerge, Fuhrman said. “The question is, can they be accelerated,” so that we don’t end up in a shooting war while we’re waiting.

    About the Author

    William Jackson is a senior writer for GCN.

    Reader Comments

    Thu, Apr 30, 2009 Ramon Virginia

    How do we know the US already hasn't conducted cyber attackes on them?

    Wed, Apr 29, 2009 John Stanton DC

    Like others way back when, I wrote a lot on cyber warfare. I hit the trail early in 1995. To me, this seems to be an effort to bring US Counterinsurgency into the cyber cultural terrain/realm. Here are some items on cyberwar dating back 14 years. With the global economic structure now so reliant on the Net and networks, it would make little sense for a nation-state to disrupt networks. Probably safe to assume that illicit drug organizations rely on the Net as well. 1995–US Gov Efforts: http://www.springerlink.com/content/y322680tml37150x/ 1998–”White House Plans Cyber Homeland Defense Effort” published in National Defense. Feb 2000–Cyber War: http://www.nationaldefensemagazine.org/ARCHIVE/2000/FEBRUARY/Pages/Rules4391.aspx Feb 2001–“U.S. Homeland Defense Policy Mired in Competing Interests,” National. Defense 85 no.567 (Feb 2001) 2002–Terror in Cyberspace http://abs.sagepub.com/cgi/content/abstract/45/6/1017

    Tue, Apr 28, 2009

    There will never be a set of "RULES". Things today change at the drop of a leaf from a tree. Much faster than any thing can respond. Then it morphs again, and one must restart efforts there before being able to complete any previous resopnses.

    Mon, Apr 27, 2009 anthony vrsalovich Hanover, MD

    I am staggered that we need "rules of engagement" We are being targeted by Governmnets of countries hostile to the United States. With the technologies available to us we should be hitting back at the countries and shutting their infrastructure down - half a dozen successful hits to China and Russia should do the trick.

    Mon, Apr 27, 2009

    No kidding? I have an article from the Washington Times dated June 23, 2000, that says "Pentagon: China is preparing for high-tech war with U.S." That is not the first indication of cyber warfare, and China wasn't necessarily the first to attack/probe us. We need leaders who will react to this threat. We've already had portions of our power grid shut down, and several research institutes have been successfully attacked.

    Show All Comments

    Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

    Your Name:(optional)
    Your Email:(optional)
    Your Location:(optional)
    Comment:
    Please type the letters/numbers you see above

    GCN eNewsletters

    eSeminar