U.S. already at war in cyberspace, experts say

SAN FRANCISCO — Cyber warfare is a reality, and the United States already has been engaged by a number of adversaries, a panel of experts said today at the RSA Security Conference.

“There is no question we are in the midst of a cyberwar,” added Dmitri Alperovitch, vice president of threat research at McAfee.

Because the war involves infiltration, espionage and sabotage rather than conventional weapons, it looks much like the Cold War waged by the United States and the Soviet Union in the post-World War II 20th century. But there are important differences, the panelists said. The Cold War was bipolar, with just two sides; there are many players in the cyberwar, and they each can have different goals.

“We knew what the rules of engagement were during the Cold War,” said Ed Giorgio, president of Ponte Technologies, who worked at the National Security Agency for 30 years. But no one knows what rules we are playing by now. “If we play the game by a different set of rules than our adversaries, we are going to lose. The rules of engagement are important.”

One of the greatest differences between the Cold War and the current cyber war is that we knew our Cold War adversaries. Today, we do not necessarily know the source of the cyberattacks that are hitting and sometimes penetrating our information systems.

“Direct technical attribution is difficult, if not impossible,” said Ed Skoudis, a senior security consultant at InGuardian, who is working at the National Defense University on a project on the use of cyber power. The lack of knowledge has an impact on the kind of response the United States can make. Although an attack may appear to come from one country, “You can’t jump to the obvious conclusion that the country is behind it.”

Alperovitch said that although attribution may be difficult, it is not impossible. “We have a number of capabilities to determine attribution,” he said, including diplomatic and intelligence channels.

Keeping the cyber war from evolving into a shooting war ultimately will depend on developing a set of rules to play by, said Thomas Fuhrman, a partner at Booz Allen Hamilton who works with the Defense Department. “Looking forward, what we need are cyber war rules,” Fuhrman said. “Today, there are no rules.”

Issues of state sovereignty, privacy rights, and criminal and international law have not been addressed in this arena. Rules and norms for this new type of war eventually will emerge, Fuhrman said. “The question is, can they be accelerated,” so that we don’t end up in a shooting war while we’re waiting.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • cybersecure new york city

    Cybersecurity for smart cities: Changing from reactionary to proactive

Reader Comments

Mon, Aug 30, 2010 dblanchard

I agree that change happens too quickly for rules of engagement to mature enough to be productive, but I also don't feel that rules of engagement will develop as they did during the cold war. As pointed out in the article, we knew the enemy then, and rules could be diplomatically established and refined. In this case, we know who some of the enemies are, i.e. some governments, but we don't know who the non-governmental enemies, and we additionally don't know all of the targets. We have seen some corporate servers targeted by foreign governments, and obviously domestic corporations are targets from home and abroad by their competitors. For attacks by, or on behalf of, domestic groups against public or private domestic resources, laws need to be better laid out, but for all other scenarios, the "rules" will need to be flexible, and will necessarily vary depending on who the foreign entities are. We would appropriately treat attacks by terrorist groups differently than attacks by a "allied" government, and differently still than for those by a privately held company in a friendly or unfriendly country. I don't think any of this, outside U.S. laws pertaining to attacks originating within the U.S. will ever really be codified, nor will it need to be. As with the cold war, this will all come down to what actions maintain the balance of power, just slightly in our favor. In some cases, some restraint will be exercised, and in others, none shall be demonstrated.

Thu, Apr 30, 2009 Ramon Virginia

How do we know the US already hasn't conducted cyber attackes on them?

Wed, Apr 29, 2009 John Stanton DC

Like others way back when, I wrote a lot on cyber warfare. I hit the trail early in 1995. To me, this seems to be an effort to bring US Counterinsurgency into the cyber cultural terrain/realm. Here are some items on cyberwar dating back 14 years. With the global economic structure now so reliant on the Net and networks, it would make little sense for a nation-state to disrupt networks. Probably safe to assume that illicit drug organizations rely on the Net as well. 1995–US Gov Efforts: 1998–”White House Plans Cyber Homeland Defense Effort” published in National Defense. Feb 2000–Cyber War: Feb 2001–“U.S. Homeland Defense Policy Mired in Competing Interests,” National. Defense 85 no.567 (Feb 2001) 2002–Terror in Cyberspace

Tue, Apr 28, 2009

There will never be a set of "RULES". Things today change at the drop of a leaf from a tree. Much faster than any thing can respond. Then it morphs again, and one must restart efforts there before being able to complete any previous resopnses.

Mon, Apr 27, 2009 anthony vrsalovich Hanover, MD

I am staggered that we need "rules of engagement" We are being targeted by Governmnets of countries hostile to the United States. With the technologies available to us we should be hitting back at the countries and shutting their infrastructure down - half a dozen successful hits to China and Russia should do the trick.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group