Cyber Warfare: Should The US Play Defense Rather Than Offense?

Visit the front pageVisit your profilePublish a blog post

Cyber warfare is the topic du jour for the media. From the Stuxnet and Flame viruses, to reports of hackers taking information from LinkedIn and LastFM, cyber security and warfare have been in the news in a big way.

In the latest round of budget appropriations, Congress mandated that US Cyber Command prepare to fight and win wars in cyberspace. Cyber Command, formed in 2009, is the Pentagon’s computer hacker and security division. Already, the US under President Obama has been unafraid to wage war using computer viruses. Yet, for the offensive weapons Cyber Command is preparing, even the Pentagon agrees we are not prepared for a cyber attack.

The United States has more computers than any other nation on Earth. Everything is controlled by computers of some type, from water and sewage systems, airports, the government, the military, and our financial system. With the United States being so interconnected to one another, the damage from a cyber attack by a foreign government or rogue terrorist group would be severe.

Every day, a group of government hackers work in offices, laboratories, and even small apartments attempting to find vulnerabilities in popular programs and software services.

These professionals work for the government. Their job is to find possible weaknesses in our computer systems and notify the programmers and administrators of those systems. They use computers to poke and probe millions of lines of code a day, all across America. When they find a vulnerability, they provide all the information to the programmers, who work on a patch to repair the code.

These patches are provided as updates to users. Once a patch is released, the government hackers begin working on the new code. This process repeats over and over again. Yet, for all the open source materials out there, the growing number of apps, the proliferation of mobile technology, and the demand for connectivity via 4G, there are not enough analysts to probe every possible line of code which could put the system at risk.

While the Pentagon traditionally focuses on the axiom of “the best defense is a good offense”, cyber warfare is very different. Even if the Pentagon manages to make weapons which can target even the most exact of devices, the United States is still vulnerable.

A teenager took control of a water plant in Houston, without the operators knowing. A hacker in China was able to steal files from 20 different American companies in a two-week period in 2010. Computer hacker groups have targeted various companies and individuals in retaliation for perceived wrongs. Another group was credited with almost breeching the Pentagon and CIA in a mass effort.

America’s computer networks are exposed. Computers are now attached to the Internet which were never intended to be on the Internet. Mobile devices are able to create hotspots in areas, where even secure computers can be found online. Mobile devices are replacing desktop and laptop computers, adding to the vulnerabilities.

US Cyber Command still suggests all computer and mobile device users keep their software up to date and secure. They suggest having complex passwords for your information. They suggest people use only secure WiFi connections behind a firewall.

America’s computer network can be exploited by even novice hackers. In one scenario from a professional computer security analyst in Washington D.C., a computer of a child could become infected by playing a game online. The game would contain a virus which hides in common software programs.

As those programs are used, the virus becomes part of the documents transmitted and shared with other users. Documents are viewed on computers that are behind security measures, which are then believed safe. These documents infect the program to attach more viruses to more documents.

Once the hacker feels ready, he releases the code into the virus to initiate. At that point, all the documents are instantly available for the hacker to read and view.

It’s situations like this which private security analysts are working to prevent. The Pentagon is working with these contractors to secure computer networks. Even with the best security, the system is never truly secure from hackers.

Upgrading and securing the entire network, eliminating every vulnerability, and become completely protected is virtually impossible. The Pentagon is attempting to create a defensive network of security systems while providing offensive capabilities against enemy targets. Sadly, the United States is not prepared to defend against these attacks, and the damage could be catastrophic for a society highly reliant on computers for even basic services.

While having the ability to target a specific computer system is important, the ability to protect the American network from attack is vital to our economy, our military, our government, and our way of life. The Pentagon is facing a difficult challenge with cyber security. A challenge which grows more difficult every day.

Published by:

siavash's picture