Tag Archives: cyber

Highlighting Catastrophic Threats

 

Catastrophic Threats

Earlier this month the Federation of American Scientists held its annual Symposium on Catastrophic Threats and Awards Ceremony at the National Press Club in Washington, D.C.  The date – November 9th – was chosen to coincide with the November U.S. presidential election and provide a forum for policy recommendations to a newly elected administration.  The symposium provided a wonderful venue for the discussion of the most-pressing threats facing the U.S.  Panelists called for steps to prevent catastrophic events, and increase response planning and preparation to those possible dangers.  These recommendations were published in a booklet, available electronically.

Because science plays such a critical role in underlying U.S. policies, from disaster preparation to farm subsidies, leaders must be armed with a science-based knowledge of the risks and opportunities policy choices present.  To this end, the symposium featured moderated discussions of four-to-five distinguished experts, grouped into related threat-areas: Nuclear Weapons; Biological, Chemical, Conventional, and Cyber Threats; and Energy and Infrastructure.

The session devoted to nuclear threats reiterated the group’s long-held goals of stockpile reduction and eventual total disarmament.  Senior FAS Fellow Charles Blair emphasized that the U.S. must start differentiating violent non-state actors in terms of their ability to pose a bona fide radiological or nuclear (R/N) threat, rather than treating all threats as possessing equal capabilities.  Proper identification of the threat will allow targeted policies and avoid wasteful expenditures of time and resources on groups that do not pose significant R/N threats.  Another FAS Fellow, Dr. Robert Norris, proposed that a fundamental alteration of Cold-War era nuclear doctrine is a prerequisite for arms reduction, with a minimal deterrence mission the only necessary use for the U.S. nuclear arsenal.

Lengthy discussions of biological-, chemical-, and conventional-weapons threats highlighted the need for increased accountability and controls, which are scarcer outside the United States.  Perhaps the most significant threat in the chemical and biological weapons fields stems from the fact that there is a growing dearth of technical experts in the former Soviet Union to handle existing stockpiles of agents. Without the incentives of prestige and financial rewards available during the years of the thriving Soviet weapons programs, even fewer personnel with the requisite training will be available to handle and safeguard stockpiles in the future. 

Those barrels full of chemicals looks safe to me!

The energy and infrastructure panel spoke in favor of nuclear energy with reminders that natural gas does not eliminate greenhouse gas production.  They also reminded attendees that the U.S. will likely import oil from Canada long after it frees itself of overseas imports.  Dr. Steven Koonin, of NYU, called for increased funding for alternative energy research and a reorganization of the Department of Energy to enable better understanding of markets and business policies.  Notably absent from the discussion was an in-depth assessment of the impact that the Fukushima Daiichi incident will generally have on nuclear power endeavors in the future, and in Japan specifically.

One subject that stood out for immediate attention is developing a framework for rules and definitions in cyber security and warfare.  The United States is ill-prepared to respond to a major denial of service attack aimed at critical infrastructure, especially in the cyber realm.  Dr. Kennette Benedict, from the Bulletin of Atomic Scientists, explained that the field lacks clarity on responsibilities and acceptable scope for security.  Increasingly sophisticated attacks on private and public networks demand a robust effort to ensure reliability and freedom from interference.  While the private sector has tremendous incentives to shore up defenses against intrusion and would benefit from federal support in defending network architecture, transparency and trust are in short supply at this time.

As an illustration, were a major electrical grid or other critical infrastructure component attacked, resulting in losses of life and industrial output, how would the United States respond?  Would this be defined an act of terror an act of war?  Would the response be treated like a natural disaster?  No clearly defined roles have been established for preventing and/or prosecuting major acts of cybercrime.  No public forum exists to discuss the norms associated with cyber warfare, define acceptable measures that may be taken against individual or state-sponsored actors, or set limits to intrusion that occurs under the guise of security.

We can’t be hacked if we unplug it from the grid, right?

Not only will clarifying these issues benefit the private sector, but transparency will also pay major dividends in foreign policy negotiations.  As with any new weapon, uncertainty will lead to mistrust and fear, which often precipitate wasteful arms races.  U.S. leaders must come to the table with candor in order to develop policies that promote security with minimal interference for all.  A massive blackout or disruption of services would be devastating for everyone; CIMSEC could be the group that suggests a way forward.

More information about the event can be found at the Federation of American Scientists’ website: www.fas.org

LT Drew Hamblen is a naval aviator in the U.S. Navy and graduate of Georgetown University. The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy. 

President Deploys US 10th Fleet

International Maritime Satire Week Warning: The following is a piece of fiction intended to elicit insight through the use of satire and written by those who do not make a living being funny – so it’s not serious and very well might not be funny.

Navy 10th Fleet Sailors test out their new digital digital camoflauge uniforms for their deployment to cyberspace.

Secretary of Defense Leon Panetta announced today that the U.S. Navy’s 10th Fleet will make a groundbreaking deployment directly into cyberspace later this month.  Citing a “clear and present danger” to the nation’s cyber security, over 500 Sailors will enter the internet and confront cyber threats head on.  “We have a very real need to eliminate these threats to our national security,” said Panetta.  “Nothing less than the full commitment of our forces will be sufficient.”

New technologies will be used for the ground-breaking deployment, including an experimental laser developed by ENCOM Cyber Technologies, which will enable the Sailors direct access to cyberspace.  In a statement released by Vice Admiral Michael S. Rogers, 10th Fleet’s Commander, he stressed the importance of cooperation between the Navy and ENCOM.  “Without access to this technology our warriors would not be able to confront our enemies,” wrote Rogers.  “We thank our industry partners for their impressive developments.”

PT: A 10th Fleet Navy LT plays a game of virtual ultimate frisbee to condition himself to the rigors of cyberspace.

The deployment of 10th Fleet – expected to last six-months barring any emergent tasking – provides an exciting opportunity for the fleet’s Sailors, including port calls in cyber cafes in Estonia, apartment blocks in Russia, and a military academy in China.  But it will be a challenge and strain on family ties.  Cryptologic Technician (Technical) Second Class Kevin Flynn of Grand Forks, ND will be one of the Sailors participating in the deployment.  “I didn’t join the Navy to sit behind a desk” said Flynn, “even though I have to leave my family this is going to be an amazing few months.”

While much of the deployment’s goals are shrouded in secrecy, a DoD official who asked not to be named because she is not allowed to speak to the press did provide some details.  A specific piece of software known as the Master Control Program (MCP) is high on the list of targets due to its potential to harm highly vulnerable DoD cyber assets.

At a press conference yesterday President Obama commented briefly on the deployment.  “As Commander-in-Chief one of my most sobering duties is to ask our young men and women to go into harm’s way,” said Obama.  “But let me be clear, there is no other way to eliminate these grave threats to our freedom.”

The U.S. Navy’s 10th Fleet was reactivated in 2010 and is headquartered at Fort Meade, MD.

“Was it Over When the Drones Bombed Pearl Harbor?”

"It's not delivery, it's deceptive."
“It’s not delivery, it’s deception.”

After months of patient progress the drones reached their targets. Over the span of a few weeks they silently arrived at their pre-assigned loiter boxes (lobos) in the many harbors of Orangelandia. Having been launched from inconspicuous commercial vessels in major shipping lanes, the transit time was shortened by a good month. Yet for the few who knew of the operation, the anxious waiting was plenty long enough. The policy makers monitored the gliders’ headway via secure satellite datalinks and assured themselves that the operation, sold as a precautionary measure, was warranted in light of heightened tensions with Orangelandia.

As the weeks passed tensions only increase. Orangelandia declared its claimed EEZ closed to all foreign military vessels and threatened to sink any violators. After making good on its promise in a naval skirmish against a neighbor with rival claims to an island chain, Orangelandia was given an ultimatum by the U.N. Security Council* to stand down. With no sign of the occurring, the policy makers decide it’s time to act.

——

Darkness falls in Orangelandia. Satellites command the gliders forward. They drift further into the harbors, their targets are naval vessels they’ve monitored for days. The sailors on watch see and hear nothing more than what they attribute to the usual debris floating by on a moonless night. The gliders release their payloads – smaller drones that specialize in climbing the hulls of ships. After clamoring aboard the weatherdecks, the small machines avoid the sealed doors of the ships’ airlocks and feel out the superstructures, their goals the exhaust stacks for the ships’ engines and generators.

On a few ships at anchor the drones encounter humming engines and generators, beckoning the heat-seeking drones. Burrowing past the louvers the drones drop down through ducts and move towards the ships’ mechanical hearts. As the heat of the exhaust on the active vessels melts the drones’ exterior sheathing, thermal-triggered explosives carried in the drone cores detonate, delivering mission kills and rendering the ships immobile for weeks-to-months of critical repair. On the inactive ships it takes longer for the drones’ schematics-recognition features to determine the stacks’ location but the outcome is more devastating. The drones are able to move further into the exhaust system’s interior, detonating once progress is blocked, and increasing the likelihood of destroying the engines or generators themselves. Within the span of a night the majority of Orangelandia’s in-port fleet is crippled.

My other drone is a Reaper
My other drone is a Reaper

The above passage is of course a piece of fiction, and not very good fiction at that. But it doesn’t have to be. The technology to enable the scenario exists and will become more sophisticated and cheaper in the coming years. This is also far from the only way to imagine a “Drone Pearl Harbor,” as slightly different capabilities hold the potential to impact the way an attack could play out.

Decision points

In developing a concept of operations for a stealth drone attack the ability to give the execute order is a sticking point. The technologically easiest course of action would be to simultaneously make both the decisions to set up for and to execute the strike at the beginning of the decision cycle, launching the drone operation as a “fire and forget” (or rather “fire and wait patiently”) strike. Yet few policy makers will want to make an irreversible decision far in advance of the impact of the effects. The decision to attack Orangelandia may be correct in the context of the 7th of the month, but not the 21st. One needs only remember the desperate attempts to recall the nuclear-armed bombers of Dr. Strangelove to grasp the concept.

However, any attempt to move the “execute” decision point later than the “set up” order, as I did in my example, faces technical hurdles. A direct transmission signal requirement would make the drones vulnerable to detection and possible hijacking or jamming. Using broadcast signals to transmit orders and obscure their location means leaving the drones even more susceptible to hijacking and jamming as Orangelandia could constantly emit signals to that end. Similar vulnerabilities exist when the drones are given reporting requirements, so an informed balancing of the need for one- or two-way communication and concerns over the exposures those needs create is necessary.

Variations on a Theme

The above scenario was played out against a generic surface ship. Other types of naval vessels have more accessible points of entry; and the job of penetration is made easier at less-stringent damage control settings that leave hatches and air locks open. Additionally the ways, means, and follow-on considerations of a drone sneak attack are also variable, but can be roughly broken down into fouling attacks, as in the scenario above; direct attacks; and cyber-attacks.

In a fouling attack, the drone payload would be used to achieve a mission kill against a critical piece of shipboard equipment. The drone would need the ability to locate that piece of equipment through some type of sensor – visual, thermal, chemical, etc. External targets, such as a ship’s propellers, would be the easiest to target. The benefit of a fouling attack is that the payload could be a small explosive, limiting drone’s size, likelihood of detection, and propulsion requirements for a trans-oceanic voyage. It could even be the drone itself, outfitted with special equipment or configuration options to inflict the maximum damage on the piece of critical gear. As an example imagine a piece of corrosive wire wrapping itself around the same hypothetical propeller. Again, the execute order in this type of attack could be withheld until very late in the decision-making process while the glider drones do “circles of death” in their lobos.

In a direct attack the glider drone would carry a weapon payload designed to inflict maximum kinetic damage. Such an attack would require less sophisticated targeting internal to the drone and could be used to attempt to disable a large portion of the ship’s crew and/or sink the ship. As with fouling attacks, direct attacks would be easier to conduct once the glider was on station and could incur the same delayed-decision benefits, the increased explosives requirement would increase the drone’s size and detectability.

We're gonna need a bigger fly-swatter.
We’re gonna need a bigger fly-swatter.

In the last type of attack, a payload drone would find a way to penetrate the ship and access the ship’s industrial control systems (ICS), which operate things such as the ship’s main engines, to introduce a Stuxnet-like virus. Such drone would need to be small enough to fit through minuscule spaces or blend in during the process of crew traffic opening and shutting airlocks. The drone would also have to be the most advanced to successfully navigate around the ship unseen and interface with ICS through diagnostic, patching, or external monitoring ports. Such a drone could delay the policy-maker’s execute order until well after infection, potentially expanding the decision timeline until well after the drone has achieved its mission and the vessel has gotten underway. This delay would come at the cost of the very difficult task of being able to transmit the final execute order to the newly infected ICS, so the decision to infect the systems would more realistically have to be paired with the decision to execute virus’s programming. On the plus side, a cyber/drone sneak attack could potentially disguise the source of the attack, or even that an attack has occurred, unlike the other two types of attack, providing policy makers with further options than simply a kinetic attack.

That these courses of action are possible says nothing of whether executing any of them would be wise. The risk and potential repercussions of each course of action is as varied as the ways in which such an attack may occur. This is one reason I have attempted to draw out the effects different technologies have on moving the decision points. But possible they are, so it would be wise to both think of ways to take advantage of the options as new tools for policy makers, and think of ways to defend against them that don’t rely on weary roving deck watches. A few defensive options that come to mind include more stringent damage control settings in port, a thorough examination of the vulnerability of vessels and shipboard access points to drone penetrations, detection systems for drone penetrations, drone SIGINT detection and jamming, and possible external hardening of berths. But this is probably a good jumping off point for another post and your thoughts.

Scott Cheney-Peters is a surface warfare officer in the U.S. Navy Reserve and the former editor of Surface Warfare magazine. He is the founding director of the Center for International Maritime Security and holds a master’s degree in National Security and Strategic Studies from the U.S. Naval War College.

The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy.

*So no, Orangelandia is clearly not China, a veto-wielding member.

Tubes: A Reason for Cyber-Optimism?

Not intelligent — yet. This visual representation of the Internet by the Opte Project is important for what it doesn’t show: the physical places which enable these connections.

It’s been quite a week for cyber issues in the news. CIMSEC’s own Matt Hipple has a must-read article in this month’s Proceedings about “Cloud Combat,” the coming blur between man and machine, and the rise of autonomous weapons systems. As a child of the ’80s, his writing couldn’t help but conjure in my mind the image of Governor Schwarzenegger in all his red-eyed glory as the Terminator. After reading Matt’s article, I skipped across cyberspace to Wired’s Danger Room, where I read about GPS spoofing and drones, a topic Matt also covers in his piece. Though the Wired post says that researchers only made a drone assume a crash course, it seemed all of a sudden that making drones take lives when we don’t want them to is more than plausible with today’s technology.

Autonomous weapons systems? Machines tricked into behaving badly? This common plot seems to be everywhere in our imagination: from Prometheus and the “Alien” franchise to Call of Duty: Black Ops II. In the world of the arts, drones, cyber attacks, and the loosening of man’s control over technology have constituted common plot elements throughout my lifetime. Now, it seems like technology is actually catching up with our imagination. It’s no wonder, then, that the military has placed so much emphasis on cyber warfare – it is an opaque medium. And we fear that which we don’t understand.

Fretting over the risks of modern technology, a pit of anxiety formed in my stomach as a dim memory from 2003 surfaced. Acting on it, I re-watched the last few minutes of Terminator 3. As autonomously-launched nuclear weapons decimate the human race, the character John Connor says the following lines:

By the time SkyNet became self-aware, it had spread into millions of computer servers across the planet. Ordinary computers in office buildings, dormitories – everywhere. It was software – in cyberspace. There was no system core. And it could not be shut down.

The Cloud! Nothing seems more threatening than this ethereal place, where all of our data resides to be taken or manipulated. And still more threatening code could reside there, as in the film. Members of my generation, I think, frequently think about these issues and feel powerless because the technology is already here. Pandora’s box has already been opened, so to speak, and we don’t know the awesome and potentially destructive implications of the rise of this technology. But… even though the new frontiers of technology are indeed threatening, there are many reasons to pause before buying all the bottled water you can find and speeding off to your bunker in the country.

Those of us living on the mid-Atlantic seaboard are still recovering from the so-called “Super Derecho” that felled trees and caused blackouts that for some are only being repaired now. As the Washington Post noted earlier this week, an Amazon data center was a casualty of the storm and the popular Netflix, Instagram, and Pinterest applications were all affected. Despite the fact that the Internet’s predecessors were specifically designed to be survivable, The Cloud, data feeds for our drones, and all of the other cyber-boogeymen we love to fear reside in physical places as vulnerable to real-world events as you or I.

This truth brings me to the title of the post: for those of you wishing to dispel some of your fears of our cyber-frontiers, the book Tubes: A Journey to the Center of the Internet is a great place to begin. The title is a riff on Sen. Ted Steven’s famous declaration that “the Internet is a series of tubes,” which rose to become a prominent internet meme. The author, Andrew Blum, essentially confirms Sen. Steven’s much-lampooned statement. Even in our wireless age, there is still a huge physical infrastructure supporting the internet – much of it tubes: fiber optics, transoceanic cables, and the like. This physical infrastructure needs power and cooling and is as vulnerable to fires, power outages and – most importantly – the destructive agency of man.

For a military reader, Tubes illustrates a useful lesson: as much as we talk about cyber warfare and the ability of malicious computer programs like the StuxNet virus to affect the physical world, the physical world’s affect on the cyber realm is equally as important. In fact, the structure of the Internet may be particularly vulnerable, according to scholars. A paper published by Doctors Cohen, Erez, ben-Avraham, and Havlin from 2000 says that the removal of a few key sites from some networks could bring them down entirely.

So, for the time-being, it makes sense to pierce the veil covering the Internet, machines, and what we’re doing with them and stop our hand-wringing over Judgement Day. Andrew Blum’s engaging writing and deft manner of illustrating complex issues simply are perfect for the layman who doesn’t know a TCP/IP protocol from a toaster. When it seems we’re a keystroke away from a technological armageddon, Tubes rises above the cacophony of fear-mongering and suspicion and reminds us that our technological creations are as vulnerable as we are — for now.

LT Kurt Albaugh, USN is President of the Center for International Maritime Security, a Surface Warfare Officer and Instructor in the U.S. Naval Academy’s English Department. The opinions and views expressed in this post are his alone and are presented in his personal capacity. They do not necessarily represent the views of U.S. Department of Defense or the U.S. Navy.