Information Warfare: China Does The Math


April 3, 2012:  Over a decade of Internet based attacks on the United States by Chinese, Russian, and sundry other hackers has caught the attention of the U.S. government. Chinese efforts are particularly worrisome because they are the most successful and often target military and civilian technology. But this attention has led to the realization that there is no easy or even available solution to U.S. vulnerability.

Many Americans, including government officials seem to believe that a quick solution is available, that if enough money were spent then an "A Team" of Cyber War experts could be assembled and fix the problem. It's believed that the only impediment is money, which is in short supply at the moment. The reality is worse. There is no A Team because the government can't afford to compete for the few good people available. Moreover, it's not just Americans who are vulnerable. Chinese defenses are in worse shape. Since the U.S. has a lot more to steal (technical and other business secrets) that increased vulnerability does not matter much.

The Western financial community is the best defended because they have been at it the longest and are constantly under attack by the bad guy A Teams. Tech firms tend to be well defended, if only because they have a lot of in-house talent and a lot to lose. But the majority of commercial and government organizations are vulnerable, to varying degrees.

There are ways to make yourself less vulnerable, even with a shortage of skilled technicians. For example, noting how effective Microsoft has been in automating computer security for hundreds of millions of unskilled PC users, the U.S. Department of Defense is increasingly creating custom versions of Windows operating systems and installing their own automated security features and automatic software updating systems. The reason for all this is that the Department of Defense has long accepted the fact that it cannot attract a sufficient number of security experts. The military has to compete with the commercial sector for these scarce security personnel, and with the shortage of such people, government pay and benefits cannot compete. But the government does have other resources, which make it possible to develop custom automated security systems.

For example, the NSA (National Security Agency) has worked with Microsoft on security aspects of the Windows 7 operating system. This is nothing new. Earlier, NSA worked with the U.S. Air Force and Microsoft to develop a special version of Windows XP, one that had over 600 operating system settings shut down or modified so that hackers had a harder time penetrating air force network security. Some of it was simple stuff, like ensuring that the highest level password (the admin password, which gives you access to everything) can never be the same as a lower level (user) password. The system is also modified to have passwords expire every sixty days, forcing users to create new ones. NSA also assisted in preparing a special version of Windows 7, which is already in use, and discourages a lot of hacker activity.

The military has another advantage in that they can impose more discipline on how their personnel use their PCs and networks. This makes it easier to build in additional security features and regularly update those items. The big weakness the Department of Defense networks have is their exposure to the Internet, which is awash in hackers and malware (software that will infiltrate PCs and steal your data). One American solution to that has been the establishment of two large networks that use Internet software but are closed to civilian users.

NIPRNET (Non-classified Internet Protocol Router Network) is the military network connected to the internet and has over three million servers. Although unclassified, NIPRNET contains a lot of logistics (supplies, including requests for stuff) and personnel matters (addresses, phone numbers, and even credit card numbers). Separate from NIPRNET is SIPRNET (Secure Internet Protocol Router Network). This net is not connected to the Internet and encrypts its data. This network is rarely attacked and penetrations are few, if any (all discussion of SIPRNET attacks are classified).

The new Cyber War operations established by each of the services, and the Department of Defense overall, are meant to insure that NIPRNET and SIPRNET stay safe. But for the rest of us, it's much less secure and not likely to get any better in the near future.




Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close