November 6,2008:
Cyber Wars are already underway, but the practitioners are doing it
covertly, lest there is a conventional counterattack. Nuclear weapons have kept
the major nations from going to war with each other for the past half century.
That will probably continue. But Cyber War provides an opportunity to fight an
anonymous war against another nation, without leading to physical violence on a
large scale. But only if your don't make the target nation really, really mad. This
is a delicate balancing act.
This has
been done in the past, largely by quietly supporting opposition or terrorist groups in enemy
nations. The key here is hiding your tracks. The earliest signs of this was the
highly damaging Code Red virus of 2001, which apparently came from China. The
origin of the virus was traced back to China, but China denied any
responsibility and got away with it.
China,
unlike other nations hostile to America (North Korea, Cuba, Iran), has a large
and growing Internet presence. China has thousands of skilled Internet
programmers, and has admitted it is putting together military units for developing
and using cyberweapons. So the next time there are tensions between the United
States and China, there will be an outbreak of nasty, and hard to trace, Cyber
War attacks on the United States. The
only problem China faces with this approach is that if its weapons hit other
nations as well, and China were found out, the diplomatic backlash would be
damaging. Even if attacks only made against United States and were not traced
back to China, China would still be the chief suspect. It would be a case of
China being the only nation with the motive and means. Of course, China could
always slip Iran or North Korea some choice cyber weapons and wait for those
nations to take a shot at America. And the Chinese are no doubt aware that
America could launch its own anonymous cyber attack on China. You wouldn't be
able to hide the effects of such a covert war, nor the scrambling of diplomats
to bring the undeclared war to an end. Meanwhile, China is content to use Cyber
War tools mainly for espionage. So do many other nations.
These
undeclared, and unofficial, Cyber Wars have been going on for over a decade
now. And the tools available to the attackers are becoming more powerful.
What's behind this are several dozen gangs that undertake large scale criminal
operations on the Internet. Most people see the results in the form of spam
email (over 70 percent of all email is spam) and operations that secretly take
over personal and business PCs, so these computers can secretly transmit spam,
or huge quantities of bogus messages that shut down targeted web sites (DDOS,
or distributed denial or service attacks). The gangs also specialize on finding
all manner of secret, or sensitive, information, and selling it. Intelligence
agencies are often eager buyers.
It appears
that China and Russia, or at least their security services, have made deals
with some of the gangs. It works like this. If the secret police want some
Internet based spying done, or a DDOS attack unleashed on someone, the gangs
will do it, or help government Cyber War organizations do so. In return, the
gangs have a safe haven. The gangs have to refrain from major operations
against the country they are in, but most of the targets are in the West
(that's where most of the money is). Of course, no one will admit to this sort
of thing. But criminal gangs working for the secret police is an ancient
practice in these two countries, something that goes back centuries.
Secure in
their safe havens, some of these gangs are now going after the commercial
services that try and control spam, DDOS attacks and all manner of computer
crime. The gangs obviously have an interest in trying to interfere with these
security companies, and are apparently feeling secure enough from retribution,
and prosecution, to do so.
The U.S. is
the main target for the Internet based espionage, and has not yet come up with
a way to get the foreign hackers to stop. American officials don't want this
stuff in the media either, because the losses are embarrassing, as is the lack
of an effective plan to halt the plundering. Occasionally, some details leak
out, like the military asking Congress for permission to use more aggressive
methods in going after the cyber spies. This quiet war could have enormous
implications for any future conventional conflict. The Chinese are going after
military technology, and it's not always obvious what they've got, and what
they haven't. This increases the probability of some nasty, and painful,
surprises when the shooting starts.