Week of July 19, 2019

   Cyber Warfare Comes to the United States

The problem of cyber security of America’s computer systems is a growing threat.

A week ago, a black-out in New York left the entire Manhattan area without electricity.  The incident occurred on the anniversary of the massive blackout that happened in 1977.  Although the electric power company, Con Edison, said it was a transformer failure compounded by the failure of several backups, it will take time until the investigation if finished.

Meantime, according to network security specialists at the International Institute of Cyber Security (IICS), some believe there could be a link between this incident and the cyberwar that has started between the US and Iran.  It is known that hacker groups sponsored by governments on previous occasions have targeted power grids with malware that could disrupt electricity.  In fact, the New York Times reported that the US government had implanted malware that could cripple the Russian power grid.

While the investigation continues, experts aren’t ruling out any reason for the NYC blackout.  The CSIS reports that the US is a cyberattack victim more than any other country in the past 13 years.  Meanwhile, China, Iran, North Korea, and Russia are the biggest offenders.

Hackers behind at least two potentially fatal intrusions on industrial facilities have expanded their activities to probing dozens of power grids in the US and elsewhere, researchers with security firm Dragos reported last month.

The Politics of Cyberwarfare

Meanwhile, the issue of cyberwarfare has become a political football.  The issue concerns a secret Trump memo that lifted restrictions on US Cyber Command’s operations against adversaries.  The previous memorandum, signed by Obama, restricted offensive cyber operations against adversaries.  The Obama memo called for coordination between agencies before offensive cyber operations could take place.

The Obama Administration was afraid that a cyberattack on an adversary’s computer system might inadvertently impact computer networks in neighboring countries.

The Trump Administration wants to have a more aggressive response.  National Security Advisor John Bolton said, “Our presidential policy directive effectively reverses these restraints…Any  nation that’s taking cyber activity against the United States, they should expect, and it is part of creating structures of deterrence so it’ll be known publicly as well, we’ll respond offensively as well as defensively.”

The Democratic controlled House of Representatives has asked the White House to share the document, which they have refused to do.  Meanwhile, the Republican controlled Senate seems satisfied with the Trump memo.

Most hacking attacks are kept secret.  However, one hack that took place a few years ago showed how they can impact national security.

In 2015, an American company called Tracking point manufactured a sophisticated sniper rifle that offered first shot accuracy.  The rifle cost about $12,000 and the company was targeting the US military for sales.

Not only did the rifle’s computer calculate where the bullet would hit based on distance, temperature, wind, etc., it could share the image the shooter was seeing though the telescopic sights with commanders back at headquarters.

It could also prevent the shooter from firing the weapon if the commanders decided to override the men in the field.

However, some American security researchers were able to hack the rifle through the communications link that allowed commanders to monitor the operation.  They showed how they could guarantee a miss by the shooter by subtly changing bullet weight or temperature. And, they could prevent the rifle from shooting if they wished.

The same type of hacking could be employed against drones or even manned aircraft.  This has led some national security experts to say the US is losing the defensive segment of cyberwarfare.

While the US is skilled in mounting cyberattacks on Russia and Iran, there aren’t as many protections in place in the US.  Part of that is because much of the American cyber grid is privately owned and many companies see cyber defenses as a drain on profits.

“I believe we are in a declared cyberwar,” said Michael Bayer, a Pentagon advisor who recently reviewed Navy cybersecurity.  “It is aimed at the whole of society and the state.  I believe we are losing that war.”

 American cybersecurity has many facets – private businesses, national defense and intelligence contractors, and government computer networks.  And America’s opponents have discovered that going after private companies and defense contractors is easier.

In 2018, China gained access to a Navy contractor’s computers that provided them with intelligence on anti-ship missiles and what the Navy knew about China’s maritime activities.

China has also reportedly stolen data on the F-35 fighter, littoral combat ships, anti-missile systems, and American drones.

A Navy cybersecurity review made public in March said defenses were lacking and Defense contractors were, “hemorrhaging critical data.”

This is one reason that Trump signed the new cyberwarfare memo.  Cyber defenses take time to put in place and the administration was making it clear that they wouldn’t hesitate in retaliating for a cyber-attack.  In fact, last month Bolton stated, “You will pay a price,” if a country carries out a cyber offensive on the US.

But, would a cyberattack leave the US unable to respond.  As we saw in the crippling of the sniper rifle, a hacker could stop US guns, missiles, and bombs from being used.

Pentagon auditors have found major weapons systems have been exposed to cyber attacks because of simple mistakes like a failure to use encryption, improper authentication protocols, proper passwords, or leaving servers unlocked.

Another problem is that skilled cybersecurity experts are more likely to work for private companies that pay more.

There is also the massive logistics tail of the US military that could be interfered with.  Food, water, ammunition, and fuel could be delayed or even diverted with the right malware.

Another concern is the US military’s reliance on satellite-based navigation like GPS.  Only recently has the military realized that a failure of the GPS system could cripple operations.  For the first time in a generation, Naval Officers who will be responsible for shipboard navigation will be forced to study celestial navigation – something that every Naval Officer was forced to master before receiving his commission thirty years ago.

Despite the problem, Congress and the Administration prefer to spend their money on tangible defense assets like aircraft and ships.  That’s why unclassified cyber spending in the federal government only accounts for 2% of the budget.

“We need to have the bombers and planes and missiles to make sure we can defend the country in a conventional conflict, but we also need to face the reality, and gray zone conflict is happening now and will continue to go forward, said Rhode Island Democrat Jim Langevin, who chairs the House Armed Services Subcommittee on Intelligence and Emerging Threats and Capabilities.

This is a bipartisan concern.  South Dakota Republican Senator Mike Rounds, who chairs the Senate Armed Services Cybersecurity Subcommittee states, “While we have made progress, it would be fair to say we have a long way to go.”

As the Monitor analysis mentioned a few weeks ago in the analysis on American-Russian nuclear arms treaties, the new first strike weapon of the 21st Century is a cyberattack, not nuclear weapons.

The last thing an American president wants is a cyberattack on the US and no viable response but nuclear weapons.  That could be a major reason for the new Trump memo authorizing a more aggressive cyber response against countries like Russia, China, North Korea, and Iran.