Exactly Where is Cyberspace?

Don't offer me a place...

out in cyberspace...

'cause where in the hell's that at?!

Billy Bragg lyrics

If we are fighting a cyberwar, where are we fighting it? On the hardwired worldwide Web? In file servers and computer terminals where signals are stored or begin or end? In the mobile and satellite transmissions through the atmosphere and all around us? We seem to know what the weapons are: malware, ransomware, shutting down entire systems, taking over control of critical operations, disinformation, hacking information, stealing technology and hard cash, secretly tracking “every step you take, every move you make” and rendering everything that matters to you useless.

Oh, and it’s not always the “bad guys” over there that use these tools of obvious devastation. Of course, to our enemies, we are the “bad guys.” During the Obama administration, for example, the US/Israeli Stuxnet malware caused Iranian weapons-grade-plutonium-separating centrifuges to fly apart, effectively setting Tehran’s nuclear program back years (before the six-party, UN-sponsored accord was signed). When you think of the potential consequences of such malware – from crashing satellites to erasing/altering financial or medical records, shutting down the financial markets entirely to knocking out a massive power grid that could take years to rebuild to rerouting weapon systems and shutting down aircraft mid-flight – the threat of nuclear weapons slides down the priority list quickly. Why?

Because nuclear weapons are too easy to trace, too simple to retaliate against. And the retaliation can often be “mutually assured destruction.” There is no plausible deniability with nukes. And there are always efforts toward nuclear arms reduction, non-proliferation treaties, since testing nukes is hardly a big secret. We know who’s got nukes because they cause a rather dramatic big bang, even when tested deep underground. Cyber weapons, on the other hand, can be deployed secretly with plenty of plausible deniability.

But why aren’t there any treaties – hell, even any negotiations – concerning cyber-conflicts? Because to negotiate a treaty, first a government has to admit that it does it and second the parties have to explain what they are able to do. Even our national security agencies often keep secrets from each other! The cyber-conflict world is buried so deeply into cloak and dagger darkness – to the point where the government hardwires in the ground in strategic communities are buried and unmarked – that no one is even willing to admit that these technologies even exist.

The Russians are way out ahead of the United States in this arena. And North Korea, China and Iran are not that far behind. Israel is quiet about their involvement but are legendary in their capacity. Funny that nations with nuclear weapons also seem to be able to generate amazing cyber-weapons as well. North Korea is addicted to disrupting its targets and has a special operation that focuses simply on stealing money, particular crypto-currencies. China wants technology, and Russia tends to operate through “plausibly deniable” third parties, often young, hip computer-geeks with expensive drug habits or a taste for the finer things in life.

Because it is so disruptive, so difficult absolutely to prove beyond any doubt, cyberwarfare is rather completely unregulated. The “good” and “evil” players in the space are pretty much able to do anything they want. Our most sensitive and vulnerable critical civilian and military systems have been so tested and probed that we know without even the slightest doubt that our enemies could shut down the entire country, from air traffic to our power grids to our entire financial system.

But because of some deep and unknown reluctance by Donald Trump – will we ever really find out? – our most malevolent cyber-foe, Russia, has been given a seeming carte blanche to deploy its cyber-weapons against us with little or minimal defensive or comparable offensive efforts against them. As testimony before Congressional committees has evidenced, Donald Trump has simply not authorized the relevant national securities agencies to respond with any force. The money is authorized, but the President will not pull the trigger.

The April 2^nd The Cipher Brief warns all of us that failing to act, failing to mount counter-measures in a constant and persistent manner, not only encourages our enemies, it gives them time to operate, set up their systems (and test their effectiveness) and penetrate our capabilities with only a horribly diminished American response. Without countermeasures’ achieving some balance, we are being pushed into a serious and perhaps permanent disadvantage. Make no mistake, U.S. Cyber Command has the full capacity to do what must be done, but the political will at the top is lacking. What do these experts think we must do?

“First and foremost, in its vision, U.S. Cyber Command calls for fewer operational constraints to allow them to ‘defend forward’ and is clear: ‘We will pursue attackers across networks and systems.’ They are smart to avoid calling this ‘active defense’ – a controversial concept often mistakenly associated with hacking back – but the idea isn’t far off: by ‘seizing the initiative, retaining momentum, and disrupting our adversaries’ freedom of action.’

“This means energetically ‘contesting active campaigns,’ by kicking adversaries out of networks. If, for example, teams of the Cyber Mission Force see Russian intelligence forces building infrastructure in other countries from which to conduct additional espionage or disruptive campaigns against the U.S. and our allies, they will have the authority to apply some ‘tactical friction….compelling them to shift resources to defense and reduce attacks.’

“This might mean entering in those same systems to establish their own presence, kick out the Russians, or even take control of the Russian malware.  ‘Fewer operational constraints’ can mean doing so without asking mother-may-I or even if the Russians are in computers or networks in the territory of NATO or other allies.

“The immediate goal is to slow down adversaries with tactical friction. But (co-author of 2017 cyber-warfare study, Richard Harknett) sees a larger mechanism. Persistent engagement ‘can, over time, lead to a normalization of cyberspace that is less free-for-all and potentially more stable. It is not contradictory to assume that in an environment of constant action it will take counter action to moderate behavior effectively.’

“Related to this vision is the gaining continued access to key adversary infrastructure to make reciprocal threats. This is not part of defending forward but ensuring that if adversaries want to hold US infrastructure at risk, then the President has similar, symmetric options to respond.

“And last constant contact means potentially increasing cyber intelligence operations in ‘grey’ and ‘red’ space, that is in non-U.S. computers and infrastructure and those of the adversary. For years, this has been the case, and with a new U.S. vision to triple-down, it may increase further as all adversaries grab what they can, actively contest each other’s access, and gain new purchase in (for example) the internet backbone to better improve their intelligence advantages for persistent engagement.” The Cipher Brief.

In the end, we are going to have to figure how to lift the veil of secrecy enough for the world to develop cyber-military/civilian conventions and protocols. Treaties. As much as we can feel the threat of nuclear force at some deep and atavistic level, wars and conflicts have a much greater probability of being born out of cyber-attacks. There are so many targets, and the cyber world is not so clearly defined into civilian and military space. All that malware, hacking-searchers and disinformation is pretty much in that cyber universe… wherever that might be… ready to disrupt life as we know it.

I’m Peter Dekom, and I suspect that given a president who seems mired in the past, fighting globalization when automation is really the new challenge or tilting at nukes while ignoring the technology wars in cyberspace, it not surprising that he seems to be either corrupted or befuddled by this new battleground for the 21^st century.