Fighting a war on yet ANOTHER front?

The information networks of 72 international organizations, governments, and companies have been quietly hacked over the last five years by one “state actor” in the largest ever series of cyber-attacks, and has been dubbed "Operation Shady RAT" (for Remote Access Tool) according to a report released by the California-based IT security company McAfee on Wednesday, August 3rd, 2011. While McAfee declined to identify the "state actor", Jim Lewis, a cyberexpert with the Center for Strategic and International Studies, believes China is most likely responsible for the cyber espionage campaign given that some of the targets possess information that would be of particular interest to Beijing.

Dmitri Alperovitch, Vice President of Threat Research with McAfee, wrote the following in one of his blog posts:

What we have witnessed over the past five to six years has been nothing short of a historically unprecedented transfer of wealth - closely guarded national secrets (including from classified government networks), source code, bug databases, email archives, negotiation plans and exploration details for new oil and gas field auctions, document stores, legal contracts, SCADA configurations, design schematics and much more has “fallen off the truck” of numerous, mostly Western companies and disappeared in the ever-growing electronic archives of dogged adversaries.

What is happening to all this data — by now reaching petabytes as a whole — is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape and the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world, not to mention the national security impact of the loss of sensitive intelligence or defense information. (emphasis added)

There is a book written by two senior Chinese colonels titled "Unrestricted Warfare" (.PDF) published in February 1999.  This document describes a departure from "traditional" nation-state warfare where the military and non-combatants are clearly separated, to a more aggressive view with the "new principles of war" defined as follows:

the new principles of ware are no longer "using armed force to compel the enemy to submit to one's will", but rather are "using all means, including armed force or non-armed force, military and non-military, and lethal and non-lethal means to compel the enemy to accept one's interests."

Note the transition from "submit to one's will" to "accept one's interests", possibly indicating that the traditional all-out conquest is not necessarily required to achieve a long term goal. These is important enough that the authors reemphasize the point again almost verbatim later in the document.

For those of you that have dug into this "light reading", the scenario sounds all-too-familiar. Here are a few quotes from the document that should stir your gray matter:

"As we see it, a single man-made stock-market crash, a single computer virus invasion, or a single rumor or scandal that results in a fluctuation in the enemy country's exchange rates or exposes the leaders of an enemy country on the Internet, all can be included in the ranks of new-concept weapons."
...
"What must be made clear is that the new concept of weapons is in the process of creating weapons that are closely linked to the lives of the common people."
...
"... technological progress has given us the means to strike at the enemy's nerve center directly without harming other things, giving us numerous new options for achieving victory, and all these make people believe that the best way to achieve victory is to control, not to kill."
...
"We believe that some morning people will awake to discover with surprise that quite a few gentle and kind things have begun to have offensive and lethal characteristics."

Quotes from "Unrestricted Warfare"

Unfortunately, most Americans either willfully ignore or are completely oblivious to the scale of our vulnerabilities. Several quickly come to mind:

- The security (or lack thereof) of our national power grid
(see (ABC) Cyber Attack on U.S. Electric Grid 'Gravest Short Therm Threat' to National Security, Lawmakers Say)

- Our military technology vulnerable to components manufactured outside of the country
(see (Homeland Security Newswire) Fake chips from China threat U.S. military systems)

- Our national dependence on the Internet, and the hardware/software vulnerabilities of the infrastructure
(see (Forbes blog) Study finds firewalls from Cisco, Fortinet, others vulnerable to old attack)

So, from this foxhole, here's a few questions to ponder:

- At what point do acts of cyber espionage transition to all-out cyber attacks?

- At what point does the U.S. stop playing defense and "go on the attack" with countermeasures of our own?
(economic sanctions, counter-cyber attacks, etc.)

- What will it take to "shore up" U.S. defenses in this much larger battlefield?

More Info

• (MSNBC) US was chief target of cyber attacks: McAfee
• (McAfee blog) Revealed: Operation Shady RAT
• (Homeland Security Newswire) Fake chips from China threat U.S. military systems
• (ABC) Cyber Attack on U.S. Electric Grid 'Gravest Short Therm Threat' to National Security, Lawmakers Say
• (Forbes blog) Study finds firewalls from Cisco, Fortinet, others vulnerable to old attack