Reducing America’s Cyberwar Capabilities to a Maginot Line?

If it’s O.K. to attack me, and I’m not going to do anything other than improve my defenses every time you attack me, it’s very difficult to come up with a deterrent strategy.” – Gen. James E. Cartwright

From 1930-1940 France created a line of defenses that ran along its border with Germany and Italy. The massive fortification of bunkers, artillery emplacements, tank obstacles and machine gun nests was created to protect France and deter any possible invasion from foreign countries. It was strong, almost impregnable, and would be very difficult for any nation to attack it without suffering great loss.

When WWII started, Germany simply went around it and defeated France in a very short amount of time.

Defensive strategy is a good thing, but you must also have a capable offensive force. Strong offensive capabilities can deter attacks all together.  A nation will think twice before attacking a country if the target force is strong enough to counter attack and cause significant damage.

The United States has been ravished electronically by infiltrating sources that have pilfered military secrets, financial information and account credentials. According to some, our national infrastructure has also been infiltrated and key systems backdoored. The enemy shows no signs of letting up, but how could these attacks continue so unabated?

Especially when the US is so technologically advanced. Surely the US must have some sort of offensive deterrent.

Rest assured, the US is just as capable, if not more, than any other nation of performing offensive capabilities. But we are hamstrung by legalese and political infighting. According to an article on Federal Computer Week, cybersecurity has become a political partisan issue in congress.

It also appears that military offensive capabilities are on hold for a “legal review of cyber capabilities intended for use in cyberspace operations.” AIR FORCE INSTRUCTION 51-402 is an interesting read and really displays the issues that we are facing. Some points that stick out are:

  • Ensure all weapons being developed, bought, built, modified or otherwise being acquired by the Air Force that are not within a Special Access Program are reviewed for legality under LOAC, domestic law and international law prior to their possible acquisition for use in a conflict or other military operation. This authority may be delegated to the Director, Operations and International Law Directorate (AF/JAO).
  •  3.1.2.1. Whether the weapon or cyber capability is calculated to cause superfluous injury, in violation of Article 23(e) of the Annex to Hague Convention IV; and
  • 3.1.2.2. Whether the weapon or cyber capability is capable of being directed against a specific military objective and, if not, is of a nature to cause an effect on military objectives and civilians or civilian objects without distinction.

These issues need to be ironed out quickly. We cannot rely on defensive capabilities alone. With no threat of retaliation, the offensive electronic onslaught will continue against this nation.

~ by D. Dieterle on October 7, 2011.

2 Responses to “Reducing America’s Cyberwar Capabilities to a Maginot Line?”

  1. While your post seems generally sensible, the problem with it is that it’s premise is that defenses are failing, whereas I would say there are no real defensive capabilities in use, at least of a high assurance ilk, and DoD has shown a refusal, ineptitude, inability or whatever, to use them even at key nodes.

    • Very interesting points. Sometimes the security is very good, but internal employees purposefully bypass it. I have seen IT admins use encrypted tunneling channels to bypass pesky corporate firewall restrictions.

      But things do happen that make you scratch your head. Like the recent malware infection at Creech AFB. How could gaming/social media malware get anywhere near secured systems?

      Especially when military bases have separate public systems where you can check social media sites, play games, etc.

      Thanks for the comment Rob!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: