What Might A Future Cyber-War Look Like?

We have entered the age of cyber war.   Believe it or not, cyber war operations are going on right now in many places across the globe.  Most of these operations are covert, and often hard to attribute directly to a particular nation-state or adversary.

Marc Cancian has written a gripping report titled Coping with Surprise in Great Power Conflicts.  It was written for the CSIS International Security Program, an arm of the Center for Strategic and International Studies,  At 154 pages, it is not a quick read, but well worth the look.  The book is a strategic look at the element of surprise in military operations, and uses historical examples of military surprise attacks to extrapolate what a surprise attack might look like in the present or near future.  The monograph presents 18 examples of military surprise attacks that Marc calls “Vignettes.”

As you might expect, computer technology plays an important role in modern warfare, and is well represented in most of the vignettes.  Of the 18, there were 5 that met the criteria of a cyber-war operation, in that the attack was achieved mainly or exclusively through the use of computers and networks.  We will summarize these attack vectors below.

Assassin’s Mace – Asymmetric Cyber Attack (p. 109)

This scenario has China attacking the U.S. military via the Internet and through compromised military networks.  Attacks are designed to destabilize the military.  One tactic is draining military families’ bank accounts and retirement accounts.  Another attack uses a YouTube video purportedly showing the gang-rape of two Japanese girls by U.S. soldiers on Okinawa, which creates mass demonstrations and chaos around the military base.  Another involves planting child pornography on the computer of a senior Air Force commander, and the release of these images on the base Facebook account.

Many other variations of these cyber-attacks are described in the monograph.  These attacks would be possible because of the real world compromise of the records of the Office of Personnel Management in 2015, and subsequent breaches.

U.S. Military Satellites Neutralized (p. 112)

This time the Chinese use spearphishing emails targeting Air Force personnel in the Air Force Space Command to move laterally from personal and unclassified networks, into the classified military satellite control networks.  Uploading a malicious software “patch,” the Chinese are able to deorbit military communications and tracking satellites at a critical moment to support Chinese ground and naval operations.

Pearl Harbor 2.0 – Drone Style (p. 113)

In this vignette, the Chinese (again) use civilian container ships loaded with large and small drones carrying large and small shaped charges.  As ships approach bases at Okinawa, Guam, and Pearl Harbor, the drones are released.  The larger drones take out satellite and radar dishes.  Hundreds of smaller drones target airplanes, trucks, and ship-board naval weapons systems, exploding at strategic points designed to cause damage. Although there is little loss of life, damaged naval and air systems will required months to repair.  Communications are also significantly damaged, making operational command difficult.

Stab in the Back – Bad Chips in Air to Air Missiles  (p. 117)

One more attack from the Chinese, this time by supplying, over a period of decades faulty microprocessors used for air-to-air missile guidance systems.  This prevents the missiles used in combat from locking onto a target, and results in unusually high losses of fighter aircraft.  This prevents them from successfully preventing an airborne bombing attack on Guam.  I’ve been warning for decades that it is a mistake to have the majority of electronics fabrication and manufacturing in China, and it is scenarios such as this one that are the reason why.

Hybrid Attack on NATO (p. 124)

Russia is well represented in the monograph, but their efforts at surprise attacks did not fit my criteria from cyber-war as well as the examples above did.  But here is a scenario where the Russians combine cyber operations with ground and air operations against NATO in a hybrid attack.  This attack compromises air defense systems, and civilian electric and gas distribution networks.  It also uses on-line media and social networks to pump up “reasons” for a military occupation of Latvia, Lithuania, and Estonia.  This scenario is based on the very real-world occupations of the Crimea and parts of Ukraine, by Russian troops who were supported by cyber operations that took out electrical distribution and communications networks.

If you are a student of military tactics, you will probably find the entire monograph enjoyable and informative.  This monograph presented many plausible scenarios that could be used by Russia, China, or another nation-state to start military operations against U.S. allies or military bases.  I fyou want to read it yourself, I’ve provided a link below.

More information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.