Dismantling cyber warfare on “3 troubling cyber scenarios worth discussing” @ Defensesystems.com
I hate to speculate what would happen in scenarios defined. I believe, 1st & foremost – there is NO massive, traditionally thinkable “launching a offensive cyber action” scenario existing. There is no need or possibility for it. The ‘cyberwep’ differs here quite much from kinetic ones, and yes – there is NO counterpart either. So we can forget that, for now.
The set of TTP:s involved with cyber capabilities shall require, for time being, a vast amount of information exploitation, intelligence, development and co-ordination capabilities that enters step-by-step within the theater of operations. Automation shall enable execution of many parts on its tasking overall, but it cannot be simply called a “launching of operation”, merely as tasking is certain amount tactical movements. Yes, there are technical tasks as well, like combining information and building tactical payloads for weapons delivery platform(s).
Talking about the locations involved in operation makes a very little sense. The operational capability shall extend from far reach of the decision making cycle, dashboards and UI:s towards the heat of the kinetic battle space using UAVs, ELINT intercepting capabilities and USB sticks in parallel able to connect via WLANs to neared available piece of hardwire providing the cyber capabilities for requested task. Just as an example of the cyber domains depth and width to compare for any traditional “artillery”.
What is cyber weapons platform? Its service architecture, such similar we can find in many of the corporation applications now served through clouds. No significant high-level architectural difference there.
It’s relatively hard to realize that U.S. nor than any other country is capable for exact attribution of ‘enemy within’. One of the problem cyber capabilities bring to the table is that offensive deployment can stay dormant in the physical country, datacenter or geographical area for years without a notice and then suddenly brought online to perform the high yield operation as planned. Nation can be “occupied” before “it is”; so no warning before wiping down the decision making data needed to make the decisions. Savvy?
This gives very little time for reaction and even less for the adversary targeting. Similarly, the capability can be dismantled within seconds and by leaving no trace only pushing defensive side to start investigation doomed to fail and consuming resources. While this may continue 4-5 times during a week with different kind of objectives, targets and aftermath – potentially forcing decision makers to radical judgments to close some networks harming the society badly. What if the adversary deploys from well-known and important institution that ‘can’t be shut down’?
Our integrated society, unfortunately, saws itself to knee.
There is no sense making of scenarios as cyber warfare offers simultaneously defensive and offensive capabilities and different movement-counter movements may happen within blink of eye.