On Martin Libicki’s Cyberdeterrence report (or now I know why the Air Force Cyber Command is such a mess)

Last Updated on Friday, 27 November 2009 08:23 Written by Jeffreycarr Thursday, 15 October 2009 08:57

UPDATE 27 NOV 2009): Richard Bejtlich of TaoSecurity posts an excellent review of Libicki’s paper identifying problems from a different perspective than my own.

—-

There’s no question that the Rand Corporation has a long and distinguished history as a think tank and I am one of its many satisfied customers. In fact, I highly recommend James Mulvenon’s work to everyone engaged in the Cyber domain in a law enforcement, intelligence, and/or military capacity because his work reflects his broad and deep grasp of his area of study – the military affairs of the People’s Republic of China in the area of Information Warfare.

Unfortunately, that is not the case with Martin C. Lubicki’s latest Rand report Cyberdeterrence and Cyberwar wherein he argues that “strategic cyber warfare” shouldn’t be a priority for the U.S. Armed Forces. Considering the history of cyber conflict to date, such a position requires building a well-documented case with integrated what-if scenarios if it hopes to be taken seriously. Nowhere does it do that. Instead, Libicki opts to examine the question of cyberdeterrence by casting a cyber attack as a stand-alone strategy rather than as part of a larger military operation. Libicki’s straw man argument paints cyber war as a stand-alone strategy while completely ignoring those times when nations have combined a military action with a cyber attack:

• Russian Federation: Chechnya 2002 and 2009; Kyrgyzstan 2005; Georgia 2008
• Georgia: (Russia 2008)
• Israel: Gaza war against Hamas/Palestine (2008,2009)
• Palestine/Hamas: (same as above)

There’s no mention of RF Information Warfare doctrinal writings anywhere in this report, nor is any time spent on China’s well-documented IW strategy. In fact, a check of the references in the back of this book shows only one Chinese document, the sensationalistic “Unrestricted Warfare”, written by two former PLA Colonels, neither of whom enjoyed much success in their military careers. Lubicki does look at the Gaza war of Dec 2008-Jan 2009 but completely ignores its cyber component (which Project Grey Goose explored indepth in its Phase Two report). That’s pretty astounding considering that both Israel and Palestine (through Hamas) utilized overt State-sponsored hacker attacks in addition to the noisy and mostly ineffectual mayhem caused by non-state actors.

This lack of depth regarding critical understandings about how cyber warfare has been conducted over the years continues into Appendix A where Libicki dedicates all of two pages to the topic “What Constitutes an Act of War in Cyberspace?” 2 pages? Are you f’n kidding me? Why even bring it up if you’re going to gloss over all of its complexities?

Bottom line – if you can’t show me that you understand what cyber war is and how it is being used by Nation States today and in the last 10 years; that you haven’t read those States’ important military thinkers’ writings on Information Warfare or its other iterations (CNO, IO, etc.), and either do not know or ignore the ongoing build-up of IW applications by our potential adversaries, then “how in the name of Zeus’s butt hole” (courtesy of Nicolas Cage’s character in The Rock), can you write about cyberdeterrence and expect to be taken seriously?

As a side note, the fact that this monograph was sponsored by the U.S. Air Force says a lot about the Air Force’s own sad history in trying (and failing) to claim cyberspace as its own warfighting domain.

Why China’s Protestations Ring False

Last Updated on Thursday, 23 April 2009 10:14 Written by admin Thursday, 23 April 2009 10:14

Now that the Pentagon, in conjunction with the White House, are gearing up for a coordinated approach to Cyber security and defense, the Chinese government’s protests increasingly ring hollow due to one glaring inconsistency.

Here is China’s latest protest about being blamed for the F-35 Joint Strike Fighter breach, printed in today’s China View:

“We have reiterated many times our policies of firmly opposing and severely cracking down on all crimes that damage the Internet, including hacking,” Foreign Ministry spokeswoman Jiang Yu told a regular press conference.”

So what is missing from China’s refutation?

It’s not that Jiang Yu was not being honest. The Peoples Republic of China does have laws against hacking and Internet crime, as does the Russian Federation. In that respect, the statement is 100% accurate.

The problem is that the event being disputed was not a crime according to Chinese military doctrine. Ever since 1994, the PLA has been consistent in its strategy to penetrate the networks of its potential adversaries, particularly the United States, in order to gain an asymmetric advantage in the event of war with a militarily superior foe.  This teaching goes as far back as Sun Tzu and is a cornerstone in the PLA’s modernization of their military.

What the PRC is doing here is a classic act of misdirection worthy of the best stage magician. Keep the audience focused on what you want them to see (your opposition to Internet crime), rather than what you are actually doing (your commitment to Information Warfare and the gaining of an asymmetric advantage through network espionage).

British Intelligence Warns British Telecom about its Huawei Equipment

Last Updated on Monday, 30 March 2009 09:00 Written by admin Monday, 30 March 2009 09:00

This is the stuff of nightmares in the minds of some of the brightest security pros that I know.

INTELLIGENCE chiefs have warned that China may have gained the capability to shut down Britain by crippling its telecoms and utilities.

They have told ministers of their fears that equipment installed by Huawei, the Chinese telecoms giant, in BT’s new communications network could be used to halt critical services such as power, food and water supplies.

The warnings coincide with growing cyberwarfare attacks on Britain by foreign governments, particularly Russia and China.

A confidential document circulating in Whitehall says that while BT has taken steps to reduce the risk of attacks by hackers or organised crime, “we believe that the mitigating measures are not effective against deliberate attack by China”.

The U.S. government blocked an effort by Huawei to merge with 3Com which sells electronic equipment to the Pentagon. Why? Because Huawei’s CEO is a former PLA officer and the company itself emerged from the world of defense suppliers to become a commercial corporation by order of Deng Xiaoping.

A brief mention of Huawei appears in last week’s Pentagon report on China:

Information technology companies, including Huawei, Datang, and Zhongxing, maintain close ties to the PLA and collaborate on R&D.

This Times Online story plus the release of the GhostNet and Snooping Dragon studies over the weekend serves to reinforce the reality that every Western government needs to be aware of China’s long standing commitment to Information Warfare and the many forms that it can take.