Tue, Jun 30, 2009 - Page 9 News List

The end of cyber-innocence

The Pentagon is setting up a unified US Cyber Command to oversee protection of military networks against cyber-threats, a sign that the Obama administration is joining a new arms race

By John Naughton  /  THE GUARDIAN , LONDON

Last Wednesday, US Secretary of Defense Robert Gates announced the US was finally getting its act together on cyber-warfare. After a couple of false starts and a good deal of bureaucratic infighting, the Pentagon is setting up a unified US Cyber Command to oversee protection of military networks against cyber threats. It will be called USCybercom and will be led by the director of the National Security Agency, Lieutenant General Keith Alexander.

In a memo to the joint chiefs of staff, Gates said he had directed General Kevin Chilton, head of US Strategic Command, to develop implementation plans for the new command, which he wants on his desk by the beginning of September. Gates says that he expects USCybercom to be up and running by October and to have reached “full operating capability” within a year. That is light speed by federal government standards, so you can bet something’s up.

What it signifies is official recognition by the administration of President Barack Obama that the world has embarked on a new arms race. The weapons this time are malicious data-packets of the kind hitherto employed mainly by spammers, malware programmers, phishers, hackers and criminals. But whereas those operators are in business for mischief or private gain, nations will use their cyber-tools to wreak economic havoc and social disruption.

We’ve already had a case study of how it will work. Two years ago, Estonia experienced a sustained cyber-attack. It happened during a period of tension between Estonia and Russia.

“For the first time,” The Economist reported, “a state faced a frontal, anonymous attack that swamped the websites of banks, ministries, newspapers and broadcasters; that hobbled Estonia’s efforts to make its case abroad. Previous bouts of cyber-warfare have been far more limited by comparison: probing another country’s Internet defenses, rather as a reconnaissance plane tests air defenses.”

The onslaught was of a sophistication not seen before, with tactics shifting as weaknesses emerged. Individual “ports” (firewall gates) of mission-critical computers in, for example, Estonia’s telephone exchanges were targeted. The emergency number used to call ambulance and fire services was out of action for more than an hour. And so on.

It was a chilling demonstration of what is now possible, and it made governments sit up and take notice. Estonia is a member of NATO and the alliance responded by setting up a specialist cyber-warfare base in the country. Its code name is K5 and British reporter Bobbie Johnson visited it this year.

Johnson recounts what one of the staff told him about how NATO would react to another cyber-strike: “Overwhelming response: a single, gigantic counterstrike that cripples the target and warns anyone else off launching a future cyber-war. He isn’t sure what it would look like, but the show of force he envisages is so severe that the only thing he can compare it to is a nuclear attack.”

Hyperbole maybe, but all military establishments are tooling up. Last Thursday, British Prime Minister Gordon Brown revealed that his government had set up a “strategic” unit within the Government Communications Headquarters (GCHQ). Lord West, the retired admiral drafted in to the Home Office to look after security, told the BBC that “the government had developed the capability to strike back at cyber attacks,” though he declined to say if it had ever been used.

This story has been viewed 5851 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top