Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Defense Department’s Cyberwar Credibility Gap

Undersecretary of Defense William J. Lynn has published an essay in Foreign Affairs magazine redefining the United States’ stance towards cyberwarfare, and he’s already getting shot at – primarily by IT pundits who find it hard to believe that the incident which led to the Pentagon’s recognizing cyberspace as a new “domain of warfare” could have really happened as described.Cyberwar - William J.
</p>
</span>
				<div class=

Undersecretary of Defense William J. Lynn has published an essay in Foreign Affairs magazine redefining the United States’ stance towards cyberwarfare, and he’s already getting shot at – primarily by IT pundits who find it hard to believe that the incident which led to the Pentagon’s recognizing cyberspace as a new “domain of warfare” could have really happened as described.Cyberwar - William J. Lynn

In his essay, “Defending a New Domain,” Lynn recounts a widely-reported 2008 hack that was initiated when, according to Lynn, an infected flash drive was inserted into a military laptop by “a foreign intelligence agency.”

Critics such as IT security firm Sophos’ Chief Security Adviser Chester Wisniewski argue that this James Bond-like scenario doesn’t stand up to scrutiny. The primary issue is that the malware involved, known as agent.btz, is neither sophisticated nor particularly dangerous. A variant of the SillyFDC worm, agent.btz can be easily defeated by disabling the Windows “autorun” feature (which automatically starts a program on a drive upon insertion) or by simply banning thumb drives. In 2007, Silly FDC was rated as Risk Level 1: Very Low, by security firm Symantec.

Use of agent.btz Questioned

The question posed by Wisniewski and others is, why would a foreign intelligence agency attack the U.S. government with such a low-powered weapon? While making it clear that he has no insider knowledge of the incident, Wisniewski argues that the scenario put forth by Lynn isn’t credible. In his words, “Either it wasn’t put there by a foreign government or it wasn’t agent.btz.”

Tom Conway, security firm McAfee’s Director of Federal Business Development, doesn’t find it difficult to believe that a foreign government would make use of agent.btz. “Why reveal your trade craft if something that’s widely available on the black market will do the job?” he asks. He is, however, very concerned about what the attack revealed about the state of U.S. military security. “One, the fact that the network was vulnerable shows a lack of governance. Two, it shows that classified information is at risk, not just unclassified. Three, it shows that our adversaries are aware of One and Two.”

When interviewed by the influential security blog Danger Room, Lynn refused to provide any details about the incident or to discuss any retaliatory measures that might have been taken.

An Evolving U.S. Policy

The question of whether the 2008 hack is to become the Tonkin Gulf of cyberspace has to some extent overshadowed the content of the article, which is significant as a new framing of the Obama administration’s cyberspace policy.

Advertisement. Scroll to continue reading.

The essay characterizes the threat to U.S. interests as “asymmetrical,” a military term of art that is used to describes conflicts such as the one now taking place in Afghanistan, where skirmishes against guerrilla forces replace conventional battles, and where the enemy may make up for what it lacks in numbers and firepower with agility and cunning. The deterrence models of the Cold War – assured retaliation – do not apply. Rather, “Deterrence will necessarily be based more on denying any benefit to attackers.” Targets may be non-military, such as U.S. power grids, transportation networks and financial systems.

To combat cyber threats, Lynn has ordered the creation of a single, four-star command, the U.S. Cyber Command, which is to become fully operational by October. The new command will have responsibility for day-to-day protection of defense networks, and will work with “a variety of partners” inside and outside the U.S. Government, including the FBI, the Department of Homeland Security, the Justice Department and the Defense Information Systems Agency.Subscribe to SecurityWeek

The Pentagon has already deployed three overlapping lines of defense: a new emphasis on basic computer hygiene (e.g. updating patches promptly), the use of intrusion detection sensors, and the use of government intelligence capabilities to provide “highly specialized active defenses.”

Lynn also calls for “dramatic improvements in the government’s procedures of acquiring information technology.” At present, the time from funding to deployment of a new government IT system averages 81 months, which is obviously too slow to keep up with the pace of technology.

Related Column: China’s Cyber Threat Growing

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...