“We’re working on being able to have a platoon take a cyberspace capability, maneuver it to a point on the battlefield where they’re in a position to range the target and then be able to deliver an effect to deny that enemy the ability to communicate,” Burnett says. Asked if he can elaborate, he simply smiles and says, “No, I can’t.”
It’s a common response from all here who refuse to specify what they’re able to do once they hack into enemy systems, citing the sensitive nature of that information.
But the exercises conducted at this range offer some clues. For example, battlefield commanders when deciding to attack a fixed position usually include in their plan some sort of diversion to help diffuse the danger posed to their assaulting force. That would have been limited previously to, for example, employing smoke canisters or a mortar or artillery strike on another part of the enemy facility. Cyber operators here say they’re able to provide other options to the same commander that can achieve comparable effects.
Some of the other tactics employed by real-world enemies provide greater context into how the U.S. is preparing technically for war.
Russia, China, and insurgent networks like the Islamic State group have demonstrated a mastery of exploiting open-source networks like closed-circuit video feeds or social media platforms to help survey the battlefield and influence the population they’re trying to control. And that’s part of the exercises here – there are traffic cameras installed in the training center’s mock-up towns with a public feed, further complicating moving military vehicles through those positions.
The U.S. Army is experimenting with using small drones like this one to accompany foot patrols, allowing soldiers to track enemy cell phone signals and other forms of communication.
The instructors have also set up dummy social media sites reminiscent of Facebook, Twitter, YouTube and GoFundMe. The training units are expected to monitor those in addition to the traditional enemy battlefield maneuvers. If donations begin to increase toward a “GoFundMe” account that turns out to be a front for the enemy to raise funds for weapons, that’s a sign to the trainee force that their attempts to win over the local population might not be working.
There are, however, limitations on how far the U.S. is willing to go in this realm. Trying to exploit a soldier’s use of his or her personal electronic accounts is off-limits during the exercises, even if they were to post something revealing about their simulated activities. (These kinds of slip-ups have had real-world effects, such as the Russian soldier whose seemingly benign selfie accidentally confirmed his unit was, indeed, within Ukrainian territory.)
Some of the same kinds of restrictions apply on potential battlefields: A U.S. intelligence officer who asked that his name be withheld points out the U.S. rules for fighting cyberwars prohibit shutting down all information to a civilian area. This differs from some areas in eastern Ukraine, for example, or in Crimea, where separatist forces backed by Russia have successfully limited locals’ electronic access only to information vetted by Moscow, according to troops on the ground who have liberated these areas.
“I don’t think it’s any different from the challenges that the infantry squad or platoon faces when they go outside the wire,” says Capt. Robert Busby, a defensive cyber specialist, referring to troops who leave the confines of a U.S. base to go on patrol. “Just because the bad guys don’t play by the rules doesn’t mean we’re going to throw the rulebook out the window.”
One of the greatest complicating factors falls squarely on Busby’s specialty, which is preventing attacks against the Army’s networks and identifying those who try. Some of the world’s best hackers distinguish themselves by being able to mask their identity or making it seem as though someone else launched the attack.
“What we don’t want is to ever go on the offense when you don’t have clear attribution,” Busby says.
Identifying the tools the enemy is using provides an effective way at countering them, he adds. Conventional weapons, for example, like smart bombs or missiles have the same effect each time they’re employed. Hackers like Busby, however, train to identify the electronic versions of these weapons, reverse-engineer them and stop them before they’re able to strike their intended target.
“So, every time you fire that weapon, you’re basically hitting the tank with rubber bullets,” Busby says. “It forces the enemy to go back to the drawing board and [spend] a lot of time and a lot of money figuring out how to attack us. We can deter them, because if they know they’re going to burn a tool the second they use it, they’re going to be a lot less likely to want to use it.”
Fighting cyberwars is inherently complicated, not in the least because they usually take place in what the military calls “gray space” – civilian areas an enemy targets specifically because it muddies how their opponents can respond. And the U.S. has a lot of work left to do.
“The challenge is the knowledge gap,” Burnett says, “informing [commanders] of what cyberspace operations really is, and then training, and having time to train.”
“Our adversaries in conflicts around the world have proven the information environment is here, and it has measurable impact in conflicts.”
No comments:
Post a Comment