17 January 2017

US Dim Mak point 2: Vulnerability to cyber/electronic warfare


BY VICTOR N. CORPUS

THE United States is the most advanced country in the world in the field of information technology (IT). Practically all of its industries, telecommunication systems, key government services and defense establishments rely heavily on computers and computer networks. But this heavy dependence on computers is a double-edged sword. Advanced IT has thrust the US economy and defense establishment ahead of all other countries, but this strength has also created an Achilles’ heel that can potentially bring the superpower to its knees with a few keystrokes on a dozen or so laptops.

Other technologically advanced nations like China, Russia, Japan, Germany, and Israel are equally vulnerable to cyber warfare like the US. In a way, cyber warfare levels the playing field for other weak nations, as good hackers can also originate from technologically weak nations, and one needs only a couple of really good cyber warriors to launch a cyber attack against a target nation.

What can a full-scale cyber war look like, say, to a major country like the US? Here is an outline of a possible worst-case scenario: A swarm of cyber warriors begin hacking at America’s business, government and military establishments. America’s command, control, computer, communication, intelligence, surveillance and reconnaissance (C4ISR) system will be one of the prime targets. The US ballistic missile system, the anti-ballistic missile system, and the air defense system would be priority targets as well. (Just imagine US ICBMs reprogrammed by hackers to explode a few seconds upon launch!) Neutralization of these systems through cyber attacks would decapitate the entire US defense and deliver a fatal blow to its center of gravity, such as the North American Aerospace Defense (NORAD) computers.

A major, all-out cyber attack, however, will not be limited to attacks on strategic military offensive and defensive systems alone. The US banking system will surely come under attack. Serious attempts will be made to disrupt the stock market as well. Other vital services will be equally vulnerable. The air traffic control system can be disrupted or manipulated to cause air traffic collisions. The train traffic control system can be manipulated in the same manner to cause train “accidents.” Pressure in oil and gas pipelines can be overloaded to cause major pipeline disasters. Dams can be made to burst, telecommunication systems to fail, faucets to run dry, power plant generators and power grids to malfunction, and nuclear power plants to experience catastrophic meltdowns.

All of these potential effects of cyber warfare can engulf the US mainland in a well-planned cyber-attack or counterattack in the event of a major confrontation between America and major powers like China or Russia. More ominous, there is no foolproof method of defending against this type of attack. A case in point is the “storm worm” that affected millions of computers worldwide. Its source code is constantly updated by its authors, which allows it to morph and adapt, giving it the ability to defeat anti-virus software thrown against it. It can lie dormant, enabling it to evade anti-virus programs searching for it, and be activated at a moment’s notice. And it allows the hacker who created and released the “worm” to control all infected computers. Computer security experts suspect that Russian hackers created and released the “storm worm” into the World Wide Web.

The “war memorial” incident in Estonia graphically illustrates the use of information warfare by Russia against an adversary. Estonia forcibly transferred a Soviet-era World War II memorial statue to a new location. This action by the Estonian government inflamed Russian nationalistic passions. Russian response was immediate and devastating. Russian cyber warriors launched a massive distributed denial of service botnet attack against Estonia’s national information infrastructure. As reported in the Guardian of UK on May 17, 2007, this undeclared cyber war by Russia paralyzed the websites of government ministries, political parties, newspapers, banks and private companies of NATO-member Estonia.

A more ominous application of this new form of warfare debilitated Georgia during the five-day war with Russia on August 2008. Russia combined a physical military attack with information warfare against Georgia when US-trained and -equipped Georgian troops attacked South Ossetia. The result was a humiliating rout of the invading Georgian forces. This marked the first recorded instance of a cyber attack coordinated with a conventional attack by one nation against another.

Even now, the US is blaming Russia for hacking the Democratic National Committee and Hillary Clinton’s email and leaking them to the US public that turned the tide against Clinton causing her to lose to Trump. This incident exemplifies the high level and sophistication of Russia’s cyber attack capability to the extent that Russia can influence the results of US presidential elections.

Russian capabilities in cyber warfare is equally matched by its demonstrated capabilities in electronic warfare, as exemplified by the USS Donald Cook incident whereby the US warship (an Arleigh Burke-class US guided-missile destroyer DDG-75equipped with the modern Aegis defense system) was paralyzed by a Russian Su-24 fighter while it was performing a mission in the Black Sea on April 12, 2014. As the Russian Su-24 fighter plane approached the ship, all radar, satellite feed, and radio/telephone signals went blank, as in a TV set that was turned off by a hand-controlled remote device. The Russian jet then made a dozen low fly-byes, buzzing the helpless US destroyer before leaving the scene. Ironically, the same incident was repeated again this year in the same Black Sea with the same US destroyer. (You can watch the incident in YouTube.)

China, on the other hand, aware of the great importance and huge impact of cyber warfare on China’s overall security, decided to make a major reorganization of the entire People’s Liberation Army at the end of 2015–the first PLA reorganization since 1952. In that reorganization, two new services were formed: the Rocket Forces and the Strategic Support Forces. The Rocket Forces being elevated to the level of the Army, Navy, and Air Force was expected; but that of the Strategic Support Forces was unexpected. This is how much the Chinese leadership values the important role that the Strategic Support Forces will play in the future; it is now on the same level as the Army, Navy, Air Force and Rocket Force. Under this service are space warfare, cyber warfare, and electronic warfare–-all consolidated under one roof. It also includes intelligence and psychological operations.

From Bloomberg News (October 23, 2015): “A unified command would be ‘a pretty big deal’ in organizing domestic cyber forces to ‘win informationized local wars,’ according to Council on Foreign Relations cyberspace program director Adam Segal, citing a goal enshrined in China’s first white paper on military strategy released in May… ‘It would be an official sign that cyber attacks would be used in a military conflict,’ he said. ‘Theoretically, it would allow them to concentrate resources in one place and create specialized forces, and might make it easier to plan joint operations’.”

The consolidation of cyber, information, electronic, and space warfare into one major service of the PLA would eliminate redundancies, reduce costs, and facilitate joint operations; but it could just be the tip of the “iceberg”.

One of the fundamental military doctrines since the time of Mao up to now is the concept of “people’s war”. Even in this day and age of revolution in military affairs (RMA), Mao’s people’s war remains relevant, especially when applied to information or cyber warfare. The PLA Strategic Support Force (SSF) recruiting and mobilizing cyber warriors from its two-million strong People’s Liberation Army (PLA) is indeed huge by itself; but this is just the tip of the iceberg. With a population of nearly 1.4 billion, an education system considered as one of the best in the world (see OECD PISA test results in Google), aided by two of the fastest supercomputers on earth (Sunway Taihu Light and Tianhe 2), and with China graduating the most number of engineers in the world annually (some 600,000), this submerged and hidden main body of the “iceberg” can be tapped by the SSF to form a massive and invincible information/cyber force for defense and offense under the concept of modernized “people’s war”. This is the advantage of China that no other country can match.

A graduate of the Philippine Military Academy Class of 1967, and an MPA 1990 from the Kennedy School of Government, Harvard University, retired Brig. Gen. Victor N. Corpus spent five years with the New People’s Army (1971-1976). He was detained for 10 years under martial law and sentenced to death by musketry, but later became Chief of the Intelligence Service of the Armed Forces of the Philippines.

No comments: