What is cyber warfare? The term sent around the Internet like some kind of rhetorical catch all for computing abuse is nearing on useless. There are concepts that are inclusive of cyber warfare and what it likely means. If we look at a Parks and Duggan definition of cyber warfare (Parks & Duggan, 2001) we see the standard computer network attack (CNA) concepts like degrade, disrupt, or destroy applied through the lens of kinetic warfare. This is interesting because Killcullen will also use these concepts to describe various actions of non-state kinetic warfare actors (Kilcullen, 2009). The small wars doctrine and more recently counter insurgency literature has remarkable intersections with the cyber warfare domain.
When thinking about large scale divulging of information the Wikileaks debacle allows us to consider the deeper ramifications. How does this environment affect the conflict domain? How do these events affect freedom of speech? What are the aspects of use and dissemination involved with Wikileaks?
A retrospective on terrain
Describing the terrain of cyber warfare previously the elements of asymmetric capability and the force multiplier of technology are described in depth (Liles, 2009). The Internet is a tool that has significant inherent capacity as a resource to allow for the mythical super-empowered-individual described by Friedman while describing Osama Bin Ladin and to some extent Bill Gates (Friedman, 1999). These two examples steadfastly found in the domain of counterinsurgency and technology. It should not be a surprise to see the concepts of low intensity conflict/insurgency and cyber warfare linked by authors (Liles, 2010a).
Using the terrain as a tool should really be no surprise to any scholar of Clausewitz or Sun Tzu. The principles of terrain and the strategic/tactical decisions for a commander based on terrain are therefore similar in existence if dissimilar in execution between the terrestrial domain and cyber domain. Yet humans operate in both domains and there remains a point of conflict. Dartnell discussed in depth how online insurgencies can erupt among populations of users (Dartnell, 2006) and this was preceded in seminal work by Arquilla and Ronfeldt (Arquilla & Ronfeldt, 2001). We should not be surprised then to see the rise of criminal and social-political activist groups like Wikileaks and Anonymous.
Cultural strategic obligations
Groups like Anonymous and Wikileaks have existed for a long time. Levy writing about the first age of hackers in his book Hackers: Heroes of the computer revolution even evokes militancy in his title. The anti-hero of his book Richard Stallman has a near Che Guevara quality in his proto-socialist stance against the existence of computing software as a intellectual property (Levy, 1984). It should be no surprise then to scholars of insurgency that an entire doctrine in technology has followed this from the 1960s societal revolutionaries through the generations of computers into a current post-tech pseudo privacy cyber age.
Those raised with explicit beliefs instilled through various advocacies have adopted those biases and act upon them. Anonymous’ primary goal and stated reason for existence is the cessation of punitive copyright law and corporate sponsorship of lawfare campaigns against the disenfranchised. Wikileaks primary reason for existence is the exposure of national secrets that are deemed through their process to be counter to the good graces of national conduct and seemingly any form of transparency within the governance process. This last bit being a bit fuzzy as the maturation process seen with Anonymous has not occurred yet within the Wikileaks organization.
There have been numerous headlines about the weeks of December 2010 being the start of another cyber war. There are current discussions about how this compares with the Estonian and South Ossetia v. Georgian episodes. I would suggest that none of these rise to the occasion when examined through the lens of computer network attack, or the examples of guerilla warfare discussed by Killcullen. Fortunately we do have some examples of where war might take us.
One of the issues is likely that insurgency as described by Killcullen and computer network attack is simply tactics within the spectrum of conflict and not the socio-political acts of war. I am a technologist not a political scientist so I will let others argue the crux of that point. I do not expect an answer soon. War as a legal term in the United States of America has become nearly useless by itself. The political punditry alone could make many dissertations with no real answer. If we maintain our focus and take a near Clausewitz (Clausewitz, 1989) approach we can sneak up on the term a bit.
I would suggest a dirty definition that war is the act by a nation state to enact using violence political purpose upon another nation state through resource disruption, degradation, and destruction. Unfortunately that is leading us back around in the circle. Insurgency is the act of disruption, degradation, and destruction of resources used by the population and government. Winning is necessarily important to the nation state but political action is only necessary for the insurgent. The insurgents whether online or terrestrial bound do not have to win to succeed. That leaves us back where everybody seems to give up describing war. War, I can’t define it, but I know it when I see it
The lens of conflict
Disruption through the use of the ubiquitous distributed denial of service (DDOS) is the low hanging fruit for the online insurgent. The use of improvised explosive devices by insurgents in various theaters has not denied the terrain to the military but has disrupted the ability to move freely. Similarly the use of the DDOS by Anonymous will not result in cessation of MasterCard or PayPal but it is annoying and resource intensive to respond to. This is the lowest level of insurgent activity. It is important to note that the political purpose though contrary to good order may be inherently a protected form of speech. The law has not caught up to these forms or acts of rebellion. Protesting is a historically hot topic within American politics and over-responding to the acts of malcontents carries the risk of empowering them much like heavy-handed military action can embolden terrorists and insurgents.
Degrading of systems starts where the denial of service (DDOS) ends. The ability to command and control large scale military systems has only increased as the barriers to technology have decreased (Cogan, 2007). To that end whether thinking of the military targeting systems or corporate systems for point of sale keeping the systems running with integrity and efficiency is important. The act of cyber espionage has often been attributed to China (Cooper, 2006; Espiner, 2005; Lewis, 2005; Rogin, 2006; Sevestopulo, 2007). This likely ignores the corporate espionage that is happening at a much more refined level across the corporate enterprises. This is in keeping with the low intensity conflict model that was first suggested in the early 1980s (U.S. Policy and low intensity-conflict: Potentials for military struggles in the 1980’s, 1981), and as part of the Goldwater-Nichols Act (“Goldwater Nichols Department of Defense Reorganization Act of 1986,” 1986).
Degrading systems though can lead to the their destruction. Much has been written on the StuxNet worm. It is interesting to note that the StuxNet worm (Falliere, Murchu, & Chien, 2010) worked on the centrifuges much like the Idaho National Labs “Aurora” project did on a generator. Simply by changing the system parameters large-scale destruction occurred. Disruption of a system can lead to degrading the performance of a system (stuxnet, Aurora) which then subsequently destroys the target.
The method of attack in these cases is not simple but they are not difficult either. As we have seen with Anonymous using an application to allow volunteers to participate without significant knowledge. The use of tools that have been generated by relatively few can allow for lower technical barriers to entry. I would even suggest much like the AK-47 lowered the cost and technology barrier to revolution, the tool suite of Metasploit (“Penetration testing: The Metasploit project,” 2010) has lowered the barrier to entry for online revolutionaries.
Dealing with the cascade of events
Authors of small wars doctrine discuss how insurgents use the materials of the aggressor nation state against the nation state. It is nearly ignored that the nation state or large corporations inherently own much of the infrastructure used by online insurgencies. The model with deepening examination between the two conceptual bastions grows closer. Yet we still must clearly place Wikileaks and Anonymous fully out of the cyber warfare box. Their attacks tease at rising to the occasion but simply do not pass from protestations into war while looking at linking disruption to destruction. Whether the act of espionage and resulting legal instruments of that charge could be brought forward is unknown.
Elsea writing for the Congressional Research Service discusses that “18 U.S.C. 793 prohibits gathering, transmitting, or receipt of defense information with the intent or reason to believe the information will be used against the Unite States or benefit a foreign nation” (Elsea, 2010, p. 4). Continuing to examine the relevance to the Wikileaks case Elsea opines that jurisdiction since 1961 was expanded beyond the borders of the United States (Elsea, 2010, p. 9). Discussing the case of a German national, in Germany, actively seeking out information to harm the United States the statute would consider to be upheld. If as Elsea constructs this case any people working with Wikileaks to deliver information to foreign nations could be prosecuted under this provision. The counter to this argument according to Elsea is the AIPAC case (p. 11). Since that case was not fully adjudicated it is still open whether simply transferring information could be charged or if hostile intent seems to be required.
A consistent question with Wikileaks disclosure of information is whether viewing classified information in the media is reason to refuse or remove a security clearance from a government worker. Though claims of State Department proposed actions have seemed to be refuted the question remains. The totalitarian answer is absolutely. Whether in the secure compartmentalized information facility or sitting at home reading a favorite blog or news site the government employee is held accountable. This though suggests that the government employee is some entity with suspended rights to see what other people are exposed to freely. Elsea (Elsea, 2010, p. 15) citing a court decision (Sable Communications of California v. Federal Communications Commission)
“Where speech is restricted based on its content, the Supreme Court generally applies “strict scrutiny,” which means that it will uphold a content-based restriction only if it is necessary “to promote a compelling interest,” and is “the least restrictive means to further the articulated interest”
In contravention of the totalitarian answer is the likely position that colloquially the “cat is out of the bag”. Since the information is being exposed through mainstream media those with security clearances should feel no issue with seeking, seeing, or being exposed to the leaked classified information. This though is a wholly erroneous answer that ignores basic tenets of information theory. There is deep and abiding risk to a simplistic mass disclosure abetted by willful and flagrant abuse of security standards by people with clearances and access to the information.
In the seminal work by Kahn he discussed the theory of information leakage and the efforts by the allies to attempt to not allow adversaries to know that they were reading their messages (Kahn, 1996, p. Page Pending) during World War 2. Contextual relevance by cleared individuals can be determined by unclassified responses to that information. If a particular cable is released and there is an emotional (if unclassified) response to that cable by people in the intelligence community that leaks information. Simplistic analysis of Internet message forums already would provide substantial secondary contextual relevance to reactions based on the measly number of leaked cables. Information leakage based on the responses of leaders and practitioners (subtexts) could provide an intelligence coup to an adversary substantially worse than the original leaks (“Google Insights for Search,”). Unfortunately simple interest in the information could and likely will result in leakage of information to foreign adversaries even if completely unclassified in nature.
Cryptographic theory suggests that the disclosure of cables with time, date, and content may represent a terrible toll on security of communications. Simply stated. Each cable with an associated date and time stamp could result in the cracking of cryptographic traffic that may not have been disclosed. Depending on the functioning of the systems the cribs of the messages may allow for transmissions previously considered secure, and not currently disclosed to be cracked based on the enormous volume of traffic already disclosed. The leaked cables represent cheat sheets for cracking codes.
The ethics of disclosure
There are numerous ethical standards and contemporary conduct or morals that can be applied to the divulging or trafficking in the material provided by Wikileaks by news agencies and bloggers. The evaluation will likely depend more about community morals than the actual ethical conduct. I personally am more than willing to pillory those who cry foul about Wikileaks without having first cleaned their own house that allowed the information to be divulged in the first place (Liles, 2010b). However, I am also willing to cry foul about the actual impacts and now known impacts of Wikileaks when disclosing completely and not considering the ramifications of those actions.
The blogger engaging in the use of Wikileaks materials might consider the following:
1) Does the information add to the common good or is it merely salacious?
2) What are the secondary use ethical issues in using information and further disseminating it with additional contextual relevance?
3) Will the use of Wikileaked information have a negative and possible egregious effect upon your readership? How responsible and concerned are you for that readership?
Quite plainly there are quite a few more questions a blogger or writers could consider. There are various codes of journalist ethics that a blogger or writer can adhere to. Many contain provisions that state the use of surreptitious means should be avoided, the use of materials without corroboration should be avoided, and to distinguish between advocacy and reporting (Society of Professional Journalists). There are elements within most ethical standards to minimize harm. Each blogger should reflect upon these before using the materials. To be sure it is at this point absolutely protected speech to use materials once they are in the common vernacular as discussed earlier. Lots of things are legal it is trickier and more personal to decide if they are ethical and moral.
Conclusion
It is not supported through the research or evaluation that the events of Wikileaks and Anonymous rise to the level of cyber warfare. Hyperbole though fully invested within the press does not provide the evidence of the act. Annoying, destructive, and likely criminal would all describe the attacks perpetrated by the Anonymous group. It is not in the best interest of the United States population to lower the bar of war to the point these acts could be described as war. Protests whether positive, popular, just or annoying are a part of the American experience. There are specific Constitutional protections in place to protect the ideas that are not popular. Constitutional protections have been several times pointed out by the Supreme Court of the United States particularly of interest in protecting the unpopular ideas not the mainstream.
As to the leakage of information and the likely consequences over the next few months it is imperative that a non-totalitarian or draconian review of the information security policies in the federal government take place. Continuing leakage deterred only through technology and weak policies will only impact the act of governance and likely fail much like they did in the Wikileaks disclosure. Caution for those who have worked with this information is suggested as simplistic responses may still leak key contextual elements that could be worse than the original disclosure. The fact that these cables represent 250K pads to crack the cryptographic systems currently used has not even been discussed in the media.
Bibliography
Arquilla, J., & Ronfeldt, D. (2001). Networks and netwars: The future of terror, crime, and militancy. Santa Monica, CA: RAND.
Clausewitz, C. V. (1989). On War (Indexed ed.). Princeton: Princeton University.
Cogan, K. J. (2007). A view of command, control, communications, and computer architectures at the dawn of network centric warfare. Issue Paper Center for Strategic Leadership, 2-07.
Cooper, S. (2006). China’s secret war. Popular Mechanics, August.
Dartnell, M. Y. (2006). Insurgency online: Web activism and global conflict. Toronto: University Toronto Press.
Elsea, J. K. (2010). Criminal prohibitions on the publication of classified defense information. Retrieved December 6, 2010. from http://www.fas.org/sgp/crs/secrecy/R41404.pdf.
Espiner, T. (2005, November 23, 2005). Security experts lift lid on Chinese hack attacks Retrieved November 17, 2007, 2007, from http://news.zdnet.com/2100-1009_22-5969516.html
Falliere, N., Murchu, L. O., & Chien, E. (2010). W32.Stuxnet Dossier: Symantec.
Friedman, T. L. (1999). The Lexus and the olive tree: Understanding globalization. New York: FSG Books.
Goldwater Nichols Department of Defense Reorganization Act of 1986, 99-443 C.F.R. (1986).
Google Insights for Search. from http://www.google.com/insights/search/#q=wikileaks&geo=US&cmpt=q
Kahn, D. (1996). The code breakers: The Comprehensive history of secret communication from ancient times to the Internet. New York: Scribner.
Kilcullen, D. (2009). The accidental guerrilla: Fighting small wars in the midst of big ones. Oxford: Oxford University Press.
Levy, S. (1984). Hackers: Heroes of the computer revolution. New York: Penguin Putnam.
Lewis, J. A. (2005). Computer espionage, Titan Rain, and China. Washington DC: Center for Strategic & International Studies.
Liles, S. (2009). Cyberspace a terrain: Weaponization of the global grid Retrieved December 9, 2010, from http://selil.com/?p=233
Liles, S. (2010a, June 15-18). Cyber warfare: As a form of low intensity conflict and insurgency. Paper presented at the Conference on Cyber Conflict, Tallinn, Estonia.
Liles, S. (2010b). Wikileaks: Admirals in armchairs not realizing they are in fifth generation war Retrieved December 10, 2010, from http://selil.com/?p=1695
Parks, R. C., & Duggan, D. P. (2001). Principles of cyber-warfare. Paper presented at the 2001 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, NY.
Penetration testing: The Metasploit project (2010). Retrieved December 9, 2010, from http://www.metasploit.com/
Rogin, J. (2006, May 25, 2006). DOD: China fielding cyberattack units Retrieved November 1, 2007, from http://www.fcw.com/online/news/94650-1.html
Sevestopulo, D. (2007, September 3, 2007). Chinese military hacked into Pentagon Retrieved November 17, 2007, from http://www.ft.com/cms/s/0/9dba9ba2-5a3b-11dc-9bcd-0000779fd2ac.html?nclick_check=1
U.S. Policy and low intensity-conflict: Potentials for military struggles in the 1980’s (1981). New York: Transaction Books.
1 comment for “The collision of small wars and cyber wars is not a wikileaked Internet”