Has the threat of cyberwar entered a significant new phase? Unpicking the burgeoning reports of activity on the digital battlefield
CYBERSPACE. Some call it the new domain of war, after land, sea, air and space. The 2010 Stuxnet cyberattack on Iran’s uranium enrichment plant, suspected to have come from Israel or the US, seemed to confirm this status.
Stuxnet raised the spectre of cyber-sabotage. The recently discovered Duqu trojan, which contains some Stuxnet code, is built to steal information about computers controlling industrial plants. IT security analysts such as Symantec suspect Duqu came from the same source as Stuxnet, and may be seeking vulnerable points for future sabotage.
October saw a glut of talk about cyberwar. News reports in the US claimed that Barack Obama’s administration chose not to launch a cyberattack against Libyan air defences in March. Also in October, the Pentagon announced that the joint chiefs of staff, the country’s highest military officers, were reviewing the rules of engagement for cyberwar. A few days later, another report suggested China may have launched a cyberattack against two US civilian satellites.
Despite all this activity, the nature of cyber-threats remains poorly defined. Analysts have been warning for years about vulnerabilities in US government and private computer networks. In 2009, Obama launched a 60-day cyberspace security review to assess the threats. It concluded they were dire, and urged government-wide coordination to fight the threat under the direction of the US National Security Council, along with cooperation with other countries and private industry.
Firewalls guarding US military information are attacked relentlessly, sometimes successfully. “Over the past decade, terabytes of data have been extracted by foreign intruders,” then US deputy defence secretary William Lynn said in July. A single intrusion in March saw 24,000 files stolen.
Yet cyberwar goes far beyond this activity. There is industrial espionage; criminal attacks, including stealing military secrets; and selling counterfeit military parts on the internet, which can damage or destroy equipment. Insurgents and opposition groups pose their own threats. Thus security must go far beyond protecting government documents and facilities.
In May 2010, the Pentagon established the US Cyber Command to fight the threat. So far its budget is a relatively lowly $2 to $3 billion. Given this, its strategy, announced in July, stressed defence.
Bookmark this page for “cyberwar” and check back regularly as these articles update on a frequent basis. The view is set to “news”. Try clicking on “video” and “2” for more articles.