Tallin
Paper No 8 Janes A. Lewis
The Role of Offensive Cyber Operations in
Nato`s Collective Defence ( Summary)
Computers
used to a hack are new military technology which are destabilizing. NATO
integrate cyber sec into its planning progress. NATO`s cyber policy emphasized
“prevention, detection, resilience and recovery. Cyber defence is a priority
and become a central component of NATO`s planning. Any unclassified NATO
network that is directly connected to the internet should be considered
potentially compromised. US intel assesses that Russia given to its records of
cyber collection, poses the greatest espionage threat to NATO computer
networks. A lack of public discourse on offensive CO undercuts the legitimacy
of NATO operations by failing to build public understanding and leaves NATO
open to charges of sinister plots. Since denial of offensive capabilities is not
credible when two NATO members are world leaders in CO.
The
parallel for NATO is that cyber attack is a weapon with both strategic and
tactical uses which only a few NATO members posses. No modern air force would
enter into combat without electronic warfare capabilities. As Cyber and EW
merge into a single activity, air ops will require cyber support. Offensive
cyber capabilities will shape the battlefields of the future. NATO`s potential
opponents will use hybrid warfare ( Iran, North Korea or none state actors as
the Syrian Electronic Army.
Offensive Cyber Operations
Cyber
attacks will serve several purposes and will not produce destructive effects
similar to kinetic weapons but will seek to disrupt data and services, sow
confusion, damage networks and computers. Offensive cyber ops would strike
military, government and perhaps civilian targets such as critical
infrastructure in opponent homeland used to support war effords. Tactical ops
would be support of combat forces and to shape the battlefield by degrading
command networks and weapons software. Tactical and operative actions will be
used against command and control systems ( incl. sensors and computer network
and against software that runs advanced weapons ( SAM or fighter aircraft).
Strategic
ops can be used in long range strikes against rear areas of the opponents
homeland including civil targets with the intention to disrupt services and
degrade moral without mass destruction. Civilian targets remain attractive
objectives for cyber attacks in support military ops ( war supporting
infrastructure, power grids, power generation facilities, telecommunications,
financial and transportation systems or government network).
Opponent use of Cyber Ops
The doctrine of today’s potential
opponents includes plans to use cyber attacks to shape the initial phases of
conflict and disrupt NATO’s response. Strikes against civilian targets risk
escalating any conflict, but an opponent may judge the risk of escalation to be
acceptable if the context for cyber attack is an offensive against a smaller
nation, such as a Baltic country, that it plans to rapidly overrun and occupy.
Cyber strikes against civilian targets in these countries could provide a few
hours or even a few days of disruption that
would in turn generate real advantage in operations planned to last only a day
or two. Cyber actions against NATO’s supporting infrastructure, to slow the
response to such an offensive, are also likely, but an opponent may choose to
limit the effects of such actions in the hopes of reducing the risk of
escalation.
While NATO’s likely opponents include those who will
make extensive use of cyber techniques, it is worth bearing in mind that the
use of offensive cyber capabilities has been minimal in recent armed conflicts
in Europe, and has been used primarily for political coercion, opinion shaping
and intelligence gathering. Unless new opponents badly misinterpret NATO’s
resolve, a blitzkrieg against NATO states is unlikely; but the kind of
hybrid warfare used against Ukraine remains a very real risk. Operations in
Georgia and Crimea suggest that we need to adjust our thinking about an
opponent’s use of cyber attacks.
Stabilising or Not
Dissimulation is an essential part of
hybrid warfare, and Europe and the US face a propaganda barrage that is much
more sophisticated than the clumsy Soviet efforts of the Cold War. The Russian
position is that NATO’s new cyber doctrine is destabilising as it threatens to
use conventional or even nuclear responses (in the Russian description of the
new policy towards low-level cyber attacks). Russia, along with NATO’s other
potential military opponents, is likely to overestimate both capabilities and
coordination among NATO member states and underestimate NATO’s will to defend. NATO’s
decision on how cyber attacks could trigger Article 5, while greeted with
complaints, had a stabilising effect. It made clear to potential opponents that
cyber attacks are not risk-free.
The
Cyber Club
Some level of cyber capability is being
acquired by all advanced militaries, and perhaps a dozen countries can be
identified from public sources as procuring offensive cyber capabilities. These
countries include several NATO members. As with nuclear weapons, the capability
to undertake offensive cyber operations is a club within a club in NATO, with
largely the same membership – the US, the UK and France. Germany’s armed forces
may also be developing offensive cyber capabilities. They also have a close
partnership in cyber espionage. This partnership is centred on a relationship
between the US National Security Agency (NSA) and the British Government
Communications Headquarters (GCHQ), both of which are intelligence agencies
with a long history of supporting military operations. Until there are better
predictive tools and judgments about risk and consequences, offensive cyber
operations will require a politically sensitive decision as to when the benefit
of an attack outweighs the political risk.
Whiskey
and Romeo
The similarity of cyber operations with
nuclear weapons lies not in destructive power – a cyber attack would not cause
anywhere near the damage that even a small nuclear warhead would produce – but
in the need for political control of release and use. The effects of a cyber
attack, while limited, are still somewhat unpredictable. The risk of collateral
damage is difficult to estimate. Computer networks are connected in strange
ways and therefore we could attack one network only to find that third party
networks depend on it. This uncertainty about effect is a constraint on
offensive cyber operations. Cyber attacks have several stages: reconnaissance
to identify the target’s vulnerabilities, developing “weaponized” code,
breaking in, delivering the software “payload”, and then “triggering” it – all
without being detected. The most harmful cyber attacks – those like Stuxnet
that cause physical damage – are still a high art of which only a few nations
are capable. While it may eventually be possible to refine the ability to
quickly deliver cyber effects and to better. Estimate the potential for
collateral damage, the requirements for preparation limit the utility of the
nuclear release model for advanced cyber attacks and highlight the need for
advance coordination and planning.
Beyond
the Nuclear Precedent
NATO could also benefit from ensuring
that its exercises include an offensive cyber component. This does not mean,
despite Russian suspicions, that NATO will plan offensive cyber operations. It
means that just as NATO aircraft are not confined to a defensive tactical role
in responding to an attack, a “counter-offensive” capability will require a
cyber component. NATO will not initiate conflict, but if conflict is initiated
by an opponent, NATO defences will be best served by including an offensive
cyber component in its planning and operations. A NATO Cyber Red Team created
to test defences would provide an incipient offensive capability, but this by
itself is not enough. A Cyber Red Team allows individuals and teams with both
the capability to break into networks and the opportunity to practise their
techniques, but it does not embed them in a planning and operational context,
nor does it connect them to the intelligence needed for a successful cyber
attack. Any conflict among advanced military powers will include cyber
activities.
Building
a Responsive Cyber Defence
The nature of warfare is changing as
opponents seek to circumvent Western military power by using a blend of
political action, special forces, proxies and irregular units, unconventional
tactics and cyber techniques to find a different way of applying force to gain
their ends. What Russia sometimes call “hybrid warfare” will challenge NATO
defence planning. NATO would never refrain from using fighter aircraft because
they can serve offensive purposes, and say it would rely solely on air defence
missiles and damage control to deal with the threat of air attack. Nor would
NATO renounce armoured vehicles and rely only on static defence. A defensive
approach that forsakes the possibility of offensive action is essentially a
cyber Maginot Line. This defensive orientation serves no one’s interest except
that of our opponents. Offensive cyber operations are similarly a part of
warfare that advanced militaries cannot ignore.
Keine Kommentare:
Kommentar veröffentlichen