Thursday, June 25, 2009

The New Global Cyber Cold War

There have been some rather dramatic moves in the world of cyber warfare over the last couple weeks which has brought the need for standardized interoperability & cooperation within multinational cyber defense systems to the forefront.

Last month President Barack Obama said protecting the US computer networks from attack would become a national security priority and that his administration would take active steps to protect critical pieces of US's network infrastructure. Continuing on that promise, yesterday US Defense Secretary Robert M. Gates issued an order creating US CYBERCOM a military command that will defend US military networks against cyber warfare. The very public disclosure places the United States within a broader group of countries pitted against one another in what can only be described as a "Global Cyber Cold War".

In his memo, Gates recommended that Lt. General Kieth B. Alexander the director of the National Security Agency (NSA) be promoted and run both the NSA and US CYBERCOM. The new command will be a division of the U.S. Strategic Command, which is responsible for operations pertaining to nuclear and cyber warfare. Gates also directed that the command needs to be fully operational by October 2010.

The memo went on to say that "more than 100 foreign intelligence organizations are trying to hack into the U.S. government's 15,000 networks, which connect 7 million computers, according to Deputy Defense Sec. William Lynn."

Alan Paller, the well-known director of SANS Institute had some great insight into yesterday's announcement:“Melding both defensive and offensive missions under the same command will allow for better threat preparedness. A unified command also increases the potential for interoperability and both process sharing and real time information sharing among the services".

The United States isn't alone in creating a cyber warefare division. Earlier this week Britain also announced the creation of a new "Cyber Security Operations Centre" which is said to bring together the expertise of MI5, the Government Communications Headquarters (GCHQ) listening post in Cheltenham and the Metropolitan Police force.

According to a statement by Britain's Security Minister, Lord West he said "It would be silly to say that we don't have any capability to do offensive work from Cheltenham," he went on to say that they had not employed any "ultra, ultra criminals" but that they needed the expertise of former "naughty boys". Which I think is British lingo for experienced network hackers & crackers.

Recently there has been growing concern among cyber security experts that we are now in the midst of (as I mentioned previously) a “cyber cold war”. Most if not all G8 countries now have some kind of cyber command amid escalating fears that hackers could gain the technology to shut down the computer systems that control the various G8 governments critical infrastructures such as power stations, water companies, air traffic, government and financial markets.

There have even been indications that Al-Qaeda has been actively engaged in the development of a so called "Jehadi Botnet" a.k.a "Jihadinet" ironically through the recruitment of zombie PC's in the United States. Which also raises the question of how do you fight an enemy that can actually be part of your very own network infrastructure?

With all this talk of offensive as well as defensive network tactics, the core concepts of network interoperability and cooperating among "allied" nations is quickly becoming a major point of contention. Last year seven NATO nations and the Allied Command transformation signed the documents for the formal establishment of a Cooperative Cyber Defence (CCD) Centre of Excellence (COE). The centre was formed to conduct research and training on cyber warfare including specialists from the sponsoring countries, Estonia, Germany, Italy, Latvia, Lithuania, Slovakia and Spain with United States, Canada, Britian said to be joinng in the near term.

Unnamed sources have also told me that one of the key areas of exploration for the Nato's Cooperative Cyber Defence initative has been focused on the development interoperability standards among the various state sponsors. What's all the more interesting is that the same requirements we seem to addressing in standardized interoperable cloud computing are also the same basic requirements needed for a multinational cyber defense force.

It is my opinion that as we move forward into this new world of proactive network defense, we must work to strength a cooperative environment among the various participants / combatants. The first step is ensuring we have a some-what uniform way for the various parties to to communicate with one another, and that means the creation of interoperability standards.

#DigitalNibbles Podcast Sponsored by Intel

If you would like to be a guest on the show, please get in touch.