Over the years when in conversations with Law Enforcement professionals, I would often say that I was happy to be in the CISO role where I only had to dodge “cyber bullets” rather than real bullets. This may no longer be the case.
In common usage, “kinetic” is an adjective used to describe physical motion. But in Washington D.C. parlance, its meaning is derived from its secondary definition or, the state of being active, as opposed to latent.
Kinetic warfare is defined as “a euphemism for military action involving active warfare, usually including lethal force.” In other words, adversaries shooting at one another, dropping bombs, or worse. Conversely, non-kinetic (i.e., cyber) warfare, for the purposes of our discussion, involves the global theater of an increasingly digitized world in which electronic warfare occurs. Cyber warfare can be offensive and defensive, ranging from methods that prohibit the enemy from exploiting information to corresponding measures to guarantee the availability, reliability, and interoperability of friendly information assets.
Looking back in history, the concept of non-kinetic approaches to warfare is as ancient as warfare itself. Paraphrasing Sun Tzu’s “Art of War”, the aim of war should be to take the target without destroying it, and the ultimate display of skill and strategy is to subdue the enemy without a battle.
Let’s examine several of the domains of non-kinetic attacks:
Attacks in this domain include disabling or denial of availability to official business or government networks, systems, and websites, in order to disrupt or disable essential services, steal or modify data, and cripple financial systems and electricity grids, etc.
Information & Media Operations
When actors flood information and media operations with massive volumes of true or false information, targeted audiences stand a poorer chance of accurately filtering right from wrong. Whether information is believed, ignored, or distrusted will depend upon the intellectual standing of the receiver and the reputation and credibility of the sender.
Designed to enhance the efficacy of non-kinetic applications, certain explicit theories have been devised which aim to draw benefits out of chaos and disorganization. Visible expressions evident in present times include:
- Chaos – current chaotic environments are aggravated, or new ones are created to influence major adjustments or modifications in state structures such as the “Arab Spring” uprisings of several years ago and the Venezuelan situation we see today.
- Disruptive Technologies - New technologies designed to cause damages within natural and human spheres. Examples include the High Frequency Active Auroral Research Program (HAARP), which is the tampering of ionosphere and geo-physical domains for purposeful military and civilian application, Mind Control Sciences, and Extremely Low Frequency & Directed Energy Weapons like the alleged attacks on United States embassy staff in Cuba.
Operational Technology Security
One of the biggest concerns we have is in the area of operational technology security. Gartner defines “Operational Technology (OT) as hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise.”
OT includes systems such as Supervisory Control and Data Acquisition (SCADA) systems. These are prime examples of how non-kinetic systems translate directly into the realm of the kinetic (such as software that controls physical equipment). Thomas C. Reed’s book, “At the Abyss: An Insider's History of the Cold War” states that the United States embedded Trojan horse code within gas pipeline control software that the Soviet Union obtained from a company in Canada. The software controlled a Trans-Siberian gas pipeline and led to a huge explosion, “the most monumental non-nuclear explosion and fire ever seen from space”.
The software instructed pipeline components “to reset pump speeds and valve settings and produced pressures far beyond those acceptable to the pipeline joints and welds.”
Another example we are familiar with is “Stuxnet”, a malicious computer worm that targeted Iranian SCADA systems. Stuxnet exploited “zero-day” system flaws designed to target programmable logic controllers (PLCs) used to control centrifuges for separating nuclear material. “Stuxnet reportedly ruined almost one fifth of Iran's nuclear centrifuges. Targeting industrial control systems, the worm infected over 200,000 computers and caused 1,000 machines to physically degrade.”
It’s Official: Cyber Attacks Are War
On July 14, 2016, “The North Atlantic Trade Organization (NATO) officially announced that "cyber" will become an official battleground for its members, which means that cyber-attacks on one country will trigger a collective military response from the entire alliance.” This stake in the ground establishes official warfare domains as air, sea, land, and now, cyber – and underscores NATO's Article 5 “that any attack on one of its members is to be considered an attack on all, and the response should come from all.”
We now have examples where physical locations harboring hacker activities have been destroyed via military actions. In 2015, the US became the first country to respond with military force to cyberattacks, using a drone strike to kill Junaid Hussain, a British citizen. Hussain, who was in charge of the Islamic State of Iraq and the Levant (ISIL) hacker groups, used Twitter to dump personal details of US military forces.
On May 5, 2019, Israeli Defense Forces (IDF) used military force in response to a Hamas cyberattack when an air strike was launched against a building in the Gaza Strip housing Hamas cyber operatives. No details about the Hamas cyberattack were given, but IDF stated “they first stopped the attack online, and only then responded with an air strike.”
“After dealing with the cyber dimension, the Air Force dealt with it in the physical dimension," said IDF spokesperson, Brig. Gen. Ronen Manlis. "At this point in time, Hamas has no cyber operational capabilities."
Cybersecurity Matters More Than Ever
Given the recent examples of non-kinetic warfare turning kinetic, I may have to re-think my original maxim of only having to dodge “cyber bullets”! There’s no denying that times like these make incident response more important than ever.
Share This Article