As America crawls toward retaliation against Syria
for its government's use of chemical weapons on its citizens, debate
rages over what form it should take. Could cyberweapons be part of such
an action?
"Cyberweapons are just another piece of our military arsenal and
should be considered along with every other military option," security
expert and author
Bruce Schneier told TechNewsWorld.Cyberweapons can destroy equipment without harming people, he noted, but they can be hard to target and they can hurt innocents -- not only in the country at which they're targeted but in other countries as well.
"Additionally, cyberattacks are a new aspect of warfare, and one not under any existing international agreements or treaties," Schneier pointed out. "The routine use of cyberattacks will continue to fuel the Internet arms race. It will destabilize the Internet to the detriment of the entire world."
Calculus of War
In the past, cyberweapons may have been considered outside the order of battle for a conventional engagement, but that's not the case any more."If a decision is made to take some military action against Syria, then a modern component even of limited warfare right now is cyberwarfare, and I'm sure that's going to be part of the calculus of how best to respond to the gas attacks in Syria," said Jamie Barnett, a former Navy rear admiral and head of the cybersecurity practice at Venable.
The decision to use cyberweapons could hinge on existing cyberespionage activity in the Arab nation.
"Americans may already be inside Syria's networks, and they may want to preserve that ability to gather intelligence -- so they may not want to use cyberweapons if they would interfere with that ability," Barnett noted.
That makes a cyberattack highly unlikely, maintained Mikko Hypponen, chief research officer of F-Secure.
"I'm sure the USA is doing cyberespionage to follow what's happening inside Syria, but I'm not holding my breath to see Stuxnet 2 hit Damascus," he told TechNewsWorld.
Although cyberweapons may be used, they may be a stealth component in an attack.
"Certain capabilities in the cyberattack world will likely be used, although the public may never know they were used," Denim Group Principal John Dickson, a former Air Force intelligence officer and an advisor to the Air Force Commanders Group, told TechNewsWorld.
"The same might hold true for the Syrians," he added.
Hacked Radars
There could be some hesitancy to use cyberweapons in Syria, because once they're used, their surprise value disappears."Cyberweapons, in most cases, are very intelligence-dependent and in certain cases take months, if not years, to prepare," Dickson explained.
"At the highest levels, there might be some reluctance to use cyberweapons, lest we tip our hand to more formidable potential future threats, like Iran or China," he said. "We might need those capabilities more in those scenarios."
Syria is no stranger to being the target of cyberweapons, observed John Murphy, a network security researcher with FlowTraq. During an Israeli action against Syria in 2007, news surfaced that a kill switch had been planted in the Arab nation's radar installations.
"It was widely reported that this ensured the secrecy of missions and the safety of the jets," Murphy told TechNewsWorld.
"Less remarked but just as important is that it meant Israel was able to more precisely target those radar installations from a closer distance. Fewer bombs dropped from a closer distance mean fewer bombs gone astray, and in turn fewer civilian casualties," he explained.
"However, one aspect will weigh heavily on the minds of anyone deploying these technologies: Very often they are single-use," Murphy pointed out.
"The kill switch trick Israel reportedly used will probably never work again," he said. "Whatever the U.S. does, it will tip its hand to its capabilities. Every other government on the planet, friend or foe, will watch what the U.S. does and then check to see whether a similar attack would work on them."
Pandora's Box
The military may consider cyberweapons just another tool, but whether they should be used at all in a Syrian action is debatable."This is the wrong time and the wrong weapon for Syria," David Bodenheimer, head of the homeland security practice at Crowell & Moring, told TechNewsWorld.
International law bars the use of offensive cyberweapons, he argued. "Anybody that has reviewed the existing treaties and laws for international warfare would conclude that there is at least doubt about the international authority to use cyberweapons offensively."
Use of offensive cyberweapons could open a Pandora's box.
"Openly using cyberweapons against Syria will legitimize cyberattacks and open up the rest of the world to use them even when there is serious doubt about whether the weapons are being used for self-defense or not," Bodenheimer explained.
It's not in the best interests of the United States to use cyberweapons against Syria, he maintained, because it has more to lose should its cyberattack have unintended consequences.
"The U.S. has more targets for cyberattacks than any country in the world," Bodenheimer said. "If we pick a cyberwar on Syria, we have a lot more at stake should they open up offensive attacks on us."
What's more, once cyberweapons are unleashed, they don't disappear. They can be scrutinized by the enemy and others.
"Stuxnet, for example, was captured, extensively analyzed, broken down and then became available for reuse," Bodenheimer observed.
"We have other options beyond cyberweapons for use in Syria," he added. "It seems to me that it would be prudent to preserve our current arsenal of cyberweapons -- whatever they may be -- in reserve for a time and scenario where we have few if any other options to stop a threat."
0 comments:
Post a Comment