Pages

9 December 2018

Drawing the line for cyber warfare

Phil Wilcox

With alleged Russian meddling in elections and the state-backed attack on Iran’s nuclear programme, it is becoming difficult to define the boundaries of cyber warfare

The difference between cyber warfare and other cyber attacks is merely a frame of reference. For example, we can define cyber warfare as cyber attacks in the context of overt military engagement, such as those conducted against so-called Islamic State as part of ongoing warfare in Syria where these attacks fall within a war’s theatre of operations.

Today’s cyber warfare would therefore be the equivalent of the Russo-Georgian war in 2008 or the annexation of Crimea in 2014, as Russia was openly involved in both conflicts. Nation-state cyber attacks, on the other hand, are covert operations. Staying with Russia as an example, a nation state cyber attack is comparable to ongoing alleged Russian intervention in Eastern Ukraine.


So in short, cyber warfare is an attack related to overt military operations, whereas nation state cyber attacks are undercover operations where prevention of attribution is a critical component.

Although attempts are made to estimate which country poses the biggest threat and whether the West could launch offensive cyber capabilities against nations like North Korea or Iran, there is no real precedent for cyber attacks as a primary component of warfare.

Cyber warfare is largely considered to be a component of information warfare by Russia and China, and is often used in support of, or to pave the way for, conventional military operations. As such, cyber warfare and cyber attacks from China or Russia are likely to be significantly more subtle than conventional warfare.

It is possible, as seen with the alleged Russian interference in the US elections, that the act of cyber warfare from the East goes unnoticed until it’s too late. Timely detection and response to such attacks is critical. A proactive offensive attack of the enemy may even be considered an appropriate course of action.

There is little public knowledge of the West’s offensive cyber capabilities. As there is a well-publicised skills shortage in the cyber security industry – particularly in the UK – this could affect both military and intelligence service capabilities. Both are unable to compete financially with the private sector, and recruitment into cyber security units in the military, such as the Joint Cyber Unit (JCU), has been impacted by this.

That being said, it is likely those being successfully recruited by the intelligence services and JCU(R) will be skilled individuals with a passion to serve their country.

It should also be stated that, unlike conventional warfare, personnel numbers has a much smaller impact on capability in cyber warfare because a small number of highly skilled individuals can conduct significant effects on adversaries.

With Brexit on people’s minds, there are questions over whether it will weaken the cyber defence capabilities of either the UK or Europe as a whole.

However, while Brexit may result in a more restricted relationship between UK law enforcement and Europol, both the UK and the majority of EU countries will remain members of Nato and, crucially, the UK will remain a member of the Five Eyes community.

As has been seen recently between the NSA in the US and the BND foreign intelligence agency of Germany, the sharing of intelligence and capability between Five Eyes and our Nato allies has not been dependant on EU membership, therefore it is highly likely it will continue.

No comments:

Post a Comment