I find myself in near-total agreement with Mike Tanji’s piece at ThreatsWatch, Burying Nitze, which examines the futility of applying Cold War strategic and operational models to the modern conflict environment:
The problem of course is that it’s a lot easier to attempt to focus on a narrow set of legacy futures rather than to start to develop new ideas. Whether history repeats or rhymes, there is no rule that says we need to mimic the most recent tune on the radio when there is an epic playlist to consider. Rather than spend countless hours and billions of dollars trying to shoe-horn Vint Cerf thinking into a Paul Nitze world, how about looking around for more appropriate metaphors – or considering something original – for the security problems of the actual physical and digital worlds in which we operate?
I say ‘near-total agreement’ because I’m not sure (yet) that cyber deterrence is purely an ‘academic exercise’. That’s mainly because I still have some thinking of my own to do on the subject, although the following (from an as-yet unpublished essay) serves as my interim summary of the future of cyber deterrence.
For a number of reasons, nuclear deterrence does not easily translate to cyber, although theoretical avenues and practical options should continue to be explored. Whilst cyber deterrence is not dead as such, it may be that it becomes a quiet component of strategic deterrence, or a side-effect of a defensive-offensive strategy in cyberspace. Generally, we are beginning to construct a more comprehensive picture of the cyber threat environment than has previously existed, but must remain mindful of Colin Gray’s assertion that, in security terms, the future is never ‘foreseeable’. As we adapt to cope with this ‘new’ realm of operations we have to adopt flexible and adaptable structures and concepts to address the reality of the threat and its evolving nature. This entails moving beyond nuclear-era thinking; there are indications that cyber strategy is doing so, even if an institutional lag currently exists.
What is clear is that an integrated cyber strategy is necessary that incorporates elements not only of military deterrence, but of law, economics, diplomacy and intelligence, without which there is little hope of dissuading or deterring cyber attacks, whatever their source. Cyber deterrence remains, ultimately, a psychological rather than technological project, and carrots may eventually prove more effective than sticks in effecting positive outcomes in cyberspace.
US Cyber Security is Back On the Agenda – Peter Warren, The Guardian
Scientists Promise an End to Web Attacks – David Neal, V3.co.uk
Cyberattacks Against Critical U.S. Networks Rising at a Faster Rate – Jill R. Aitoro, NextGov
Cyber Security Of Defense Forces In India Is Required – ITvoir.com
1 Billion Mobile Internet Devices Seen By 2013 – Antone Gonsalves, InformationWeek
New Tech in Emergencies and Conflicts: Role of Information and Social Networks – Patrick Philippe Meier
Internet Stats – Trefor Davies
Cybersecurity Task Force Established – InfoSecurity
Oh Canada! Quelling Cybersecurity Threats – James Jay Carafano, Washington Times
Yesterday, the House of Lords continued its enquiry into protecting the EU from large-scale cyberattacks (previous posts here, here and here). The committee heard evidence from Ilias Chantzos, Symantec’s director of government relations for Europe and Asia Pacific, and Jose Nazario, manager of security research, Arbor Networks. No surprises here:
- EU has role as facilitator for trust and co-operation
- keep EU’s touch light
- need more co-operation with existing organisations, e.g. FIRST
- industry up-to-speed generally with security threats but vigilance and improvement necessary
- risk management approach necessary / 100% security impossible
- EU must engage with US, Russia, China, etc.
- ‘cyber war’ “follows diplomatic tensions, does not lead them”
- threats increasing year on year
- military (NATO) response and involvement must be proportional
- very unlikely the internet will ‘collapse’
- consumers need to be educated
- ENISA doing a good job, all things considered [and we'll hear from them next week]
This was very much a session in which the Committee heard a lot of corroboration of previous evidence, and in which they must have thought a consensus is developing about the cybersecurity role of the EU, NATO, etc. I would caution against hearing too many more persons from industry, as they’re inevitably going to counsel an anti-regulatory, anti-interventionist approach. That said, I agree with them on that score.
Video of the hearing available here.
Next meeting: 16 December 2009, evidence from Dr. Udo Helmbrecht, Executive Director, and Jeremy Beale, Head of Stakeholder Relations, European Network and Information Security Agency (ENISA)
Three meetings in January 2010, with report delivery ‘by Easter’, according to committee officials.
Lost Naval USB Stick Triggers Investigation – InfoSecurity
Naval Academy to Add Lesson on Cyberwarfare – Brian Witte, Washington Times
The First Decade: Has the Internet Brought Us Together or Driven Us Apart? – Johann Hari, The Independent
Ruggedised Botnets Pushing Out Even More Spam – John Leyden, The Register
Fox News Embraces Cyber-Terrorism to Subvert the Copenhagen Summit – David Fiderer, Huffington Post
Cyber ‘Czar’ Job Description Needs Redefining – Eric Chabrow, GovInfoSecurity
Kaspersky: Cyber Terrorism a Real Threat – Kirsten Doyle, ITWeb
TV News: CBS to Solve More Crimes With Anthony Zuiker’s Cyber Crimes – Kevin Coll, Fused Film
Will 2010 Bring a Wake-up Call for Cybersecurity? – Rutrell Yasin, Government Computer News
New SRI Study Plans to Explore How Players Behave in Virtual Games – Max Burns, Pixels and Policy
Cybercrime is Crime with Different Tactics: Interview with Bruce Schneier – InfoSecurity
OK, so this is actually a little light on numbers, but interesting nonetheless:
Huang Xueping, spokesman of the Ministry of National Defense of the People’s Republic of China (PRC), categorized the military activities in 2009 into four types. Besides military mutual visits, constant breakthroughs have been made in the Sino-foreign joint military exercises and military trainings, and the escort operation conducted by the naval taskforce of the Chinese People’s Liberation Army (PLA) in the waters off the Somali coast has directly developed military cooperation in the non-traditional security field.
On the occasions of the respective 60th anniversaries of the founding of the PRC, the Navy of the Chinese PLA and the Air Force of the Chinese PLA, a number of international officers were invited to attend the celebrations and the Chinese PLA’s peace-loving, open and ready-for-cooperation image is reinforced.
In the analysts’ opinion, what’s underlying the military activities can be detected: with the increasing transparency of the Chinese military, the Chinese PLA strikes a more open and confident posture to the public across the world and it’s also true the other way around.
For instance, regarding information release, the website of the Ministry of National Defense of the PRC was launched in August this year. The website drew wide attention of the public home and abroad in the very beginning and immediately turned into a hot topic in the coverage of various media. The hits at the website of the Ministry of National Defense of the PRC in a single day exceeded 130 million at the highest and the number of hacker attacks amounted to 2.3 million in the first month of the website’s formal operation. The data about visits as well as attacks to the website manifests how much attention the Chinese military is drawing around the world.
Openness means confidence. According to Zhang Zhaozhong, deputy director of the Teaching and Research Department of Military Logistics, Military Science and Technology and Equipment of the National Defense University, the year of 2009 is a year crucial for the Chinese military to demonstrate its military diplomacy of a big country. On the one hand, Chinese economy still enjoys robust growth despite the financial crisis engulfing the world, China’s overall national strength is beefed up, and China gains more and more recognition of other countries. As an integral part of the overall national diplomacy, the military diplomacy should be suitable for the development of the country. On the other hand, with the notable improvement of the Chinese PLA in its strength and ability, the Chinese military diplomacy embodies more and more confidence.
As expected by Zhang Zhaozhong, the Chinese military diplomacy will continue to feature the posture of military diplomacy of a big country and it is a prevailing trend that China will establish transparent military relationship of mutual trust with other countries.
From eng.mod.gov.cn via defpro.
