The Known Unknowns Of Cyberwar

Noting that we still can’t say for sure whether the Sony hack was the work of North Korea, Schneier discusses the implications of a form of warfare in which the perpetrator can’t be immediately identified:

When it’s possible to identify the origins of cyberattacks—like forensic experts were able to do with many of the Chinese attacks against U.S. networks—it’s as a result of months of detailed analysis and investigation. That kind of time frame doesn’t help at the moment of attack, when you have to decide within milliseconds how your network is going to react and within days how your country is going to react. This, in part, explains the relative disarray within the Obama administration over what to do about North Korea. Officials in the U.S. government and international institutions simply don’t have the legal or even the conceptual framework to deal with these types of scenarios. …

It’s a strange future we live in when we can’t tell the difference between random hackers and major governments, or when those same random hackers can credibly threaten international military organizations. This is why people around the world should care about the Sony hack. In this future, we’re going to see an even greater blurring of traditional lines between police, military, and private actions as technology broadly distributes attack capabilities across a variety of actors. This attribution difficulty is here to stay, at least for the foreseeable future.

Neal Pollard compares the reality of cyberwar to what our military and intelligence brass had assumed it would look like:

Secretaries of Defense have been talking since the 1990s about a “cyber Pearl Harbor,” typically characterized as a massive attack on infrastructure such as the electric grid or transportation, usually envisioning massive economic damage and even great loss of life, as a strategic element accompanying a broader conflict among powers. This has been the dark future of various government and think-tank scenarios, predicting how nation-states would use cyberspace as a battlefield for national political or military advantage.

What we have seen over the past few years in the United States has been different: nation-states like (possibly) Iran and North Korea, using damaging but fairly limited attacks against specific companies such as banks, oil producers and media companies, to pursue rather tactical foreign policy goals, with no significant military context. … While it is true some states such as Georgia, Ukraine and Estonia have suffered wider-scale cyber-attacks, these have been within a broader context of threatened or actual military conflict. If the Sony and similar episodes are harbingers of future cyber conflict, then private-sector corporations might be dragged into state-driven geopolitical conflict as instruments of foreign policy and economic pressure, long before they become trenches under fire on a digital battlefield.

Meanwhile, Greenwald rails on on the media for swallowing the government’s line that North Korea did it, despite a lack of evidence to that effect:

It’s tempting to say that the U.S. media should have learned by now not to uncritically disseminate government claims, particularly when those claims can serve as a pretext for U.S. aggression. But to say that, at this point, almost gives them too little credit. It assumes that they want to improve, but just haven’t yet come to understand what they’re doing wrong. But that’s deeply implausible. …

U.S. journalists don’t engage in this behavior because they haven’t yet realized this. To the contrary, they engage in this behavior precisely because they do realize this: because that is what they aspire to be. If you know how journalistically corrupt it is for large media outlets to uncritically disseminate evidence-free official claims, they know it, too. Calling on them to stop doing that wrongly assumes that they seek to comport with their ostensible mission of serving as watchdogs over power. That’s their brand, not their aspiration or function.