Wired online magazine has an interesting article about the implications of the Stuxnet worm for cyber-warfare in general.
Remember the years-long controversy about whether the U.S. or the Israel would bomb Iran’s nuclear program? It appears they just did - virtually. And if they did, they also may have expanded our sense of how nations wage war in cyberspace.
For all the hype, 'cyberwar' has been a bush-league affair so far. Websites get defaced or taken offline, or an adversary’s software gets logic-bombed into a malfunctioning mess. Analysts warn that future assaults could fry an electrical grid (if it’s networked too well) or cause a military to lose contact with a piece of its remotely-controlled hardware. But that’s about the extent of the damage. Only the Stuxnet worm may point to a huge innovation for cyberwar: the mass disablement of an enemy’s most important strategic programs.
Stuxnet’s origin is unknown. Attributing credit for Stuxnet is rightly the subject of geopolitical intrigue. As our sister blog Threat Level has exhaustively reported, the worm eats away at a very specific kind of industrial control system: a configuration of the Siemens-manufactured Supervisory Control and Data Acquisition (SCADA) system that commands the centrifuges enriching uranium for Iran’s nuclear program, the key step for an Iranian bomb. But the Stuxnet whodunit may be solved: it appears to be a joint U.S.-Israeli collaboration - and a cyberwarfare milestone.
The New York Times doesn’t have definitive proof, but it has fascinating circumstantial evidence, and Threat Level’s Kim Zetter will publish more on Tuesday.
. . .
The early stages of cyberwar have looked like a component effort in a broader campaign, as when Georgia’s government websites mysteriously went offline during its 2008 shooting war with Russia. The Navy’s information chief recently suggested that jamming capabilities will be increasingly important to Chinese military doctrine. The difference between that and Stuxnet is the difference between keying someone’s car and blowing up her city.
With Stuxnet, there’s no broader conventional assault, but an adversary’s most important military asset gets compromised. The mission of an aerial bombardment of Iran would be to set Iran’s nuclear program back; to at least some degree, Stuxnet has done precisely that. Only Stuxnet didn’t kill anyone, and it didn’t set off the destabilizing effect in the region that a bombing campaign was likely to reap.
In other words, Stuxnet may represent the so-called 'high end' of cyberwarfare: a stealthy, stand-alone capability to knock an opponent’s Queen off the board before more traditional military hostilities can kick in. It wouldn’t be taking out a particular ship’s radar system or even a command-and-control satellite. All of that could still happen. But this would be the first instance of cyberwarfare aimed at a truly strategic target.
. . .
All this has major implications for U.S. military doctrine. There isn’t any for cyberwarfare, for instance. The new U.S. Cyber Command describes its primary mission as protecting military networks from incoming assault, and says very little about what its offensive mission might be. Writing malicious code and transmitting it into enemy networks, up to and including nuclear controls, even in advance of conventional hostilities, could be CYBERCOM’s next big step. It would represent an update to the old Air Force dream of strategic bombing (.pdf), in which bombing an enemy’s critical infrastructure compels him to give up the fight.
That also points to the downside. Just as strategic bombing doesn’t have a good track record of success, Stuxnet hasn’t taken down the Iranian nuclear program. Doctrine-writers may be tempted to view cyberwar as an alternative to a shooting war, but the evidence to date doesn’t suggest anything of the sort. Stuxnet just indicates that high-level cyberwarfare really is possible; it doesn’t indicate that it’s sufficient for achieving national objectives.
There's more at the link.
Wired's analysis dovetails neatly with a recent report that the US Navy's next-generation jammer (NGJ) will include an 'airborne network invasion weapon'.
A few years ago, the U.S. Air Force first demonstrated the ability to create a focused datastream with its EC-130 Compass Call aircraft that could be filled with invasive algorithms and fired into the antenna of an integrated air defense system and its wirelessly-connected missile launching vehicles. The capability was exercised in a progressive series of 'Suter programs'. The effects on the enemy network were monitored by an RC-135 Rivet Joint. Now the Navy will install the capability on fighter-size tactical aircraft.
"I think [Suter] is a good description of NGJ [capability]," says Vice Adm. David J. Dorsett, deputy Chif of Naval Operations for information dominance and director of naval intelligence (N2/N6).
"Yes, correct," he says, the Navy is planning to put the capability on tactical aircraft. "Next Generation Jammer is a focus for that type of capability."
NGJ is part of a Navy effort from 2010 to 2020 to refocus research and development on non-kinetic capabilities like information operations, network invasion and electronic attack.
Again, there's more at the link. The mention of 'Suter programs' is particularly interesting, given that they're believed to have been used by Israel to facilitate Operation Orchard, a strike against what is reported to have been a North Korean-sourced nuclear facility in Syria in 2007.
What's even more interesting is that far more is known about US activities in this field than about, for example, Chinese or Russian developments. I suspect they're at least as busy in this field as the USA (although I'm willing to bet Israel is probably the world leader in this field . . . at least for now).
Looks like things are about to get rather nerve-wracking in military cyberspace, both offensively and defensively.