Inside Cyber Warfare - Jeffrey Carr [95]
Resources are finite in every organization, which means building a robust set of defenses for classified networks will often come at a cost for the defenses for unclassified networks. Normally, the decision to allocate resources to classified networks as opposed to unclassified networks is clear cut, but in this day of OSINT and ubiquitous social media, a savvy collection of unclassified pieces can give an adversary a clear picture of classified operations.
Chapter 11. The Role of Cyber in Military Doctrine
We are detecting, with increasing frequency, the appearance of doctrine and dedicated offensive cyber warfare programs in other countries. We have identified several, based on all-source intelligence information, that are pursuing government-sponsored offensive cyber programs. Foreign nations have begun to include information warfare in their military doctrine, as well as their war college curricula, with respect to both defensive and offensive applications. They are developing strategies and tools to conduct information attacks.
—John A. Serabian, Jr., Information Operations Issue Manager, Central Intelligence Agency, before the Joint Economic Committee on Cyber Threats and the US Economy, February 23, 2000
This chapter examines the military doctrines for cyber warfare being developed by the Russian Federation (RF), the People’s Republic of China, and the United States. Over 120 nations are engaged in developing this capability, and so a complete survey of each is beyond the scope of this book. Source material contained in this chapter includes published papers and speeches, as well as entries from official military journals. Readers are highly encouraged to look at all sources rather than cherry-picking only the “official” ones.
The Russian Federation
Of China, Russia, and the United States, it is Russia that has been the most active in the implementation of cyber attacks against its adversaries, which include Chechnya, Kyrgyzstan, Estonia, Lithuania, Georgia, and Ingushetia. Whether or not you accept that some, all, or none of these events occurred with the sanction of the Kremlin, each event has been instrumental in furthering RF policy, and the Kremlin has never acted to stop them. Hence the RF benefits.
Like China, Russian military interest in developing an information warfare (IW) strategy goes back to at least the mid-1990s, when the Duma Subcommittee for Information Security expressed suspicion that the recent purchase of telecommunications boards made in the United States contained a secret switch that, when tripped, would shut down Russia’s telephone system. This fear isn’t unique to Russia. For example, the United States has refused to purchase electronic boards from Chinese defense manufacturer Huawei for essentially the same reason. In Russia’s case, fear progressed to action, and a few years later, new faculty with advanced degrees in computer networks and information security were hired to teach at the FSB academy.
A report by the Institute for Security Technology Studies at Dartmouth College provides a detailed history of the buildup of RF cyber warfare doctrine, starting with their Revolution in Military Affairs (RMA) in the 1980s. Ever since then, Russia has been researching a wide variety of computer network attack (CNA) options, including logic bombs, viruses, microchipping, and other forms of weaponized malware.
Also like China, Russia considers the United States to be the leader and the instigator in a cyber arms race, and it has reportedly engaged in cyber espionage activities