Cyber warfare will be battleground for next U.S. president

U.S. cyber capabilities strong; next commander-in-chief may need to deploy them

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

When presidential candidates Hillary Clinton and Donald Trump debated America’s cyber war capabilities last week, the global cybersecurity community strained hard to read between the lines.

The Democratic candidate, in particular, alluded to a notion rarely discussed in public forums: that Uncle Sam does, indeed, possess a very big cyber stick and is prepared, at any moment, to wield it as necessary.

“We are not going to sit idly by and permit state actors to go after our information,” Clinton declared. “Our private-sector information or our public-sector information.”

Related video: Deploying military cyber tactics against a retailer

Nation-state-backed cyber bombardments conducted by China (OPM hack; Operation Aurora ; Titan Rain) and Russia (DNC hacks; Estonia shut down;Ukraine hack) have been widely covered by mainstream media. By contrast, not very much has surfaced about U.S.-backed cyber operatives counter punching, or even going on the offensive.

The one example Clinton might have drilled down on, had she been asked to elaborate, is Stuxnet. It would be fascinating to hear her assessment, or Trump’s for that matter, of the malicious computer worm widely believed to be a joint American-Israeli cyber operation to sabotage Iran’s nuclear program. (I highly recommend Kim Zetter’s meticulously reported, well-written book account: Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon.)

Dedicated government cyber branch

In fact, the NSA has an offensive cyber branch referred to as Tailored Access Operations unit. References to TAO have surfaced over the past couple of years thanks to the efforts of journalists like Zetter, as well as hacktivists associated with Wikileaks and, of course, one Mr. Edward Snowden.

Ryan Trost, ThreatQuotient chief technology officer
Ryan Trost, ThreatQuotient chief technology officer

“In this day and age, I can almost guarantee that most modern countries have a dedicated military branch whose mission is to develop and execute offensive cyber capabilities,” says Ryan Trost, chief technology officer at security vendor ThreatQuotient. “The U.S. is no different and most likely does possess a more advanced capability, far beyond what most of us are aware of.”

Trost tells me that America “can certainly put a hurt on if need be.”

Should “the cyber,” as the Republican presidential candidate refers to it, come into focus again in the race for the White House, both Trump and Clinton probably would be wise to temper their commentary, some security experts believe.

Hold down rhetoric

“Secretary Clinton’s comments making sure other nations realize our stronger capabilities in cyber space is a policy path that could lead to escalation,” warns John Bambenek, threat systems manager of Fidelis Cybersecurity. “Unlike physical conflicts, cyber conflicts can escalate in unforeseen ways and have large unintended consequences.”

John Bambenek, Fidelis Cybersecurity threat systems manager
John Bambenek, Fidelis Cybersecurity threat systems manager

Bambenek says the global community really has no inkling of “what it would look like when two developed powers with extensive cyber capabilities go toe-to-toe in a hacking match.”

It would not surprise me if a potboiler plot revolving around the U.S. and China pulling tripwires to knock out each other’s power grid is under development by some spy-thriller author, or Hollywood scriptwriter. “Unlike traditional military warfare, attribution in cyber attacks is difficult, so immediate response would be problematic,” Bambenek says.

Let’s hope that our top political leaders understand that the ramifications of all-out cyber warfare could cause profound disruption. Maybe not as devastating as a nuclear holocaust. But potentially something close.

Meanwhile, each time a network outage strikes a Wall Street exchange, or shuts down flight ops at a pair of airlines for days at a time, or disables the reservation system of a top-tier hotel chain, one has to wonder if the raptors might be testing the fences.

Ramping up offense

“As much as world leaders shake hands and sign treaties, it is pretty safe to assume offensive capabilities continue to operate and even advance at a decent pace,” Trost says. “Countries would never claim responsibility, but every once in a while the internet will hiccup.

“I believe it’s a nation state’s offensive team flexing muscles and assessing how the internet will respond, in case it ever comes to that point.”

More stories related to cyber warfare:
Submarine data leak points to ‘economic warfare’
A cyber war might be closer than we think
Report: Russian cyber spies part of military move against Ukraine