Risk
10/12/2009
11:49 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Cyberwar Readiness Recast As Low Priority

Preparedness for cyberwar should have a place in U.S. defense planning, but resources are better spent on bolstering potentially vulnerable infrastructure, according to think tank RAND.

The U.S. government should not make cyberwarfare a priority investment area, according to a report from public policy think tank RAND Corp.

The report, which was underwritten by the Air Force, recommends that the government focus instead on shoring up defenses of critical infrastructure like the nation's telecommunications networks, banking systems, and power grid that may be vulnerable to cyber attack.

"Operational cyber war has an important niche role, but only that," the report states.

At best, cyberwarfare operations "can confuse and frustrate operators of military systems, and then only temporarily," the report notes. "The salient characteristics of cyberattacks--temporary effects and the way attacks impel countermeasures--suggest that they be used sparingly and precisely. Attempting a cyberattack in the hopes that success will facilitate a combat operation may be prudent; betting the operation's success on a particular set of results may not be."

The report contends that unlike regular warfare, which aims to break down enemy defenses and morale to get the other side to give in, countries often respond to cyber attacks by hardening their defenses and making them less vulnerable to future attacks. "Casualties are the chief source of the kind of war-weariness that causes nations to sue for peace when still capable of defending themselves--but no one has yet died in a cyber attack," the report says.

Further, cyber attacks often have ambiguous sources that make them difficult to retaliate against or could create new enemies if a source is misidentified. And they only temporarily disarm enemies, since computer equipment can easily be replaced.

The report warns that "non-state actors" could jump into the fray. However, it bases few of its conclusions on such scenarios, even though individuals or loose-knit groups tend to be the more obvious ongoing threat on the Internet.

Despite warnings that cyberwar may have a limited role, the report notes that some investment is appropriate.

"Operational cyberwar has the potential to contribute to warfare -- how much is unknown and, to a large extent, unknowable," it says. "Because a devastating cyber attack may facilitate or amplify physical operations and because an operational cyberwar capability is relatively inexpensive, it is worth developing."

The Air Force created a dedicated cyber command earlier this year, which became operational in August. That force includes about 6,000 active duty personnel and is expected to have an annual budget exceeding $5 billion.

Read InformationWeek's first-ever analysis of top CIOs in federal, state, and local government, and how they're embracing new expectations. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0999
Published: 2015-06-02
Sendio before 7.2.4 includes the session identifier in URLs in emails, which allows remote attackers to obtain sensitive information and hijack sessions by reading the jsessionid parameter in the Referrer HTTP header.

CVE-2014-8391
Published: 2015-06-02
The Web interface in Sendio before 7.2.4 does not properly handle sessions, which allows remote authenticated users to obtain sensitive information from other users' sessions via a large number of request.

CVE-2015-0759
Published: 2015-06-02
Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users.

CVE-2015-0850
Published: 2015-06-02
The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when creating a secondary Git repository.

CVE-2015-1945
Published: 2015-06-02
Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors.

Dark Reading Radio
Archived Dark Reading Radio
From Target to Sony to Anthem, they are happening all around you: the “big” data breaches that compromise critical data and threaten the welfare of the corporate brand. Is your organization ready to respond?