On September 17, Symantec released a report indicating that they had discovered a Cyber Mercenary group that is based in China, “Hidden Lynx” and appears to be doing work for the Chinese government. When that report was released, it got me thinking. Not just about Cyber Mercenaries (a term that I hadn’t really heard before) but how similar the work we do in Cyber Security is starting to take on more of a Cyber Warfare look and feel rather than just “Home Security”, so to speak.
So I started to do some research and, without even realizing it, we’ve slowly been slipping into this situation for a few years to the point that I think this process probably started in around 2006/2007, towards the end of the George W. Bush era as President. Look at some of the activities in the timeline –
2007 - Estonia experienced a targeted DDoS attack at a couple of banks that disabled infrastructure for a while.
2008 – the US DoD was attacked by a Foreign Intelligence Agency and a “digital beachhead” was set up in their network to allow that Agency to access classified information
2009 – NATO comes to an agreement on how they are going to coordinate their activities in Cyber Security.
2011 - Gen. Michael Hayden (former head of NSA and CIA under George W. Bush) suggested that the US Government, specifically the DoD, would need to allow the creation of a “digital Blackwater”. Blackwater is one of the US State Department’s largest private Security contractors, providing support to military and law enforcement agencies.
2011 – the Syrian Electronic Army (SEA) appears to start their targeted attacks in support of the Syrian Government. It’s not clear if the SEA is aligned with the Syrian Government
July 2013 – British Intelligence announces that Nations are starting to use Cyber Mercenaries
The growth is actually quick remarkable and really shows how quickly and easily Cyber Space can be used against a Nation. But the activities aren’t just on the attack side and aren’t just limited to nations outside the US. Look at DARPA, for example. DARPA is where the Internet was born and they have awarded contracts to work on CyberWarfare (both defense and attack) to a number of Defense Contractors. And you have the revelations of the NSA monitoring activity on the Internet.
You are now seeing how Cyber Space is becoming much more of a “Cyber War Zone” and it makes you wonder. With all the tools that are available that Script Kiddies to use, what are the more advanced tools capable of doing? Who’s going to win the race to a Cyber Atomic Bomb? And what does that look like?
How do you define a “War Strategy” for implementation by a Nation state if the battlefield is no longer the typical physical space? Remember, war used to be fought just on a physical, 2 dimensional field (with high ground being a major benefit). Then it shifted to a 3 dimensional space with the advent of Aeronautics. Now, you are seeing a shift to 4 dimensions through the inclusion of Cyber Space.
This is going to be both fascinating to watch and a bit scary because the battlefield itself hasn’t truly been defined yet.