Friday 20 Jul 2018 | 14:43 | SYDNEY
Friday 20 Jul 2018 | 14:43 | SYDNEY

Cyberwar: In the Mario domain


Graeme Dobell

11 October 2010 13:45

Cyber attack has joined terrorist attack at the top of Australia's security threat list — the new dire duo of globalisation.

For the Australian Defence Department, cyber attack is the assault that comes every day: 200 a month last year to 700 a month this year. Last year, Defence detected 2400 'incidents' on networks considered to be of 'medium to high risk'. Dylan Welch in the Sydney Morning Herald has updated figures for this year: 5551 incidents between January and August — a 250 per cent rise.

This is the Australian end of a deep rethink of the concept of security that has just seen the US create a new domain of warfare. Cyberspace has become a domain for military operations along with land, sea, air and space. The Mario Bros are off to war. Recruits must be able to stare at screens for hours and possess dancing fingers and dexterous thumbs.

The US Deputy Secretary of Defense, William Lynn, surveys the Mario domain in this essay in Foreign Affairs. He argues that cyberwar is akin to manoeuvre warfare: it's all about speed and agility. And in cyberspace, the 'offence has the upper hand'.

A good way into the subject is this Q&A session with Lynn. He gives new meaning to the term asymmetric warfare with this comparison of what it takes to defend and what it takes to attack:

Some of the most sophisticated integrated defence software that is commercially available now have 5­10 million lines of code, and they are massive, work-intensive, difficult products to develop. The average malware has stayed constant over the last decade, and it's about 175 lines of code.

The signals intelligence alliance that grew so important in the Cold War is being reworked for the new domain:

Getting together with allies, identifying attack signatures, exchanging those signatures, exchanging technology -- essentially using a Cold War concept but updated to shared warning -- is something that we need to pursue in the cyber defence arena. And we have been doing this with our closest allies -- the United Kingdom, Australia, Canada. We're now looking to NATO.

Lynn's discussion of the US mounting attacks in this new domain adds to the fascination about the Stuxnet cyber-missile that apparently struck Iran's nuclear program, shutting down some of its centrifuges last year. What a choice for Israel (and for the US): dispatch the planes against Iran in an act of war, or send off a thumb drive armed with a virus. In the cyber world, one of the many difficulties of definition will be the conceptual blurring: espionage to sabotage to attack. And actually working out who is on the other side of the firewall.

As a previous column noted, where terrorism elevated the non-state actor to the top of the threat list, the cyber threat erases much of the ability to distinguish between the state and the non-state attacker. That column reported this speech by the head of ASIO, David Irvine:

The explosion of the cyber world has expanded infinitely the opportunities for the covert acquisition of information by both state-sponsored and non-state actors. Today, we see constant attempts by cyber means to steal the nation’s secrets.

And in an earlier effort, Irvine lamented that responding to computer-based attacks is a 'legal and diplomatic quagmire' for intelligence agencies and the courts:

Attacks may be routed through any number of different countries as part of the perpetrators' efforts to conceal their identity. And entire computer networks, even in friendly countries, can be hijacked and turned into attack clones.

The new domain is giving extra life to the already vigorous Echelon signals intelligence community: the US, UK, Australia, Canada and New Zealand. And inside those various communities, fresh partnerships are being forged. Sigint and the spook catchers have found a common cause (the Mario Bros get trench coats).

ASIO's new HQ is across the road from the Defence Signals Directorate. That amounts to a bit of Canberra happenstance. But the neighbourliness will be useful in what is quickly emerging as common sphere of operation. Not so long ago, DSD (military signals nerds peering overseas) was the silo that was the greatest distance from ASIO's patch (domestic spooking). Suddenly, they are both trying to navigate a new domain.

Image courtesy of Moistproduction.