Defending Low-Key Cyber Attacks Is No Less Urgent

By Forrest Hare, Solutions Architect, Cyberspace Operations

The current national cyber strategy prescribes a mandate to employ military action in response to malicious cyber activities, imposing swift and transparent consequences for threat actors. The first step to take is establishing a strong cyber defense that ensures the Department of Defense and its allies can operate in the domain during a crisis or conflict.

Our nation’s cyber defenders should be prepared for increased use of what I term “precision, nonintrusive cyber weapons.” Examples are distributed and telephony denial of service attacks, denial of sleep attacks, and encryption fault attacks.

Nonintrusive cyber weapons are designed to disrupt or degrade functionality for a determined period of time, and they do not require significant technical knowledge of intended targets. In fact, their effects are operationally similar to those of electronic attacks.

Perhaps because these weapons’ effects are less sensational, the media and even cyber experts focus on attacks that require highly technical skills to circumvent cybersecurity measures without detection and launch presumably debilitating strikes. Nonintrusive precision cyber capabilities are certainly not as surreptitious, but adversaries will continue to use them against us for the following reasons:

  • The technology investment to develop and employ them usually outlasts the latest firmware or software upgrades of potential targets.
  • Their deployment requires less highly skilled operators.
  • They require less exquisite intelligence and thus fewer demands for intelligence support.
  • They can be deployed in more diverse situations and with a higher level of confidence in their effectiveness.
  • They don’t require advance presence on a target system, so there is less chance of an advance warning of an impending attack.

Although definitive attribution has never been proven, the attacks on Estonia’s banking systems in 2007 that emanated from Russia would be examples of nonintrusive, precision cyber weapons and their effects.

FURTHER READING: Software-defined networking bolsters security for USCENTCOM

Given the greater likelihood of encountering adversarial use of nonintrusive capabilities, our nation’s cyber defense strategy and doctrine should be predicated on scenarios containing them. Because of the nature of the effects from these capabilities, cyber defenders should integrate with electronic warfare experts—specifically those who plan and employ electronic protect measures.

Examples of closer integration could be in the areas of joint frequency and bandwidth management, in order to tie directly the impacts of frequency management to communications throughput. Another example might be integration of electronic and cyber masking to ensure that efforts to mask signal emissions are not negated through cyber tracking.

About the author: Forrest Hare, PhD, is a solutions architect for SAIC, joining the company after retiring as a colonel in the U.S. Air Force. He is an adjunct professor at George Mason University and Georgetown University, where he instructs on national security policy for cyberspace. With William Diehl, PhD, his co-author and a professor of electrical engineering at Virginia Polytechnic Institute and State University, Hare recently presented on nonintrusive cyber weapons at the Cyber/Electronic Warfare Convergence Conference held by the Palmetto Roost Chapter of the Association of Old Crows.