The current national cyber strategy prescribes a mandate to employ military action in response to malicious cyber activities, imposing swift and transparent consequences for threat actors. The first step to take is establishing a strong cyber defense that ensures the Department of Defense and its allies can operate in the domain during a crisis or conflict.
Our nation’s cyber defenders should be prepared for increased use of what I term “precision, nonintrusive cyber weapons.” Examples are distributed and telephony denial of service attacks, denial of sleep attacks, and encryption fault attacks.
Nonintrusive cyber weapons are designed to disrupt or degrade functionality for a determined period of time, and they do not require significant technical knowledge of intended targets. In fact, their effects are operationally similar to those of electronic attacks.
Perhaps because these weapons’ effects are less sensational, the media and even cyber experts focus on attacks that require highly technical skills to circumvent cybersecurity measures without detection and launch presumably debilitating strikes. Nonintrusive precision cyber capabilities are certainly not as surreptitious, but adversaries will continue to use them against us for the following reasons:
- The technology investment to develop and employ them usually outlasts the latest firmware or software upgrades of potential targets.
- Their deployment requires less highly skilled operators.
- They require less exquisite intelligence and thus fewer demands for intelligence support.
- They can be deployed in more diverse situations and with a higher level of confidence in their effectiveness.
- They don’t require advance presence on a target system, so there is less chance of an advance warning of an impending attack.
Although definitive attribution has never been proven, the attacks on Estonia’s banking systems in 2007 that emanated from Russia would be examples of nonintrusive, precision cyber weapons and their effects.
U.S. cyber defense strategy needs to counter disruptive and degrading attacks along with the large, high-profile ones.