Saturday, July 31, 2010

Cyber is the New Domain, but please don't turn off the lights

So this was triggered by reading the crappy article over at the inquirer, I sent them the full text of this before I posted it and even gave them 3 days to fix the article. So here's the real deal and I hope I didn't fuck anything up.

This little blurp is a watered down misinterpretation of the keynote. What Hayden actually said was nothing of the sort. His words were profound and direct. Very much with a purpose, and though he is no doubt used to being misrepresented in the news I cannot believe that this site would do such a terrible job of follow-up.

Let me reiterate his speech, and perhaps your author will learn to be more direct and less sensational.
--
I attended Black Hat as part of furthering my training as an IT Professional and with the added benefit of sitting in on some excellent, and not so excellent, briefings.

One highlight of the two day briefings was the second Day's keynote presented by Former Director of the CIA, General Hayden. Hayden began by explaining his former positions and his involvement in the US Government's CyberCom. His explanation, and breakdown of the roles the US, and truly all nations, are facing is thus:

The existing domains (as the military establishment terms land, sea, air, and space) are deeply understood by those involved. The newest domain, cyber, is almost as much a new dimension as it is a domain. Any action that effects the cyber domain, cannot (by virtue of it's multi-domain nature) go without making 'something in another domain go pop.'

The Cyber domain has requirements similar to the other four, it must be defended against infiltration and hardened against malicious attackers. It is also fair game for internationally accepted espionage practices, data gathering if you will. And finally, it is a domain to be considered when attacking one's enemies in time of war.

This is not to say that there should be no boundaries, he seemed to be fully of the belief that there are areas of the cyber domain that should be off limits to disruptive activities. For instance, when speaking of the power infrastructure he described the troubles governments have in attacking an enemy. If there is an armed conflict and a nation wishes to bring the power infrastructure down utilizing the cyber domain they had to have been within those systems BEFORE the fighting occurs.

This creates an interesting dilemma when looking at it on the world stage. Because of the nature of the beast, attackers must penetrate and reside on these systems perpetually. And when thinking of many nations all in different levels of "possible" armed conflict in the "future" that would mean these systems in many nations would be a battleground for multiple nations agents attempting to maintain control.

General Hayden made the correlation with chemical weapons being banned with the Geneva Protocol. This particular tenant was truly the only piece he mentioned as being 'off-limits' and truly only in the concept of preemptive system residence. Much to the dismay of some of the security professionals I spoke with later that day.

We will be in for an interesting future, seeing that now the US military establishment has taken full notice of the added dimension the Cyber domain has created for us all. It's only a matter of time before most other nations begin doing the same, Russia, China and the other G8 nations are notable examples of this. One thing is for certain, more are sure to follow.
--
I couldn't see him arguing against the use of the cyber domain to orchestrate attacks during armed conflict, as this is a large part of the CyberCom's stated mission:

"USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

I will be publishing this tomorrow, so if you'd like to correct this article before then I will make no reference to it.