Wednesday, October 26, 2011

To Cyber Attack or Not to Cyber Attack?

It has been reported recently that the Obama Administration decided against using cyber warfare to suppress Libya's air defenses as the US sought to aid the rebels attempting to overthrow the Qaddafi regime. Why the reluctance to use a modern, bloodless attack mode?

Libya Before Qaddafi

I spent 5 weeks in Libya on a temporary duty (TDY) assignment in 1964. I was with the US Air Force stationed at Bitburg AFB in Germany. I was, at the tender age of 26, the Chief of Periodic Maintenance for our F-105 squadron. We deployed F-105s to Wheelus AFB, Libya, for pilot training in air-to-air, and air-to-ground combat. I headed up the maintenance squadron of over 100 enlisted men.

I remember my first tour of Wheelus. It was a vast base ideally located for flying off into the Libyan desert (90% of Libya is desert), dropping bombs on the sand dunes, and then returning for a dip in the Mediterranean and a cold beer at the O-Club. The down side of Wheelus was the heat (the highest naturally occurring temperature ever recorded on earth occurred in the Libyan desert). We regularly experienced day-time temperatures of over 45C (113F). One section of the base was reserved for the Libyan Air Force. It consisted of a couple of C-47 "Gooney Birds" and a like number of Cessna, T-37, "Tweet," twin engine trainer-attack aircraft.

Libya Before the Uprising

By 2010, Libya's air force was the largest in North Africa. It was headquartered at Okba Ben Nafi Air Base -- formerly Wheelus and Methega Air Bases -- located 7 miles due east of Tripoli. This was a relatively well-equipped air base that had been developed with Russian assistance to support and maintain over 200 combat aircraft. Another large air base was located at Benghazi and a third, Gamal Abdul Nasser Air Base, was situated a few miles southwest of Tobruk. Two other air bases were located near the Egyptian border -- at Al Kufrah Oasis and at Jabal al Uwaynat in the far south. Overall, the Libyan air force was believed to consist of over 500 combat aircraft, with some reports suggesting the number was as high as 700, including  MiG-23s, MiG-25s, Su-24, Fencer 'D's, Su-27s and Mirage F.1EDs. At least one squadron of Tu-22 bombers were known to be located at Okba Ben Nafi AB.

Libya deployed the SA-2, SA-3, and Crotale missiles. At least one battery of each of these types were spotted at each of Libya's three main air bases (Okba Ben Nafi, Benghazi and Gamal Abdul Nassar). One battery of Crotale sites had been detected at each of the two smaller bases in the southeast. The Libyan Army also operated three SA-5 batteries at undisclosed locations -- probably in storage.

NATO Aids the Uprising Against Qaddafi

The New York Times reports that according to military officials, American warplanes struck at Libyan air defenses about 60 times, and remotely operated drones have fired missiles at Libyan forces about 30 times, since the United States handed control of the air war in Libya to NATO in early April. Today, Aljezeera reports that Libya's air force "no longer exists as a fighting force" following the devastating air strikes by international coalition forces, a British military officer has claimed.

There are no reports on the casualties that Libyan regular forces may have suffered as a result of the air strikes that targeted Libya's air defenses. A U.S. Air Force F-15E Strike Eagle fighter jet crashed in Libya, but it was the result of a mechanical failure, not hostile fire, and its two crew members managed to eject to safety. It was the first coalition aircraft to have crashed in the three days of air strikes over Libya up to that time.

It's not necessary to detail the costs and risks of conventional air defense suppression methods to understand that a cyber attack would be cheaper, less risky, and, at least in the short term, equally effective. Only if the objective is to eliminate air defense capabilities in the long term, would conventional methods be the choice.

Why the US Didn't Use Cyber Warfare

According to reports, the Obama administration intensely debated whether to open the Libyan air campaign with a cyber attack to disrupt and disable the Qaddafi government’s air-defense system, which might have threatened allied warplanes (although this is unlikely). The objective would have been to break through the firewalls of the Libyan government’s computer networks to sever military communications links and prevent the early-warning radars from gathering information and relaying it to missile batteries aiming at NATO warplanes.

But administration officials and even some military officers balked, fearing that it might set a precedent for other nations, in particular Russia or China, to carry out such offensives of their own, and questioning whether the attack could be mounted on such short notice. They were also unable to resolve whether the president had the power to proceed with such an attack without informing Congress.

Early in 2010, the US Deputy Defense Secretary warned of cyber warfare’s appeal to potential foes who are unable to match the U.S.'s conventional military might. An enemy could deploy hackers to take down U.S. financial systems, communications and infrastructure, he suggested, at a cost far below that of building a trillion-dollar fleet of fifth-generation jet fighters. "Some governments already have the capacity to disrupt elements of the U.S. information infrastructure." The nation's top intelligence official warned that cyber-enemies have already "severely threatened" U.S. computer systems, and said that, "Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication."

United States Cyber Command

But the US military has been working for years on developing its own sophisticated Information Operations (IO) capability and cyber warfare is the most technologically advanced and perhaps the most militarily important element of this IO capability.
  • The Air Force is developing the ability to infiltrate any computer system anywhere in the world completely undetected. It plans to slip computer code into a potential foe's computer and let it sit there for years, maintaining a low and slow gathering paradigm to thwart detection.
  • The Army is developing techniques that capture and identify data traversing enemy networks for the purpose of Information Operations or otherwise countering adversary communications.
  • And the Navy is developing a non-lethal, non-attributable system designed to offer non-kinetic offensive information operation solutions.

In fact, the US established the United States Cyber Command (USCYBERCOM) on May 21, 2010. USCYBERCOM “plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

USCYBERCOM coordinates the cyber activities of the various military departments. Service elements include Army Cyber Command (ARCYBER); 24 AF/ Air Force Cyber Command (AFCYBER); Fleet Cyber Command (FLTCYBERCOM); and Marine Forces Cyber Command (MARFORCYBER).

US Capabilities and Limitations

According to some IT experts, the US is one of the top three of nations in terms of cyber warfare capabilities; the other two are China and Russia. The US is concerned that if it is discovered using cyber war against an enemy, other countries would not hesitate to respond by using cyber war against our infrastructure and/or interests. In other words, the US views cyber war in the same way it views conventional war -- you bomb me, I'll bomb you. That premise is certainly debatable (does anyone really believe that North Korea hesitates to use cyber war to attack the US?), but what isn't debatable is that just as warfare in general has gone beyond the nation state boundary, cyber warfare has certainly done the same -- that is after all, the nature of the beast. Richard Clarke talked about this in a PBS interview.

In their book, Cyber War: The Next Threat to National Security and What to Do About It, Richard Clarke and Robert Knake state that, “Cyberspace includes the Internet plus lots of other networks of computers that are not supposed to be accessible from the Internet. Clarke and Knake point out that cyberspace includes transactional networks that do things like send data about money flows, stock market trades, and credit card transactions; and control systems that just allow machines to speak to other machines, like control panels talking to pumps, elevators, and generators. They go on to say that, “In the broadest terms, cyber warriors can get into these networks and control or crash them.” Certainly, the United States has or is quickly developing these capabilities.

A warning pops up on Iran's Bushehr's SCADA computer screen.
The plant was attacked by the Stuxnet malware.
Ironically, the US has rejected efforts by other nations to institute a cyber war "arms control" treaty. That rejection is probably reasonable, given the difficulty of verifying compliance. Nevertheless, discussion and debate domestically and in international fora is needed.

Unfortunately, the cyber arena, like so many other national issues, has become a partisan battleground, with Republicans forming their own cybersecurity task force as a response to President Barack Obama's May 2011 legislative proposal. Republicans appear to be concerned again with excessive government regulation regarding defensive measures that might be required of private companies who are part of America's critical infrastructure.

So, the Obama Administration's reluctance to undertake an offensive cyber attack against Libyan air defense systems reflects the administration's caution in setting a precedence in a still evolving arena of advanced warfare. One wonders whether the other 21 nations with such capabilities, and the non-nation players assembling cyber capabilities, will be as cautious.

1 comment:

Richard Badalamente said...

Office of the National Counterintelligence Executive recently published a report on espionage in Cyberspace. "Foreign economic collection and industrial espionage against the United States represent significant and growing threats to the nation's prosperity and security. Cyberspace—where most business activity and development of new ideas now takes place—amplifies these threats..."