In November 2008 the National Intelligence Council (NIC) released a report that looks at "how key global trends might develop over the next 15 years to influence world events." The report doesn't claim prophecy. The authors review current trends in order to "provide US policymakers with a view of how world developments could evolve, identifying opportunities and potentially negative developments that might warrant policy action."
One interesting aspect is the discussion of cyber warfare as an emerging aspect of conflict. The report avoids details of what cyber warfare might look like (or already looks like, for that matter), but the type of conflict earns specific mention. So, it must be important to some degree.
Rather than focus on the future right now, it might be worthwhile to see how previous editions of the NIC's report fared with time and hindsight. In November 1997 the NIC released a report looking towards 2010. It makes for interesting reading through the lens of computer security.
The report intentionally avoids specific predictions, but its expectation of the clash between government and technology arrived with significant examples, a few of which include DRM, freedom of speech, Google and Yahoo in countries with human rights problems, and the Great Firewall of China.
The good news is that governments will derive benefits from technology that moves information, goods, and services rapidly. The bad news from the perspective of governments is that they will have less and less capacity to control these flows unilaterally.This message was reinforced with:
However, communications will also thwart government efforts to control the flow of information, which, in some instances, will undermine their authority.The report also deserves credit for explicitly highlighting organized crime's adoption of the Internet, exploiting its underlying technologies, and targeting its multitude of rubes:
International organized crime groups will take advantage of such technology as well, bypassing governments, or seeking to undermine them when governments try to block their efforts to run and expand their illegal activities.A few examples are the Russian Business Network, sophisticated credit card black markets, auction fraud, and cons. Not only does technology enable criminal markets (IRC bots running credit card exchanges), but common vulnerabilities provide the attackers with a large pool of potential victims. No longer do attackers deface web sites to impress friends. Newer attacks rely on subtle infection of a web page with a single line of JavaScript that may point to a server in China or Russia. This infected web page then loads an exploit that tries to attack the web browser of each person visiting the site. Vulnerable browsers leave their users open to theft of credit card numbers, online game account credentials (e.g. World of Warcraft), or banking information.
On the cyberwar front, the report provides only vague extrapolations for the future:
Precision- guided munitions and information technologies will continue to be the hallmarks of the revolution in military affairs. Other countries will have technologically advanced military equipment at their disposal, obtained from arms merchants and other governments. However, no power will be able to match US battlefield technological capabilities during this time frame, and potential adversaries are unlikely to repeat Iraq's mistake in challenging the United States via set-piece conventional warfare.So, it alludes to a continued U.S. superiority of information technologies, but at the same time emphasizes
we may find what some would call a "doctrine of massive technological superiority" as limited in the future as the doctrine of massive retaliation was forty years earlier.For the moment consider cyberwar simply hacking between opposing state-sponsored groups. The U.S. has the 24th Air Force (among others, surely), which faces counterparts across the world -- most notably China. For example, a 2008 DOD report to Congress notes
...China’s leaders stress asymmetric strategies to leverage China’s advantages while exploiting the perceived vulnerabilities of potential opponents using so-called “assassin’s mace” programs (e.g., counterspace and cyberwarfare programs).
The same report also details why the U.S. has concern for China's hacking efforts (detailed on pages 3 and 4).
Yet Cyberwar may not only be a term in search of a definition, but a topic for which contemporary examples are few (at least to public knowledge). Russia vs. Estonia typically serves as the most recent popular example, but being state-sponsored on both sides and the actual impact of the "war" diminishes under scrutiny and skepticism. Russia vs. Georgia was rumored to be a sequel. However, that conflict included tanks, guns, and soldiers crossing borders -- all a more pressing concern for civilians than a virtual carpet-bombing of computer networks with IP packets.
It will be interesting to see how Internet-related events unfold in relation to the trends recorded in the 2025 report.
Yet it won't be necessary to wait until 2025 to review the current trends report. By November 2019 a much more important event will occur.
0 quips:
Post a Comment