Embed Size (px)
Citation preview
Strategic Considerations in Cyber Warfare
Matt Stillerman, PhD
Odyssey Research Associates33 Thornwood Drive, Suite 500Ithaca, NY 14850
OASIS PI Meeting, Santa Fe, NM
July 25, 2001
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
2
Overview
• Project title: Novel Applications of Military Science to Intrusion Tolerant Systems– Mining military theory for ideas about cyber
warfare.
• Universal theory of strategy (as expounded by Edward Luttwak)– Implications for cyber warfare
• Summary
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
3
Example: Choice of Route
City A
City B
highway
War Zone
mountain road
Ithaca
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
4
Invasion of Lebanon, 1982
• Israel always maneuvered in non-obvious ways, was known to do this.
• Syria expected Israel to advance via a round-about route, was initially able to block them, effectively.
• Israel countered by advancing straight into the Vale of Lebanon, without opposition.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
5
Paradoxical Logic
• Counter-intuitive values (or effectiveness) in warfare
• Convergence of opposites, eventual reversal of values over time.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
6
Paradoxical Logic
• Key difference between warfare and other human activities.
• Universal: All wars, all theaters, all levels of war.
• Caused by the ability and inclination of adversaries to anticipate actions and react to them.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
7
Surprise
Surprise = failure to anticipate
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
8
Strategy
Strategy = Art of command in situations governed by paradoxical logic.
• Anticipate the paradox.
• Engineer surprise.– Change behavior– Deception
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
9
Let Many Flowers Bloom
• Surprise attackers with novel counter-measures.• Avoid standardization of defenses.• Develop diverse overlapping defense techniques.
– Less effective techniques have greater longevity.
– Diversity of strategic choice.
– Continuous stream of new techniques as old ones become stale.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
10
Promote Obscurity
• “Security by obscurity” – now a valid principle.
• Obscurity can be relatively inexpensive.
• Yet, while it persists, it can be just as effective as “real” security measures.
• Measures designed to promote system-wide integration of security features may degrade obscurity.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
11
Empower Strategists
• Source of surprise is human perception and ingenuity.– Clausewitz calls this “genius.”
• Cyber Warriors must have:– Training– Technical choices– Authority
• Automated cyber defenses amplify warriors, don’t replace them.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
12
Guided Missiles vs. Tanks
• Egyptian infantry easily destroyed Israeli tanks at the beginning of the 1973 War.
• Suggests that tanks are obsolete. (wrong!)– Similar comments were made about bazookas
• By the end of that war, a change in tactics largely restored tank effectiveness.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
13
Electronic Warfare in WWII
“In the ebb and flow of reciprocal development, the same device could be highly effective, totally useless, and positively dangerous within a matter of months…” -- Luttwak
Example: rearward-looking radars on British bombers.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
14
Battle of Berlin
• Technical advances enabled Allied aircraft to blind German radar defenses.
• This enabled a massive aerial bombardment that destroyed Hamburg.
• Similar attack against Berlin attempted.• Germans responded, using searchlights to
find the “streams” of bombers, ground commentary, and non-radar equipped fighters.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
15
Pearls
• Action and effective reaction may occur at different levels in the conflict.– Information technologists should try to anticipate
tactical, operational, and strategic responses.– “Pure” cyber war will be fought on all levels.
• Cycle of action/reaction may occur very swiftly in a hot war.– Explicitly manage the life-cycle of cyber defenses.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
16
Life-cycle of Cyber Defenses
• Detect culminating point and act.
• Have new choices “on tap.”
• Avoid complacency about solved problems.
• Prepare to innovate furiously and to deploy the results swiftly.– Active infosec research community– Native IT manufacturing capability
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
17
Levels of Cyber Warfare
• Technical – e.g. firewall.
• Tactical – e.g. How the firewall is deployed, configured.
• Operational – Which information is created, how it is used in the theater. Concerned with meaning, quality, and assurance.
• Strategic – Role of meaning and quality in achieving war aims.
7/25/2001SL01-018
Odyssey Research AssociatesNot for public release.
18
Reference
• Edward N. Luttwak. Strategy: The Logic of War and Peace. Belknap Press, Harvard University, 1987.
