Cyberwarfare and Cyber Battlespace

Cyber Battlespace Pt 1 – Which Web?

There are daily references to cyberspace in news and entertainment but little to achieve much more than create fear in people that ‘Big Brother’ is always watching and there is an international gang or malicious nation state lurking at the other end of every internet click. The purpose of this series is to look at the reality in the context of warfare in the cyber battlespace (CBS). Being blog posts, they can’t be exhaustive – you’ll have to wait for my book on the subject which is well underway.

Battlespaces began with land and sea and have been joined by sub-surface, air and then space. They all have unique characteristics from which doctrine is developed and there is inevitable overlap. The same is true of CBS but what is unique is that it also pervades all others. It is logical, therefore, that whoever prevails in CBS will ultimately win across the board. A loose parallel can be drawn to the allied code breakers of WWII at Bletchley Park.

Most people hear cyber and think internet. While the internet is a major part of CBS, it isn’t the whole picture by a long shot. It also includes artificial intelligence, data, radio frequencies, sound frequencies and other visible and invisible light frequencies as well as so-called ‘smart devices’ that can interact between themselves. The somewhat emotive terms ‘Visible Web’, ‘Deep Web’ and ‘Dark Web’ have come into usage but what do they actually represent?

The visible (also referred to as surface or clear) web refers to that which most people use day to day. Things like email, browsing news and entertainment sites, search engines and social media. This represents about 25% of the total internet. Just because it’s visible doesn’t reduce its potential for harm including hacking, phishing and just plain digital versions of old crimes like taking money for an online sale then never handing over the goods. By and large it’s reasonably well ‘policed’ by service providers but there are always going to be problems.

The deep web is best described as being that part of the web that can’t be easily reached by standard search engines. It includes your secure services such as online banking and private forums as well as yesteryear’s visible web. Before the appearance of the first graphic user interfaces, internet users had to type commands and go to specific bulletin boards or other services.

Examples include Usenet where interest groups would follow everything from computer program developments to news and the inevitable smut. A Washington-based researcher said at a conference I was at recently that most new developments in cyberspace are rapidly advanced or commercialised by either the gaming or porn industry. Another example is Internet Relay Chat (IRC) which was essentially a range of topic-based chat forums not unlike Reddit is today. Any media, such as a picture, had to be broken into standard packets for sending and the receiver needed the same software to put it back together. There were not websites as we know them today. This was the internet pre-1995. However, a vast amount of that material still exists and some is still crawled by standard search engines. About 75% of the internet is deep web.

The dark web is the term attributed to highly anonymised internet-based activity including drugs, guns, terror groups, bomb making guides, counterfeit movies, porn, human trafficking, hacking and hit-men. It is where stolen identities and stolen credit cards are traded in return for digital currency using virtual private networks and point to point encryption. However, it is also the place where privacy believers, libertarians, groups fighting against tyranny and advanced collaborative computer developments are taking place. Regular search engines do not crawl through here, largely because of the way these so-called ‘onion servers’ are set up. A free and quick download of the ‘TOR’ browser does give you a look around but consider yourself warned – some of it isn’t pleasant! The dark web has a range of its own search engines including some that filter out undesirable links.

In terms of CBS, what’s needed? There is absolutely no way that prohibition has ever solved anything – humans will always find a work-around. Therefore, it is impossible to shut down the web or any part of it without tremendous harm on the scale threatened but thankfully not experienced with the Y2K bug. That’s not to say that a belligerent might not do exactly that having previously worked out how to conduct warfare without the internet.

There are two significant vulnerabilities in the internet’s infrastructure. First are space-based assets which are expensive, fragile and with little built-in redundancy. I believe that, in a great power conflict or even by the actions of a rogue state/non-state actor, space battlespace will be negated in a matter of a few days by a combination of anti-satellite missiles, hacked control systems and possibly even by the use of an exo-atmospheric nuclear weapon.

The second vulnerability is the myriad of submarine cables that link continents for all manner of data transfer. This is a huge problem for the sub-surface battlespace strategists and one which is directly linked to CBS. While the tendency is to look at ways to crack codes and track web-based activity (fine in itself) the real risk is to the actual existence of the internet. All major wars have lasted years. Consider life for that period of time without all the digital tools you take for granted now.

This is a huge national security problem and one that is only being peripherally engaged with in New Zealand. No number of specialist staff in the intelligence and security sector will be enough to offset the impact of ‘troll factories’ and bots operated by many nations and other groups. Would civil unrest be inevitable if civilian use of parts of the internet were restricted or terminated? Is free use of the internet vs the responsibility of the State to defend its citizens a democratic battleground all of its own? Could a belligerent deliberately foment this discord?

What strategy should New Zealand pursue in CBS? Applying air power terms, is it:

  • CBS Supremacy – where we can operate anywhere, anytime unchallenged.
  • CBS Superiority – where we can establish dominance for limited periods of time and places.
  • CBS Parity – where one side can do no more than stop the other from establishing dominance.

I don’t think CBS inferiority needs a descriptor and is a pathway to a lost war. How do these strategic goals tie in with broader national security aims? In order to answer that, we would need a national security strategy. New Zealand doesn’t have one. In the 5th gradient of warfare (5GW), every citizen is a target and a sensor. Since everyone has something to lose from weakness in CBS, it makes sense that everyone should be involved in developing and operating our CBS operations. It’s not a new idea – we’ve had a Home Guard before and this one is more likely to involve a teenager teaching their family a few new tricks than Captain Mainwaring marching his platoon through town.

The war for control of CBS has well and truly started and we need to focus on a rapid ramp-up. However, the greatest risk to cyber battle success remains human. At a gathering recently a person, on finding out what my research was about asked if I thought their password was secure. I asked them to tell me what it was after which I told them it wasn’t secure at all. They looked shocked and asked why. Because you told me what it was, I replied.

NEXT: Cyber Battlespace Pt 2 – Undersea Cables

Blatant Advertising Bit: Have you read my short story trilogy “A Poke in the Fifth Eye”? It’s available in Kindle format for only 99c. A ripping good yarn about dirty bomb drone swarms in Wellington New Zealand, a couple of destroyed spy bases, an air force base on fire and only a hastily assembled bunch of Kiwi reservists standing between the terrorists and their ultimate goal.