Ambiguity in cyberspace and the legality of hacking and manipulating sovereign nations; does it benefit the attacker, or the victim? We've all but survived the potential catastrophe of the 2016 election, and the Russian interference within it, but what does that mean for the future of cyber and psychological warfare throughout the world?
In late May, a former supervisor contacted me about an exciting new position he was helping to create conducting predictive cyber threat analysis, and in mid-June, I accepted a job offer to work for him. Moving from IT security implementation to IT security research & development was a huge intellectual challenge for me, and it's only been recently that I've been able to consider pursuing other intellectual hobbies, like blogging - or reading. The first novel I picked up was recommended to me by other security researchers: Ghost Fleet; it's only fitting that my return to blogging be about that novel.
While the plot of Ghost Fleet is very Tom Clancy's The Hunt for Red October-esque, it's better sourced and details a only slightly less probable prelude to war for which Tom Clancy was famous. Ghost Fleet depicts a dramatic fight-for-survival scenario wherein an arrogant and complacent America is caught off guard by a virtual (and literal) Pearl Harbor attack by the Chinese. The U.S., now denied its ability to utilize satellites for precision guided munitions, encrypted communications, and Google Glass (called "viz" in the novel) is now in a fight for survival against a technologically superior enemy. Left to repel the invaders using guerrilla-style tactics and antiquated pre-digital technologies, America can no longer rely on its technological advantage that enabled the humble JDAM and the fearsome F-35.
A recent report by the Washington Post claims that the IC is investigating the possibility of Russian influence in American politics through cyber attacks, propaganda, and disinformation. While this makes for a fantastic headline, it doesn't really tell us anything.
However, the existence of the investigation does give us an interesting thought experiment. US interests are routinely being barraged by cyber attacks, like the Sony hack by North Korea in 2014, that are nominally ignored by the US government apparatus and IC alike. However, there are two key differences between an attack at the electoral system: First, it is an attack that undermines our ability to practice democracy; and second, it undermines our ability to project military, political, and technological power throughout the rest of the world.