ANN ARBOR – Over the next few weeks, MITechNews.Com will be publishing excerpts from cybersecurity expert Richard Stiennon’s latest book, called There Will Be Cyberwar. The book makes the case that the US military rushed to “network everything” and, like most organizations, neglected to secure its most critical systems. One point he makes is that an orchestrated effort on the part of China over the past 15 years to hack the defense industrial base networks and US military networks, “such as stealing designs of the advanced military systems such as the Joint Strike Fighter, was in reality to discover weaknesses in those systems that the People’s Liberation Army could exploit in conflict. While the knowledge that source code and configuration data was stolen was recognized by the NSA and FBI, they never surmised anything beyond industrial espionage.”
We pick up the book in chapter one when Stiennon writes a fictitious REPORT ON SPECIAL INVESTIGATION INTO THE TAIWAN STRAITS CONFLICT OF MARCH 18, 2018
Presented to the Armed Services Sub-Committee May 12, 2018.
This excerpt concludes the investigation and presents the findings.
There is still no evidence that China launched the nuclear EMP device from the land or sea. It is now apparent that one and possible more of China’s satellites were armed with nuclear warheads capable of being launched with precision and guided to an exact upper atmosphere location for detonation. The committee views this capability as destabilizing and counter measures should be developed while ongoing diplomatic pressure brought to bear to stop the militarization of space.
In less than 45 minutes since the fighter squadron launched within China territorial waters, the 7th fleet was disabled, and the USS Minnesota was rendered inoperable, which apparently was calculated on the part of China to ensure that no deterrent force was left to interfere with the Chinese ultimate goal: the re-unification of Taiwan. That process was facilitated by the complete power and communication grid failure across Taiwan, leaving them in a state of turmoil as China immediately gained control of the air and sea domain around Taiwan. Once it was evident to Chinese leaders that the 7th Fleet was effectively destroyed the Taiwanese President had no option but to surrender. His fate, upon returning to Taipei, as well as that of his cabinet, are still unknown.
The capitulation of Taiwan and subsequent reunification marks the greatest setback for the United States in the region since the loss of South Viet Nam. The economic impact could be much greater because the future of trade with Taiwan, let alone China, is in doubt. The repercussions throughout the Pacific Rim will be long lasting. The peaceful overtures to China from Japan, Korea, and even Australia’s new labor government marks the end of the Obama initiated pivot to Asia.
The committee convened to investigate this military defeat can point to several underlying causes.
1. The most important factor was the misreading of China’s intentions. The West in general and the US in particular had moved ahead with economic development and normalization with the Communist-led state based on incorrect assumptions about the inevitability of advanced nations moving towards liberal democracy. Despite many researchers and China experts’ warnings about China’s long-term, even 100 year goals, warnings were dismissed. From the perspective of a liberal democracy where long-term planning rarely surpasses the next election cycle, execution of a strategy over more than 20 years is hard to comprehend. Yet, that strategy was well documented in Chinese academic and military writings, especially the use of cyber attack to gain asymmetric advantage in battle.
2.The DoD, while investing heavily in network defenses and its own cyber attack capabilities, led by the 2010 formation of US Cyber Command, completely overlooked the vulnerability of its own platforms for communication, precision targeting, guidance and navigation, and ISR.
3.The NSA had used network intrusions against the Defense Industrial Base to further its own buildup of cyber capacity but never reported all of its findings to Congress. In particular, the concerted effort of PLA cyber teams to find and exfiltrate the source code and technical configurations of radar, sensing platforms, targeting platforms, and encryption key distribution methods was omitted from reports. This targeting, if properly reported, would have been the first indicator of China’s intentions for future war fighting.
4. The billions of dollars invested in cyber defense since 2008 were primarily applied to operational networking and email systems. No thought was given to hardening weapons platforms against cyber attacks.
The investigation committee recommends:
1.All weapons development programs be halted immediately and a software and vulnerability review be instituted across all logistics, re-supply, aircraft, ships, and combat gear that has the ability to network or receive instructions via any electromagnetic means.
2.A supply chain review should be made of all components. A process should be implemented to detect tampering and installation of back doors, particularly those manufactured in China. Logistics controls should be developed and applied to protect any critical gear from interdiction.
3.Every device and piece of communications gear that encrypts data should be re-keyed immediately.
4.A key distribution and management system that is not highly centralized must be developed and deployed as soon as possible.
5.Strong means of authenticating GPS signals must be developed and deployed as soon as possible.
6.The placement of nuclear devices in orbit by China is being taken to the UN Security Council. In the meantime effective means of anti-satellite defenses must be developed to prevent a future occurrence of space delivered nuclear weapons with guided, hypersonic re-entry vehicles.
7.The DoD should undergo a top down review of its command structure, procurement processes, and ability to project force in the face of a new reality.
Author: Richard Stiennon
Source: There Will Be Cyberwar
Date: 7/2/2015
