ANN ARBOR – Over the next few weeks, MITechNews.Com will be publishing excerpts from cybersecurity expert Richard Stiennon’s latest book, called There Will Be Cyberwar. The book makes the case that the US military rushed to “network everything” and, like most organizations, neglected to secure its most critical systems. CHAPTERTWO Cautionary Tale.
The foregoing fictional scenario (as outlined in Chapter One) is meant purely as an exercise in predicting the worst case outcome of a situation that has evolved over the past two decades. The US military, and indeed most advanced military organizations, have moved to a network-centric war fighting stance with little or no thought, until very recently,1 to the incumbent vulnerabilities that entails.
In 2011 Leon Panetta, then US Secretary of Defense, joined the chorus of those newly awakened to the reality of the threat of cyberattack against critical infrastructure when he warned of an impending “cyber Pearl Harbor.” But Panetta got his metaphor wrong. An attack against critical infrastructure of the type he and many Cassandras rail on about, one that shuts down the power and communication grids, would be more akin to a terrorist attack than a military surprise attack. The metaphor Panetta should have used was a “cyber 9/11.” A “cyber Pearl Harbor,” if the metaphor were to be correctly applied, would entail a military defeat via cyber means, which the previous chapter attempted to dramatize. In other words, an adversary’s use of computer network attack (CNA) and exploitation (CNE) to gain a tactical advantage that leads to a lost battle, a change in military standing, or even a shift in the geopolitical balance, would be most comparable to the destruction of the Pacific Fleet at Pearl Harbor, on December 7, 1941.
This book takes us on a journey from the development of the Internet, to the exciting days of the new information age, and then to the discovery of the power of networking by the US military. The history of the development of attacks against vulnerabilities in the commercial world has a parallel in the domain of governments, militaries, and war fighting; a parallel that allows us to project into the future. That future vision includes a humiliating military defeat at the hands of a more capable digital adversary. One such scenario, played out in the introduction, was chosen for a particular reason.
The 1995-96 Taiwan Straits Crisis
The history of China and Taiwan is short and consistent. When Mao Zedong finally won the Communist revolution against the Chinese Nationalists in 1949, Chiang Kai-Shek fled with his forces to the adjacent island of Formosa and established a new country, Taiwan. Since then China’s stated goal has been to reunify the two countries. Whether it will be a peaceful reunification (like that of Hong Kong in 1999) or a violent reunification, contributes to the long lasting tension between the two countries. During the Korean War there were multiple armed invasions of Taiwan from China.
In 1991 Taiwanese President Lee Teng-hui angered China with his statements about reunification, leaning away from the One China rhetoric that both countries generally stuck to. Then in 1994 Lee was traveling from South America when his flight was diverted to Honolulu to refuel. The Clinton Administration, cognizant of the delicate situation, bowed to Chinese pressure and refused to grant Lee a visa, forcing him to stay overnight in the plane. Tensions began to rise in 1995 when Lee was invited to speak at his Alma Mater, Cornell University. Congress passed a resolution requiring the State Department to grant him a visa. This was during the lead up to the first fully democratic presidential elections in Taiwan and China took a dim view of the situation. Lee spoke at Cornell in June 1995.
China announced missile tests in a region near Taiwan and began maneuvers on the mainland across the Straits from Taiwan in Fujian Provence. They carried out a series of missile launches into the sea to the North of Taiwan in July. The Clinton Administration took steps to demonstrate that the United States was willing to intercede if China threatened an invasion. In March of 1996 two aircraft carrier battle groups were deployed to the vicinity.
This is where Admiral Archie Clemins comes into the story. Clemins was the Vice Admiral of the US Navy’s 7th Fleet. Only two years before, upon achieving flag rank, he had been assigned to the training division of the US Pacific Fleet under Admiral Frank Kelso. He was also dual-hatted as head of N6, the information technology arm of the Pacific Fleet.
As an “IT guy,” Clemins began to carry a laptop with him, an unusual sight in the 1993 Navy. It was an Apple PowerBook, probably a 160 with 4 MB of memory and a 40 MB hard drive. It was one of the earliest flip top portable computers and had a grayscale LCD screen. It weighed 6.8 pounds.
His Powerbook was his constant companion, even on trips to the Pentagon. He found that people, specifically Admiral Robert J. Kelly, Commander of the Pacific Fleet based in Hawaii, were asking him for copies of the notes he took on his portable. He was living the Information Revolution of the time. “That started the use of computers, we, at Training Group Pacific, led everybody, with desktop computers.”
Shortly after taking on the Pacific Fleet role based in San Diego, Admiral Clemins got a call from the Navy’s Assignment Officer who asked how he liked the weather in San Diego and if he would like to transfer to the Pentagon? The previous week Admiral Keslo, head of Naval Operations, had announced a major reorganization of the Navy and Clemins had been chosen to lead the effort.
As Clemins pulled together a small team within the Pentagon he made sure that they used technology to its best advantage. Clemins credits this use of computers for the success his team had in accomplishing the Navy reorganization in 12 months instead of the 18 months originally slated for it.
Clemins was then appointed Deputy Commander of the Atlantic Fleet at Norfolk to accomplish the same reorganization. “The more I did this the more I came to believe this [computer technology] was the way we were going.”
From Norfolk, Clemins was promoted to commander of the 7th Fleet where he had served as chief of staff years before. He was determined to bring the fleet into the Information Age: “You have to remember the ships of the time, ’93-94 are still moving information at teletype speed.” That meant at most 80 messages a day of 40 lines each. All messages would go directly to the Commanding Officer (CO) who would route them to the appropriate department or personnel.
Clemins’ first task was to assemble a team. He drew from surface, air, and submarine commanders. This was 1995, the year Windows 95 came out, the first commercial operating system with embedded TCP/IP networking capability. Mark Lenci, the submarine captain that Clemins tasked with retrofitting the 7th Fleet, had little experience with networking. His only qualification: he had an AOL account. But no one in the command ranks was an expert and Clemins chose a team that could learn quickly and get things done. When Lanci reported to duty aboard Clemin’s command ship, the USS Blue Ridge, he recalls Clemins saying “let’s go take a walk.” On the flight deck he explained his vision of NCW.
“I don’t know what a WAN (wide area network) is but I know we need one. Get the smart guys together here in the Pacific. We are going to do it.” And they were going to do it with commercial off the shelf products (COTS).
Conclusion of Chapter Two Next week
Excerpted from There Will Be Cyberwar: How the Move to Network-Centric War Fighting Has Set the Stage for Cyberwar by Richard Stiennon.Purchase it today from Amazon in print ($14.90) or Kindle ($9.99) formats. http://www.amazon.com/There-Will-Be-Cyberwar-Network-Centric/dp/0985460784/
Author: Richard Stiennon
Source: There Will Be Cyberwar
Date: 7/10/2015
