There is a strange resistance among many computer security pundits to believe that Russia has engaged in cyber-warfare on its neighbors. This is mostly due to a combination of left-over resentment of US actions in the cold war combined with not wanting to face the consequences of accepting the new reality. Also there is a bit of confusing absence of evidence with evidence of absence.
Apparently this belief system is not shared by the US DOD, according to this Aviation Week article:
It’s a part of a technology race that is already well underway. The Russian attack on Georgia last year showed weaknesses in some combat areas, but not in cyberwarfare, say U.S. analysts.
“The Russians conducted a cyberattack that was well coordinated with what Russian troops were doing on the ground,” says a longtime specialist in military information operations. “It was obvious that someone conducting the cyber[war] was talking to those controlling the ground forces. They knew where the [cyber]talent was [in Russia], how to use it, and how to coordinate it.
“That sophisticated planning at different levels of cyberwarfare surprised a lot of people in the Defense Dept.,” he says. “It looked like a seamless, combined operation that coordinated the use of a range of cyberweapons from the sophisticated to the high school kids that thought it was cool to deface official web sites. The techniques they used everybody knows about. The issue was how effective they were as part of a combined operation.”
In response the DOD is apparent working on a “cyber-warfare for dummies” approach that bundles several attacks into a user friendly console:
This particular network attack prototype has a display at the operator’s position that shows a schematic of the network of interest and identifies its nodes.
“You could be talking about thousands and thousands of nodes being involved in a single mission,” says a second network attack researcher. “Being able to visualize that without a tool is practically impossible.”
A touch-screen dashboard beneath the network schematic display looks like the sound mixing console at a recording studio. The left side lists cyberattack mission attributes such as speed, covertness, attribution and collateral damage. Next to each attribute is the image of a sliding lever on a long scale. These can be moved, for example, to increase the speed of attack or decrease collateral damage.
Each change to the scales produces a different list of software algorithm tools that the operator needs. “Right now, all that information is in the head of a few guys that do computer network operations and there is no training system,” says the first specialist.
Experts are combining digital tools that even an inexperienced operator can bring into play. In the unclassified arena there are algorithms dubbed Mad WiFi, Air Crack and Beach. For classified work, industry developers also have a toolbox of proprietary cyberexploitation algorithms.