Every episode of modern warfare was preceded by a period of gathering information. In fact, I’d hazard a guess that, information gathering has been a tool of foreign policy with or without the existence of a state of war for as long as man has existed.
Basically the better informed you are the better prepared. Paul Kennedy, in his book The Rise and Fall of Empires, gives plenty of examples of this. He also highlights the economic and geographic limitations in gathering information. Factors which the inter-connected global information economy has tilted in the favour of those with a need for collating information about friends, foes and the “not sure as yet’s”.
Most of these activities, during both peace time and war, are performed by intelligence services. Initially these services developed human networks for gathering information. When prudent, necessary or just economically motivated, they utilised third parties networks. Then at each stage of technological progress these networks leveraged these advances and developed new tools and techniques to compliment their activities. Ciphers, codes, drop points, bugging, wire taps, tampering with undersea telephone cables, physical theft & copying, etc, etc. The success of these information gathering exercises often hinged on ensuring that your efforts remained undiscovered. Stealth was the name of the game, and the success of defending against such efforts, amongst other things, was in ensuring the confidentiality of information and identifying the occurrence of such activities.
A DDOS attack is about as un-stealthy as un-stealthy can be. You can be sure that third parties utilising cyber attacks will deploy techniques designed to ensure an uninterrupted, undiscovered flow of valuable information. Some of this information will come through exploiting the age old vulnerability of people and others will utilise technology and the vulnerability inherently within it and between the inter-action of people with it.
Malware, viruses, worms, trojan applications designed to act like agents exploiting vulnerabilities in the infrastructure on which society is heavily reliant to store, access and distribute information, will compliment the older human networks and techniques. These new tools are designed to remain generally unknown and widely undetected throughout the whole of their life. Though some deliver payloads which have an immediate and clear impact. They are arguably cheaper to develop, easier to implement, less likely to make mistakes and therefore less likely to be discovered and difficult to trace back to any one person let alone state. Considering the difficulty that vendors have in staying abreast of the tidal wave of vulnerabilities, it is safe to argue that statistically there will be those that slip through the net. These will, in the wrong hands, provide opportunities to access and gather confidential information including a nation states or businesses incident response plans for managing a DDoS attack, amongst other things.
I’d argue that in cyberwarfare the point of DDoS is to make a clear an unequivocal point. Disruption. However the point of intelligence gathering seems to be to not to make a point.
So should the confidentiality of data be part of the EU’s planning when assessing our ability to manage a cyber attack? Can assurances , made to governments, politicians, business and citizens about our ability to manage a cyber attack, be improved by assessing and managing this threat ? And, if so, would the EU PR machine be as inclined to raise the public awareness about its efforts?
In Part 3 I’ll ask questions about sleeper cells and fifth columnists in the cyber domain. Disruption and espionage. Register on my blog to know when I’ll be updating my blog next.