Cyberspace doesn't always favor the offensive, says Singer


The Defense Department's dedication to offensive cyberspace capabilities  anywhere from 2.5 to 4 times greater than defensive measures when measured by research dollars – rests on a false set of assumptions, said Peter Singer, a senior fellow at the Brookings Institution.

Pentagon officials often say that cyberspace favors offensive over defensive actions, or that the two spheres can't be separated; a representative statement came in February 2013 from Maj. Gen. Brett Williams, director of operations at Cyber Command, who told a Washington, D.C., audience that "catching arrows is not all that much fun. At some point, it's preferable to go kill the archer."

But the advent of cyber weapons isn't the first time that militaries have thought that a new capability can't be stopped.

"Every time in military history where someone has said that the military offense will be dominant, actually history had a great way of teaching them that it played out the opposite," Singer said during a Dec. 20 Brookings event. The era before World War I is a "really good example of this," Singer added. The event was to launch a book Singer co-authored about cyber war.

Notions about the cyber offensive come from a mental picture of teenagers "sipping Red Bull, wearing flip-flops in their parents' basement" capable of creating a real-life disaster of the magnitude of a weapon of mass destruction, Singer said, adding that he was quoting unnamed senior Pentagon officials.

A cyber weapon on the level of something like Stuxnet, which did actual physical damage to Iranian uranium enrichment centrifuges, is "quite difficult" to do, Singer said.

What's needed, he said, is greater emphasis on the concept of resilience in systems, since a purely defensive approach characterized by strong perimeter security won't work, either. Not even air gapping – isolating computers from the Internet or other networks – is a winning strategy, he noted. "The Iranians thought they had a wonderful gap keeping bad malware out of their nuclear research. Didn't work for them."

Resilience is "not only trying to keep the bad out, but monitoring what's happening on your own networks, including by your own people," he said.

Allan Friedman, Singer's co-author and a newly appointed visiting scholar at the George Washington University Cyber Security Policy Research Institute, noted that cyber offense requires many of the same systems in use by the United States. "We are using the same platforms, so often we are going to be faced with a decision – do we exploit the other guy, or do we work about defending ourselves," he said.

For more:
- go to the Brookings event webpage (archived webcast available)

Related Articles:
Gulf region emerges as a cyber conflict flashpoint
Cyber deterrence and reserves corps strategy become law
U.S. wrongly prioritizes cyber offensive, says Rid