(Re-published from Maxwell Perspective | Spring 2017) National rhetoric surrounding terrorism and countersecurity focuses on ISIS and on immigration policy. But Maxwell experts say the real, day-to-day threat is far more insidious: disruptive transnational cyber attacks.
“There couldn’t be a bigger assault on the United States than to try to undermine our democracy by changing who we select to be our leaders, whether it’s the presidency or a Congressional race,” says William C. Banks of Russian interference in the 2016 U.S. presidential election. Banks is a pro-fessor of public administration and international affairs with a distinguished professor appointment in SU’s College of Law. He is also the founding director of SU’s Institute for National Security and Counterterrorism (INSCT).
He says there’s no evidence hackers infiltrated the voting tabulation systems in any of the 50 states. But Russian-hired trolls may have been successful in swinging election results in key states — Wisconsin, Michigan, and Pennsylvania — with innumerable “fake news” hits on social media.
While Banks views such election interference as “a direct threat to everything we stand for,” he says there are many ways foreign governments and terror groups can inflict harm through cyber means. While the election has given foreign hacking a high profile, cyber attacks occur on a daily basis to both private and government entities.
“Hackers, cybercriminals, insurgents, and terrorists penetrate private sector and government net-works and steal personal information; trade secrets and other commercially valuable data; and infect sys-tems with malware that attempts to disrupt, degrade, and sometimes destroy the systems that host and transmit our most important information,” he says.
An internationally recognized authority on national security, counterterrorism, war powers, and re-lated topics, Banks has collaborated on security issues with organizations around the world, ranging from NATO to The Hague. He is the author of seminal books in the field, including Soldiers on the Home Front: The Domestic Role of the American Military (Harvard University Press), among many others. He is edi-tor-in-chief of the Journal of National Security Law & Policy.
“The attacker seeks to exploit system weaknesses their targets are not aware of.”—RENÉE DE NEVERS
Banks warns that nation/states and private actors who couldn’t match us in a conventional conflict could inflict tremendous cyber damage. He points to a major cyber attack by Russian hackers on Tallin, Estonia, in 2007, which impacted the Estonian parliament, banks, ministries, newspapers, and broadcasting. “Estonia is arguably the most wired country in the world, and its banking system was effectively shut down, severely impacting the country’s economy,” says Banks.
In the aftermath, NATO established the Cooperative Cyber Defence Centre of Excellence, in Tallin, a multinational and interdisciplinary hub of cyber defense expertise to study law governing cyber warfare, which partners with INSCT to hold joint workshops and conferences related to cyber warfare and defense.
According to David Van Slyke, dean of the Maxwell School and an expert on public-private partnerships, America is especially vulnerable. “Infrastructure in the United States — transportation, energy, water and sewer, logistics, and others — has shared ownership with public, private, and pub-lic-private configurations. One of the unique challenges with cyber-security threats is the need for information sharing, coordination, and vigilant monitoring among public and private organizations, each of which has some level of mistrust of what each is doing, sharing, and not doing.”
Van Slyke, who is also the Louis A. Bantle Chair in Business and Government Policy, says a proactive defense against cyberterrorism must depend upon “strong rules of engagement between public and private partners.”
“Despite ongoing improvements in cyber security, preventing cyber attacks is difficult because the attacker seeks to exploit system weaknesses their targets are not aware of, so the ‘defender’ is reacting to attacks, rather than being able to prevent them from happening,” says Renée de Nevers, asso-ciate professor of public administration and an expert on national and international security. She says the human factor makes it difficult to keep systems secure, because people slip up on cyber security measures, since these are sometimes perceived as nuisances.
De Nevers, who has served as a research fellow at the Belfer Center for Science and International Affairs, the Center for International Security and Cooperation, the Hoover Institution at Stanford University, and the International Institute for Strategic Studies, says that some cyber attacks appear to be phishing ef-forts seeking information while others are more destructive in intent, trying to override control systems or cause infrastructure breakdowns. “Both kinds of attacks are worrisome because phishing may give the at-tacker valuable information to use for other unknown purposes down the road,” she says.
Often the targets are unaware of attacks for weeks or even longer. And it can be hard to determine who is behind an attack, whether it was initiated by state actors or other groups or individuals, says de Nevers, co-author of Combating Terrorism: Strategies and Approaches (CQ Press), with Banks and former Maxwell dean Mitchel Wallerstein. “It appears that actors in several countries, including Russia, China, and Iran, engage in cyber attacks against other states frequently, as does North Korea,” she says.
While cyber warfare is typically thought of outside conventional forms of conflict, retired Vice Admiral Robert Murrett says our military experiences cyber attacks on a daily basis. “It’s just part of the landscape now, something that happens all the time relative to what we describe as ‘phase zero’ operations we’re engaged in around the world,” he says.
In 2009, U.S. Cyber Command was created under U.S. Strategic Command, to provide a centralized military command of cyberspace operations and defense of military networks. “I’d like to think we’re doing a better job of protecting against vulnerabilities,” Murrett says.
Murrett became deputy director of INSCT and a professor of practice in public administration and international affairs after a long and distinguished career at senior levels within the U.S. defense and intelligence fields, serving as director of Naval Intelligence and director of the National Geospatial-Intelligence Agency.
While routine cyber attacks are a significant threat, Murrett is focused on aggression from Russia and Iran and the activities of non-state actors working out of ungoverned areas (known as “black spots”), which can be used as a base for conducting operations against us or our allies. (See article at left.) He re-mains concerned about the proliferation of nuclear weapons. “The global inventory of nuclear weapons is well in excess of 15,000 and varies widely,” he says.
Aside from a deliberate attack are ongoing issues of maintenance and security in countries such as Russia and Pakistan, says Murrett, who is also a staff member at the RAND Corporation and the Institute for Defense Analyses. Regarding state actors, he says he’s most worried about North Korea, “which has a very small inventory, but is most worrisome on a weapon-per-weapon basis.”
And of course, while computer systems controlling our own nuclear arsenal are subject to near continuous cyber attack, Banks reminds that the United States is also in the game.
Cyberwarfare is a likely tool the United States would employ to prevent a nuclear strike. Potentially, he says, “you could shut down command and control and really influence the outcome of a kinetic war by using cyber weaponry.”