While once considered unconventional, cyber attacks and biological warfare have become an increasing threat to security and a tactic of rising concern. Spanning the areas of computer science, technology and government, technological warfare elucidates the importance of functioning computer networks, screening technologies and the danger that such an attack could pose.
On Oct. 15, Herbert Lin, chief scientist at the Computer Science and Telecommunications Board, National Research Council of the National Academies, presented his work as part of the Peace Studies Program seminar series, housed in the Mario Einaudi Center for International Studies. He was quick to make the distinction between a cyber attack and cyber exploitation, a legal and operational distinction. A cyber attack is “an action to destroy, degrade and disrupt an adversary through information technology.” Both remote and close-access attacks can harm technology through a virus or by launching a cyber attack via Wi-Fi or compromising a supply chain through a sensitive computer. Cyber exploitation is the means by which an adversary can quietly obtain information through eavesdropping “into the ether” or installing a Trojan horse to exfiltrate data.
Such techniques under the purview of offensive cyber exploration. Lin focused on cyber attacks within the domestic sphere and how to use U.S. policy to promote cyber deterrence and prevent cyber conflict. Cyber attacks indirectly affect attacked computers, through cascading effects. Collateral damage is difficult to anticipate, and even assessing the damage can be complicated.
Cyber attacks are complex to plan and execute, as well as easy to deny. Moreover, while the analysis of cyber attacks requires specialized knowledge, some cyber attack weapons are relatively inexpensive while others, like sending a virus, only require basic knowledge.
Lin discussed the potential applications of international cyber attacks, including the suppression of adversary air defenses, influencing foreign elections, altering the electronic medical records of military leaders, disrupting plans for military deployment and disrupting foreign infrastructure for censorship. Cyber attacks are used covertly, in part because they are difficult to operate. The U.S. may know that they have been attacked without knowing who it was that attacked them.
In 2006, the Department of Defense came out with an unclassified national military strategy for cyberspace operations that discussed threats and vulnerabilities, strategic considerations and a military framework for action. “Cyber deterrence should not be conceptualized as being separate from other spheres of conflict,” Lin said.
According to Lin, international cyber crime does not get the attention it deserves, and the U.S. is relatively dependent on information technology. Restrictions on cyber attacks would disproportionately benefit the U.S. since they have more to lose, yet these restrictions will not stop other nations from developing cyber attack capabilities. Restrictions on cyber attacks may prevent strikes on power grids just as international charters do not allow “kinetic attacks on hospitals” or the “use of lasers to blind soldiers.” In the world of cyber attacks, complicating factors include non-state actors, the widespread diffusion of relevant technology and private sector ownership.
Prof. Kathleen Vogel, science and technology studies and faculty member of the Peace Studies Program, gave a lecture on Nov. 9 on the issue of biothreats and policy logistics. According to Vogel, the critical questions that frame the understanding of biological weapons include what biological weapons threaten the U.S.; how the threats have changed after the Cold War, September 11 and the development of biotechnology; and how to better assess such threats for biodefense policy. Throughout history and across the world there have been analytical failures in detecting and assessing the scope of bioweapons programs, be they in the Soviet Union, Iraq, Japan, Afghanistan or the United States. “There’s this growing, elusive, more technologically advanced set of bioweapons threats due to the increasing pace and infusion of biotechnology,” Vogel said.
Vogel approaches U.S. bioweapons assessments as the result of a “sociotechnical assemblage” made up of narratives and accounts. The early 1990s brought about geopolitical changes with the collapse of the Soviet Union. Rogue states, such as Iraq, arose, creating concern in the U.S. over the difficulty of detecting covert weapons programs.
The 1995 Tokyo subway attack raised concerns in the U.S. because it demonstrated the capacity of a non-state actor to perform a chemical activity on a large scale.
The 2001 anthrax attacks underscored the need for more information, especially as weapons technology becomes increasingly accessible. Until U.S. military forces found an Al Qaeda makeshift lab in Afghanistan, the U.S. was unsure who had performed the attack. “We didn’t know that Al Qaeda was trying to do this in Afghanistan and this, once again, indicated that the US intelligence committee has underestimated another bioweapons threat,” Vogel said.
Scientific literature on pathogen research raises concerns about the accessibility of scientific knowledge to dangerous sources. Both speakers emphasized the growing threat of non-state actors and how difficult enacting preventative measures and policy becomes because of the stealth-like nature of the attacks.
New technical analytic units have arisen because of this increasing concern, such as directorates in the CIA and the Weapons, Intelligence, Nonproliferation and Arms Control Center in 2001. Even earlier, the Nonproliferation Center was founded in 1992, creating new science advisory groups to increase biological expertise at the same time that the U.S. Defense Intelligence Agency increased their focus on biochemistry. In the early 2000s, there was increased support for “science-based” threat assessments in intelligence in the policy arena. The focus was on biological and genetically-engineered agents, and technical assessments were separated from the notion of an adversarial attack.