I recently came across a report by Signal Magazine on the Armed Forces Communications and Electronics Association (AFCEA) TechNet International 2011 conference that gave further attention to the reality of cyber space and crime.
As we saw with the National Security Strategy from 2010 and the recent government Cyber Security Strategy, cyber crime is now being taken seriously at that level. This article claimed that the advantages offered by cyber warfare (low cost, widespread applicability and ease of operation) mean "it is likely to be the weapon of choice for future aggressors menacing NATO and its allies".
The theme of the AFCEA conference was ‘Supporting NATO in the Next Decade' and was held in the German town of Heidelberg last October. Present were members of NATO, due to it being held in conjunction with the NATO Consultation, Command and Control Agency (NC3A) annual industry conference.
Major general Jaap Willemse, assistant chief of staff of Command, Control, Communications, Computers and Intelligence (ACOS C4I), claimed that "the ways of classical warfare cannot be applied to cyber war", yet most military and political leaders are still dealing with information technology as if it were just another minor technology that could be added easily to existing systems.
He said: “The first priority is an international definition of the term cyber war and what successful cyber defence - or even an adequate reply to a cyber attack - could look like.
“In classical engagements there has always been some code of conduct, but not in cyberspace. As military, we need to define what our role in cyber space is in order to take the right actions when NATO allies or our own countries are attacked.”
Also speaking was Lt. general Walter E. Gaskin, deputy chairman of the NATO Military Committee, who agreed that information superiority, and therefore information technology, will play a main part in future conflicts. “Cyber attacks are and will be a serious problem,” he said.
“The main problem with cyber attacks is that they are not costly to undertake. The hardware is inexpensive and can be purchased easily, although software needs some intelligent, skilled people. A cyber attack therefore is much less expensive than the classic types of warfare that consume a lot of money, starting with fuel for combat aircraft and ending with missiles used during attacks.
“NATO nations and organisations already are frequently facing attacks. We need to develop further capabilities on cyber defence and we need to enhance the cooperation between the NATO nations in the field of cyber security.”
The US government has made significant strides with its annual cyber awareness month, and the UK government's move was mostly welcomed too. However, with an international collective such as NATO, there is the real consideration of cyber warfare and defence against it.
As Willemse said, "the ways of classical warfare cannot be applied to cyber war", and governments, infrastructure and industry are all too aware of the extent to which the enemy is unknown and cannot be underestimated.
So will this NATO-led approval for cyber security make any impact? Since this is three months old now and only just came to my attention this week, it is sad to say that it probably will not. However, if 2011 was the year when high-level attacks became mainstream, perhaps 2012 will be the year when attention reaches the highest global awareness and defence is applied.
On a slightly lighter note, also discussed was the challenge of cloud computing. NC3A general manager Georges D'hollander compared the concept of moving data to the cloud to valet parking, as "it only works if you trust that the person can (a) drive and (b) won't steal your car". I have a feeling that we will see that analogy used again.