Hidden Warfare 1. Cyber

https://www.opendemocracy.net/digitaliberties/richard-norton-taylor/hidden-warfare-1-cyber

RICHARD NORTON-TAYLOR, 4 November 2016

The UK agency would like to be known as on the front line defending UK interests from cyber attacks, rather than as an eavesdropping agency collecting data on individuals en masse.

Defenceimagery.MOD.wikicommons/Harland Quarrington.Some rights reserved.Hidden warfare, or ‘remote warfare’ as it is often called, is now the driving force behind both armed and unarmed conflict. Cyber attacks, drones, and special forces are front line weapons – in the air, in space, under and on the ground. Their role will increase. Yet in Britain, they have been protected from democratic accountability by official secrecy, sophistry, or sheer pusillanimity.

Britain will not go to war again, ministers assured us after the invasion of Iraq and the tragically hopeless counter-insurgency operations in Afghanistan, without first consulting Parliament. Yet it has become abundantly clear that this assurance does not cover the new tools of power and conflict.

Let us start with cyber, where GCHQ, hitherto the most secretive of government agencies, have now persuaded ministers that openness is actually a good thing. I will return soon to drones and special forces, both of which, in contrast to the belated debate about how to combat attacks in cyberspace, still remain firmly hidden under the cover of official secrecy.

‘Information wars’

Whitehall, renowned for its collective ignorance of IT, has been extremely slow to recognise the growing threat of cyber attacks and ‘information wars’ attacking worldwide computer networks.

Iain Lobban, former director of GCHQ, the government's eavesdropping and encrypting agency, used his first public speech in October 2010 to call for an aggressive approach to cyber attacks. He warned of the dangers of adopting the sort of defensive strategy symbolised by France's Maginot line, which was supposed to repel the Germans and failed.

In marked contrast to their counterparts in the US and Australia, Ministers in Britain casually prepared to put commercial interests above national security when they gave the Chinese telecommunications company, Huawei, a free hand, as the parliamentary Intelligence and Security Committee made clear ina stinging report in June 2013.

Over two years ago, I asked a very senior Ministry of Defence official what worried him most. A nuclear arms race? Terrorism? ‘Cyber’, he replied, without the need for a moment’s thought.‘From a technical perspective, the case for Russian state responsibility is hard to prove beyond reasonable doubt.’ 

In cyberspace, war and peace are in a permanent state of competition, General Sir Gordon Messenger, vice chief of the defence staff, suggested, opening a largely unreported conference on ‘cyberspace and the transformation of twenty-first century warfare’ run by the Royal United Services Institute (RUSI) think tank in October. Shortly after, on 1 November, the Chancellor, Philip Hammond, said Britain must hit back at hostile states in cyberspace and be capable of mounting sophisticated cyber-attacks of its own in place of military strikes.

Air Marshal Osborn, Chief of Defence Intelligence, told the RUSI conference that cyber attacks would ‘transform modern warfare’. Messenger recognised that there are huge legal questions unique to cyber attacks, because it is not easy to identify an aggressor. How do you confront the question of deniability? Paul Chichester, director of operations at Britain’s new National Cyber Security Centre who worked at GCHQ for 25 years also addressed the conference. He pointed out that historically there has been pretty good certainty about who was harming us and who wanted to. But here a victim is confronted with the ‘question of attribution’. People wanted to know, who did it? It is a very difficult question to answer, carrying potentially serious dangers of miscalculation and escalation.

Former MI6 director, Nigel Inkster, now at the London-based International Institute for Strategic Studies (IISS) observed recently in that think tank’s journal, Survival, that in the cyber domain it was relatively easy to engage in ‘spoofing’ – assuming a false identity. Malware is widely available on the black market and language settings on a computer are simple to change. Commenting on the attacks on the US Democratic National Committee’s computer network, Inkster warned: ‘from a technical perspective, the case for Russian state responsibility is hard to prove beyond reasonable doubt’.

Here in Britain, the Foreign Office in particular has been reluctant to apportion blame, even though it has been the victim of attacks by China, for fear of upsetting diplomatic relations. MI5 warnings that Chinese state agencies as well as Russian ones have been at the forefront of cyber attacks on UK targets, have not stopped Chinese investment in the planned new nuclear power station at Hinkley Point.

Launching the government’s £1.9bn national cybersecurity strategy on 1 November, Hammond said the UK had to develop ‘fully functioning cyber-attack capability’. He went on: ‘If we do not have the ability to respond in cyberspace to an attack that takes down our power networks, leaving us in darkness, or our air traffic control, leaving us in darkness, we would be left with the impossible choice of turning the other cheek and ignoring the devastating consequences or resorting to a military response.’The world’s next great conflict was likely to at least begin in cyberspace, before guns were loaded, the chancellor added.The world’s next great conflict was likely to at least begin in cyberspace, before guns were loaded, the chancellor added. ‘There is no doubt in my mind’, he said, ‘that the precursor to any future state-on-state conflict will be a campaign of escalating cyber-attacks, to break down our defences and test our resolve before the first shot is fired.’

For good measure, Cabinet Office minister Ben Gummer observed that cyber warfare was ‘no longer the stuff of spy thrillers and action movies’. Britain’s adversaries, he said, were varied and included ‘organised criminal groups, “hacktivists”, untrained teenagers and foreign states.’

A new spirit of openness?

For GCHQ, the most dangerous hacking groups are what are known as ‘advanced persistent threats’ or APTs. They are both state-backed and criminal organisations that carry out sophisticated, targeted, hacks.

Britain needed to be ‘open and transparent’, Chichester told the RUSI conference. It was a telling intervention reflecting a radical change in GCHQ culture. But in forthcoming ‘cyber wars’ and ‘information wars’, GCHQ has at last convinced ministers that transparency and openness, in this context at least, is vital since it needs the support of the private sector – companies are attacked more than government sites – and the public.

And, as GCHQ has made clear, not least in its recruitment advertisements, it needs skilled personnel. The Cheltenham-based agency of course would like to be known more as being on the front line defending UK interests from cyber attacks rather than as an eavesdropping agency collecting data on individuals en masse. It is now awarding apprenticeships to attract talented youngsters before they have gone to university.

The challenge now is to extend this new spirit of openness to the use of drones and special forces which, after all, are engaged in violent conflict much more directly than cyber attackers.