Cyberwarfare 101: The Internet Is Mightier Than the Sword

Written by Stratfor


May 5, 2008
Editor’s note: This is the first in a series of analyses on the emergence of cyberspace as battlespace. The series will be ongoing, with the initial pieces serving as a kind of primer on the Internet. Subsequent analyses will look at specific ways nations are dealing with the growing threat of cyberwar and its military, economic and geopolitical ramifications.

(Links to the series of articles is listed at the bottom and check out the daily podcasts)
To say that the Internet is growing in importance these days is an understatement. It is perhaps less obvious to most people that cyberspace is also becoming weaponized. In addition to being a revolutionary medium of communication, the Internet also offers a devastating means of waging war. Understanding the evolution of the Internet is key to understanding the future and effectiveness of cyberwarfare.


A Brief History
Although cyberspace has already established itself as a new medium for all manner of human interactions, its pervasive growth presents profound implications for geopolitical security. Nations, organizations and individuals alike are relying more and more on the Internet in unprecedented ways. This growing dependency entails vulnerability, which is one reason the Internet was created in the first place.

Older than many people might think, the Internet began in the 1950s as a group of primitive networks designed to share research data inside and among academic institutions (notably the RAND Corp.) and air surveillance data between military radar installations (notably the U.S. Semi-Automatic Ground Environment). The former use was based on the need for researchers across the country to access the few really powerful research computers operating at the time. The latter use was an outgrowth of the Soviet Union’s newfound intercontinental reach: the Tu-95 Bear strategic bomber, a large swept-wing four-engine turboprop that began operations in the mid 1950s with a combat radius in excess of 4,500 miles.


(click to view timeline)
The Soviets’ 1957 Sputnik launch spooked the Americans even more. Terrified that it had fallen behind Russia in science and technology, the United States scrambled to catch up. This effort involved, among other things, creation of the Pentagon’s Advanced Research Projects Agency (ARPA). Later “Defense” would be tacked on to the agency’s name to create DARPA (which still exists today). One of ARPA’s early creations was ARPAnet, one of the seminal precursors to the Internet. ARPAnet’s design would be informed by a government-funded RAND study that advocated for a distributed network architecture that could survive — at least in part — a nuclear attack. While progress in developing the network was initially slow, by the 1980s, improvements in programming, technology and infrastructure — combined with increasingly accessible connections and affordable personal computers — were quickly cascading into what would become the Internet as we know it today.

Along the way, the challenges evolved. Technical hurdles early on were all about making the connections work (developing protocols, perfecting packet-switching, etc). It was only in the 1990s that the World Wide Web architecture we know today really took off. While the rapid growth of the Internet (numbers of users, the power or processors, connection speeds) continues apace, the nature of its growth is becoming increasingly organic, as users explore what is possible within connections that already exist.

The Nature of the Internet
The Internet itself is a fairly neutral environment: It is defined, more than anything, by its individual users, who create virtual extensions of themselves, their ideologies and their societies. In many ways, creating human connections is what the Internet is all about. Social networking sites such as Facebook and MySpace allow Internet users to connect with disparate individuals and groups around the world. Connectivity outside of centralized Web sites is also growing rapidly; simply having a connection to the Internet potentially allows one person to interact with every other Internet user.

This has profound implications for both groups and individuals. The Internet can be a powerful facilitator of mass “grassroots” movements that can become forces to reckon with in everything from presidential elections to transnational radical Islamism. Just as the Internet allows Beijing to monitor and disseminate its views to users across China, those users — and expatriates abroad — can use the very same system to coordinate campaigns to undermine Beijing’s efforts. Indeed, the global Internet may be one of the greatest threats to the Communist central government. The accessibility of information on the Internet also allows a single user to learn from the conglomerated lessons of many. This can manifest itself in powerful new online research tools. It can just as easily be found on YouTube, a video hosting Web site where budding hackers can learn the tricks of the trade.

Ultimately, this sort of utility translates into a structural vulnerability that will only increase as the Internet further evolves. As it becomes ever more critical in everyday life, the Internet is likely to be exploited by groups and governments to achieve their strategic goals. This dynamic is the keystone of cyberwarfare.

Cyberwarfare is a broad category. For our purposes here, we are using the term to encompass significant geopolitical conflict in cyberspace usually involving at least one nation-state or its critical infrastructure. Cyberwarfare can be a principal avenue for attack in and of itself or it can be used in a supporting manner, to aid operations in other domains. Cyberwarfare has five noteworthy characteristics:

  • It provides an extremely dynamic and utterly new battlespace.
  • It makes range obsolete.
  • Its operations are typically decentralized and anonymous.
  • It places great importance on the offense.
  • It has low entry costs and can give great power to the individual user of the Internet.

Although the word “cyber” suggests “virtual,” or not existing in actual fact or form, cyberspace does have its physical aspects — e.g., computers, servers, fiber-optic cables, network switches and, most important, the connections that make the Internet global, like the immense undersea cable network that stretches around the world. While one of these cables may run from New Jersey to Cornwall, the transmission of data can take place almost instantaneously. U.S. military dominance of the globe rests in no small part on its unparalleled and unprecedented ability to sustain complex logistical links around the globe. In cyberwarfare, the only link the warrior needs to worry about is his or her connection to the global network. Some countries admittedly are far more connected than others. This makes their connections redundant and, generally, they enjoy broader bandwidth. But it also makes them more accessible to those with malicious intent.

Because cyberspace makes range obsolete, an attacker can muster resources from all over the world and bring them to bear in an instant, often with little that could serve as an early warning amid the clutter of day-to-day Internet traffic. The Pentagon alone defends against hundreds — sometimes thousands — of such attacks each day, several of which succeed at some level in penetrating the network. While this clearly demonstrates that a mature network security system can stand up to a great deal of punishment, it takes time to recognize and react to a coordinated and comprehensive attack. Such an attack may come from thousands of remotely controlled computers from around the world and be well under way before a coherent response can be mounted. And none of the computers directly involved in such an attack necessarily has to belong to the attacker. One of the early purposes of computer networking was to share computers as a resource. Malicious hackers have learned how to do much the same thing by infecting and hijacking other computers, unbeknownst to their owners, in order to harness and redirect their processing power.

As interconnected as the Internet is — and with broadband connections and powerful personal computers increasingly affordable — the greatest limitation to the use of the Internet in cyberwarfare may be individual experience and skill. As we continue our look at cyberwarfare, we will focus first not on the amalgamated resources of a national actor but on the innumerable discrete actors that populate cyberspace.
©Copyright 2008 Strategic Forecasting Inc. All rights reserved.

Related Special Topic Page (Members Only Access)
Cyberspace as Battlespace: Evolving Threats (podcast)
Cyberwarfare: A Glossary of Useful Terms
Cyberwarfare 101: Black Hats, White Hats, Crackers and Bots
Cyberwarfare 101: What Makes a Hacker Tick
Cyberwarfare 101: Case Study of a Textbook Attack
About Stratfor:
Stratfor delivers premier analysis and insightful intelligence on the events and issues that shape your world. Become part of a community that wants to understand what's really happening in the world, doesn't have time for fluff, partisanship, and noisy clutter.

Receive the latest intelligence written by: Dr. George Friedman – Geopolitics
Fred Burton & Scott Stewart - Terrorism & Security
Situational Awareness - What's happening that you need to know?
Analysis - What do today's events mean to you? Insight – no partisan agenda & no ideological bias Stratfor is the world's leading private sector source of geopolitical intelligence.
Sign up today.

You are now being logged in using your Facebook credentials