Reflections on Infomation Warfare Conference 2012

Pierluigi Paganini November 13, 2012

Last week I attended the third Annual Information Warfare Conference, an interesting opportunity to understand the evolution of cyber warfare scenario specifically for my Italian context. One of the main reflection raised is the limited knowledge on the social-economic impact of the concept of cyber weapon, the majority of governments are currently working to improve their cyber capabilities and this is bringing to a fragmentation of the power.

Worldwide community is facing with the difficulty to maintain order and stability, within individual states and among the states themselves, and with the inefficiency of deterrence strategy.

The absence of a cyber regulatory is one of the main problems, cyber warfare concept has upset every geopolitical order, the concepts of time and space are outdated, the menace grows in what is considered the fifth domain and ports its devastating effects in real life.

The Italian institution are working to adopt a national cyber strategy that will be able to identify the cyber threats, related risks and to define guide lines to approach an effective defense.

The cyber weapons represent an integration to conventional military operations, the warfare level must be approached on the three levels, tactical, strategic and operative.

The ambassador Giampiero Massolo, Secretary General of the Italian Ministry of Foreign Affairs and General Director of the Department of Information Security from the Presidency of the Council, has reiterated the need to define a proper  “global defensive cyber strategy” promoting awareness campaigns on cyber security.

The presentation of the ambassador was very interesting, he explained how is changed the concept of war:

  • there are new actors in the geopolitical scenarios such as independent hackers, state sponsored hackers, cyber criminals and cyber terrorists that could influence the delicate balance.
  • the battlefield is changed, the conflicts are primary conduced in virtual and immaterial global network.
  • the concept of time is changed, the offence is instantaneous and unpredictable. Conflicts have asymmetric nature and the element of surprise is crucial. The concept of deterrence must be totally reviewed.
  • It’s possible to hit a target with the certainty of not being identified.
  • Deep uncertainty on the concept of enemy.
  • Lesser physical location of the threat, with a tenuous link between cause and effect.

 

In a similar context the “early warning logic” assumes a fundamental role, the activities of prevention and intelligence are critical to identify threats in time. No signal from internet and Deep Web to be overlooked, it’s fundamental in my opinion to analyze the networks, social network platforms and social media represent a privileged mine of information for an attackers and security agencies must be aware that they could expose them to further cyber attacks amplifying attack surface, it’s is happened with high official of Nato and it could happen again.

RADM Nicola De Felice, IT Navy Director of the Centre for Defence Innovation (CDI), introduced the concept of cyber weapon explaining the menace it brings to homeland security. The official alerts on the need of dedicated cyber structures, under the control of a unique governance, to acquire the national cyber situation and to prevent cyber attacks.

RADM De Felice raised also the question to develop alerting systems that have autonomous response capabilities, US DARPA department according the Washington Post journal has already developed the “unmanned response” capability.

Which will be the future application of these systems, will humans trust judgment of the machines?

In these optical is also fundamental consider the possible collateral damage of a cyber operation that are damage caused to entities that aren’t the target of the attacks.

Another argument that  that has been addressed on several occasions is also the need to involve knowledge of civil, to combat cyber threats must think like those who attack. The view is shared simultaneously by several governments, China, U.S. and UK have started programs to recruit and to form hackers to involve in cyber operations.

And what about Italy? Let me say that it is very s difficult  analyzing the current situation. The academic world that should forge new resources is really far from the demands on cyber security as confirmed by the expert  Shai Blitzblau, Group Managing Director at MAGLAN Defense & Intelligence.

Interesting also to analyze the changing needs of the leading manufacturers of systems for the defense, according Marco Donfrancesco, Head of Global Intelligence & Security for Selex, the producers of critical systems such as Selex wonder if their equipment are resistant to cyber attacks, and for this reason it is necessary to change completely the test methodology. Donfrancesco stresses that the cyber threat is evolving with disarming speed while the production cycles are increasingly compressed.

The test must be stressed from the outside as well as inside by selected specialists that cannot be limited to the execution of static test sessions.

Marco Donfrancesco with his presentation raise a couple of extremely thorny issues:

  • Importance of the role of the tester for these devices, the verification of robustness to cyber attacks of the equipment is considered critical, the human factor has always been the weakest link in the security chain, what could happen if the vulnerabilities identified by the testers were not reported for various reasons? The activity is critical for the capability of response of defense systems to sophisticated cyber attacks.
  • In a scenario characterized by the opening of code, of architectures and of data, often to armor critical systems are used customized solutions, dedicated and isolated networks with equipment designed for specific scope. Are we seeing a turnaround? Are proprietary solutions most suitable to design critical systems? What does the near future?

The entire discussion presented during the conference highlights how cyber warfare is influencing the defense strategies of every governments requesting a review of decisional processes.

A new concept of cyber diplomacy is growing, it is mandatory to work for a global collaboration inter states to prevents that cyber threats will create serious damages to a global economies. The cyber warfare scenario is rapidly evolving and governments must align their strategies.

Which are the main upcoming investors for the development of cyber capabilities and cyber weapons?

Croatia, Poland, Estonia, Netherland, Sweden, Spain, Japan and Malaysia. I hope to view also Italy in list during the next conference, we have the knowledge to make the difference.

Pierluigi Paganini

 



you might also like

leave a comment