Wednesday, October 28, 2009

Centralized vs de-centralized cyber campaigns

The previous post got me thinking about some of the key tenets of the Chinese approach: the cyber campaign must be centrally controlled, executed by organic forces and have a tightly focused target.

Obviously, this centralized approach provides good command and control opportunities. It also limits collateral damage and I guess, most important of all, eliminates possible interference from volunteer actions (such as someone taking control of one of the key entry points to the enemy network and shutting you out). Historical examples also seem to show that volunteers are more likely to engage visible targets (web sites etc) that have little or no tactical value.

On the other hand, NOT using the volunteers (the de-centralized approach) denies you the use of a potential resource. Odds are that if a country has a developed patriotic hacking community, they will take part in the conflict one way or the other, so you might as well try to guide them to be useful.

The second argument for using volunteers is psychological. It displays public support to your campaign, potentially reinforcing the mindset in other sectors of the society. It also brings in small but visible IW victories, as press covers the "citizen campaign" against the opposing side.

The third argument would be the Fog of War. The patriotic hacking community can provide the smoke screen necessary to execute the important strikes against key nodes. Remember, if the plan is to concentrate your attacks in time and (network) space, they will become immediately visible. However, if you have attacks of various severity levels happening all the time the enemy may not recognize the significance of the critical attack until it is too late.

The fourth argument is that patriotic hackers can "prep the battlefield" before the hostilities commence, provide retaliatory attacks after the hostilities, target third parties and civilian or commercial targets while the state can deny any involvement. This supposes that there is an established patriotic hacker community in place, so the world does not necessarily consider there to be a direct link to the specific conflict.

Finally, political attacks by civilians as part of a larger conflict have no clear regulation and few legal precedents. If the host country is not willing to cooperate with the criminal investigation (not likely in a time of war) the attackers will remain anonymous and protected, while the state still has "formal" deniability.

However, as I have noted before, there is a price for accepting patriotic hacking in a state. Most pressing are the long term rise in cyber crime and the potential that they act against the state. On the other hand, if the decision has been made or if there is already a well-established community in place, one should consider the possible uses of this force. Because whether you plan for (with) them or not, they will participate in the fight.

No comments:

Post a Comment