Cyberwar against ISIS could bring into play tools and tactics that corporate security pros face every day, only this time they will be used as part of a larger objective than criminal profit.
The goals of the offensive are to disrupt communications within ISIS and between the group and potential recruits, according to a story in the New York Times.
To meet those goals, U.S. Cyber Command could use such means as DDoS and man-in-the-middle attacks, banking Trojans and even ransomware-type attacks that irreversibly encrypt machines (but skip the ransom), experts say.
Cyber operations would support traditional military tactics and carry out missions traditional military forces cannot, they say.
Knocking out communications ahead of ground attacks is standard military protocol and it used to be done using air attacks against communication centers, says James Barnett, a retired U.S. admiral who heads the cybersecurity practice at Washington law firm Venable LLP.
“That’s just part of the preparation of the battlefield,” he says. Now it is possible to accomplish the same goal with cyberattacks against command and control centers, he says.
ISIS has assets with which it buys armaments and pays troops, and it tries to sell oil to raise cash. Using cyberattacks to disrupt money transfers can deny the group some of its military resources, he says.
Cyber weapons could be embedded in command and control networks to gather intelligence or take them down. “Are we that good yet?” he says. “I don’t know.”
ISIS also holds territory that includes cities and towns, so attacks could be made against the control systems that run water and power supplies, he says.
The point of employing any kind of military weapon – physical or virtual – is to have an impact against the enemy, says Oren Falkowitz, a former NSA analyst who worked in Cyber Command, so cyber tactics will be carefully considered.
Attacks could conceivably include malware that infects machines and encrypts them, rendering them useless. But the effect of that wouldn’t be severe enough, he says. “The U.S. government isn’t in the business of just ruining people’s machines,” he says.
Rather cyber warfare would be executed in concert with other offensive operations on land, the sea and by air, he says, helping to achieve an overall victory. Done in isolation DoS attacks and corrupting individual machines are “ankle-biting tactics” that are merely annoying, but could be part of a larger scheme.
In any war, all weapons have to be brought to bear, but need to be matched to specific objectives, he says. For instance, cyber methods are already used by intelligence organizations to gather information, and the military could as well, but likely for different purposes such as to determining where to direct physical attacks. The objective is to gather enough intelligence to have an impact on the enemy, not just to own a vast amount of data about the enemy, he says.
Sign up for Computerworld eNewsletters.