Cyberwar against ISIS could bring into play tools and tactics that
corporate security pros face every day, only this time they will be used
as part of a larger objective than criminal profit.
The goals of the offensive are to disrupt communications within ISIS and between the group and potential recruits.
To meet those goals, U.S. Cyber Command could use such means as DDoS and man-in-the-middle attacks, banking Trojans and even ransomware-type attacks that irreversibly encrypt machines (but skip the ransom), experts say.
Cyber operations would support traditional military tactics and carry out missions traditional military forces cannot, they say.
Knocking out communications ahead of ground attacks is standard military protocol and it used to be done using air attacks against communication centers, says James Barnett, a retired U.S. admiral who heads the cybersecurity practice at Washington law firm Venable LLP.
“That’s just part of the preparation of the battlefield,” he says. Now it is possible to accomplish the same goal with cyberattacks against command and control centers, he says.
ISIS has assets with which it buys armaments and pays troops, and it tries to sell oil to raise cash. Using cyberattacks to disrupt money transfers can deny the group some of its military resources, he says.
Cyber weapons could be embedded in command and control networks to gather intelligence or take them down. “Are we that good yet?” he says. “I don’t know.”
ISIS also holds territory that includes cities and towns, so attacks could be made against the control systems that run water and power supplies, he says.
The goals of the offensive are to disrupt communications within ISIS and between the group and potential recruits.
To meet those goals, U.S. Cyber Command could use such means as DDoS and man-in-the-middle attacks, banking Trojans and even ransomware-type attacks that irreversibly encrypt machines (but skip the ransom), experts say.
Cyber operations would support traditional military tactics and carry out missions traditional military forces cannot, they say.
Knocking out communications ahead of ground attacks is standard military protocol and it used to be done using air attacks against communication centers, says James Barnett, a retired U.S. admiral who heads the cybersecurity practice at Washington law firm Venable LLP.
“That’s just part of the preparation of the battlefield,” he says. Now it is possible to accomplish the same goal with cyberattacks against command and control centers, he says.
ISIS has assets with which it buys armaments and pays troops, and it tries to sell oil to raise cash. Using cyberattacks to disrupt money transfers can deny the group some of its military resources, he says.
Cyber weapons could be embedded in command and control networks to gather intelligence or take them down. “Are we that good yet?” he says. “I don’t know.”
ISIS also holds territory that includes cities and towns, so attacks could be made against the control systems that run water and power supplies, he says.
Комментариев нет:
Отправить комментарий