Cyber-attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber-attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber-attacks that can... more
Cyber-attacks are often called non-violent or non-kinetic attacks, but the simple truth is that there is a credible capability to use cyber-attacks to achieve kinetic effects. Kinetic Cyber refers to a class of cyber-attacks that can cause direct or indirect physical damage, injury or death solely though the exploitation of vulnerable information systems and processes. Kinetic cyber-attacks are a real and growing threat that is generally being ignored as unrealistic or alarmist. These types of attacks have been validated experimentally in the laboratory environment, they have been used operationally in the context of espionage and sabotage, and they have been used criminally in a number of attacks throughout the world. While these types of attacks have thus far been statistically insignificant, the rapid growth and integration of cyber physical systems into everything from automobiles to SCADA systems implies a significant kinetic cyber threat in the near future. It is imperative that the security community begin to take these types of threats seriously and address vulnerabilities associated with cyber physical systems and other devices that could be utilized to cause kinetic effects through cyber-attacks.
Political hackers and cyber militias have begun to play an increasingly significant role in cyber conflict. Non-state actors, hacktivist groups and patriotic hackers often participate in online hacking battles based on political,... more
Political hackers and cyber militias have begun to play an increasingly significant role in cyber conflict. Non-state actors, hacktivist groups and patriotic hackers often participate in online hacking battles based on political, ideological or patriotic considerations. These groups, however, lack the legal, moral and ethical constraints often imposed on state-controlled entities. This lack of constraint could lead to the escalation of state-on-state conflicts and may inadvertently drive hostilities toward what Clausewitz would deem as total war in the cyberspace domain. It is with this in mind that western-style democracies, which are often reticent to make use of cyber militias and patriotic hackers, should begin to explore acceptable models to legitimately harness and employ such groups for limited cyber operations. Such usage could introduce needed constraints on these groups and could also prove to be a significant force multiplier in a domain where government and military organizations often suffer from limited human resources. This paper will explore several models for incorporating patriotic hackers and civilian technicians into militia-like organizations and integrating these types of organizations into a state’s cyber operations.
