Page 42 - Cyber Warnings
P. 42
Except, it is about transistors being destroyed and possibly nuclear launches. From a video of
Drake: only “Thinthread” had value (automated analysis of metadata terabytes) but there is little
in Drake’s Constitutional concerns that are relevant here. And from videos of Snowden: nothing
relevant to the subject here (surveillance was his issue) though one may want to look at the
estimated 56,000 files taken.
The value of listening to the above three men came down to one confirmation: automatic
analysis is relied upon. And It did lead to one awful question: “Can we be on the losing end of
a cyberwar if we fail to have “secret surveillance” as a critical element of a metadata
basis for automatic analysis?”
We have created a structure that has to be altered but we can’t do that because of multi-core
speeds. And I am not suggesting the unilateral disarmament of cyber capabilities of the NSA.
China, Russia, Iran and some 15 other countries must sit across the table facing a symbolic PC,
the adversary. It is the structure (not the United States or her adversaries) of cyberwar that it is
so sophisticated, so fast---the very line of the consultant in “Fail Safe”---that has to be removed
because it has removed human involvement.
Given the difficulty of attribution (who exactly has hit us?), the impossibility of human control
(millisecond battles), the initial attack destroying transistors (forget the lesser BOTS and utilities
going down which will happen but tragically is secondary), the inexperience with the
programming context (even Stuxnet failed) what appears to be the conclusions? Probable first-
strike. The risk of accidental war. And that latter concern increases due to the number of actors
(about 20). What if only TWO of the actors has “poor” programming? Will it trigger the warfare?
What if just ONE of the actor’s computers can not distinguish between a wayward algorithm and
an algorithm initiating war? And a “black box” will decide the millisecond that cyber offensive
weapons launch. Is there an adequate cyber defense if you are in a position of counter-striking?
It is not even the orchestration of the cyberwar (What offensive weapons shall we launch? What
sites? In how many waves of attacks? From what assets? And what and where shall we
defend?) that is the most troubling element. It is the algorithms that DECIDE on first-strike. A
mistake there is too fast for us to both risk and to correct. The issues raised here are not the
final answers but only the basis for the right questions to ask.
About the Author
Geoffrey Nicoletti is an independent research analyst. He is a former
member of both the IEEE and NCMF; he is active with the ICTTF and is a
member of the IACR. His work on the Y2K problem brought recognition
from Sen. Robert Bennett of Utah; he produced a paper for Booz Allen
Hamilton days before Mr. Snowden left the United States. Geoffrey can be
reached at [email protected]
42 Cyber Warnings E-Magazine January 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
