This study, written in response to a grant provided by the Department of Homeland Security,assesses potential foreign computer threats to information technology networks in the UnitedStates. In focusing on overseas cyber threat capabilities, one of the thrusts of this study is todispel popular myths and anecdotal understanding about the nature and degree of the cyberthreat—taking into account public and private digital network vulnerabilities. Our goal is toexamine the open source evidence to develop a rigorous and dispassionate assessment of bothcyber “offense” by selected nation states and the likely impact of an attack through the wires onthe United States.
involves units organized along nation-state boundaries, in offensive and defensiveoperations, using computers to attack other computers or networks through electronic means.Hackers and other individuals trained in software programming and exploiting the intricacies of computer networks are the primary executors of these attacks. These individuals often operateunder the auspices and possibly the support of nation-state actors. In the future, if not alreadycommon practice, individual cyber warfare units will execute attacks against targets in acooperative and simultaneous manner.A key premise of the present report is that information processing—whether by equipment(computers) or by humans— is becoming a “center of gravity” in future warfare. Nation-states,including the United States, reconnoiter and probe to identify exploitable digital network weaknesses among potential adversaries. Our immediate goal is to both imagine and define howforeign cyber attack capabilities might threaten information networks in the United States andwhat potential effects they might have. The discussion focuses on relatively arcane, non-sensational concepts and terms such as packet-switched networks, grid topologies, bandwidth,reconnaissance, asymmetric doctrine, and convergence.The
Institute for Security Technology Studies
at Dartmouth College is concerned, in part, withsecuring computer systems against intrusion and building secure trust relationships amongnetworked computing devices. It is our hope that by making the findings in the present studyaccessible to the general reader, we will illuminate current issues, foster practical discussions,and stimulate appropriate policy solutions to the challenges identified.