7/25/2019 Generations of cyber weapons – SV EOTI

 

SV EOTI
Him, an adventurer, CISO, soldier, Marine, law of cer, author, professor, spy, yachty,
motorcyclist, photographer. Her, was the church lady librarian, got divorced, joined a motorcycle
gang, became a hacker, and world adventurer.

CYBER CONFLICT, INNOVATION AND CREATION

Generations of cyber weapons

by Samuel Liles • July 10, 2012 • 9 Comments

The discussion of the concept of cyber warfare weapons jumps between a few threads that make them
harder to understand than really is needed. One of the conceptual problems is that there are types or
generations of cyber weapons and they work upon different aspects of cyberspace. This is a minimally
difficult concept to master but it illuminates the vapid interest without depth that pundits and policy makers
take towards cyber. Much as the land domain has seen different generations of weapons, from bludgeons, to
muskets that then became machine guns and artillery we see the same in cyber. This is an expected
occurrence and only of note because we attempt to discuss the topic as if we’re agreed all weapons are
muskets.

There are three definitive layers to cyberspace that define it. Various authors have discussed them using
different terms but for the sake of brevity we’ll call the three layers the cognitive, logical and physical layers of
cyberspace. Some would immediately jump to the pseudo technical terms of logical and physical as being
the Internet but that is a false assumption. The internet specifically refers to the internet protocol and
addressing schema. There are many different protocols (logical) layers that also do long haul that are not part
of the wiring (physical) elements of the Internet. Everything from various radio communications to special
protocols that are used for telemetry on the telephone system would apply. By far the Internet is a big dog in
this domain, but it is but one of the dogs in the hunt.

The cognitive layer is a required layer and is acted upon and through the various aspects of cyberspace.
Social engineering attacks would not be possible if this layer did not exist. Dan Kuhel at the National Defense
University refers to connectivity, content, and context among many other elements of this cognitive layer.
Without the cognitive layer cyber is a mere technical problem. With cognition the cyber problem is much more
difficult to define and further to understand.

The three generations of cyber weapons are as follows:

selil.com/archives/3152/comment-page-1 1/9
7/25/2019 Generations of cyber weapons – SV EOTI

Generation 1: (Anti) radiation electronic warfare weapons that can blind, cripple, degrade or incapacitate
through traditional electronic warfare means. These are effectively command and control weapons. Lineman
pliers and a JDAM are equally 1st generation cyber weapons. The cutting of the telegraph lines by Native
Americans to disrupt soldier’s movements in the Indian Wars, and the blowing up of the Baghdad telephone
company in the Persian Gulf War are the same effective generational weaponized effects. The only barriers
to entry are based on level of effect desired. Traditional effects are degradation, disruption of communication
with very closely controlled deployment and targeting.

(click to make larger)

Generation 2: Software and hardware derived technical implementations that allow for vulnerabilities to be
exploited in the systems of systems or specific targets. These are characterized by their requirement that
somebody has an exploitable feature in systems design, configuration, or software implementations. This is
further characterized by heavy reliance on network infrastructures though they may not be the primary
mechanism of exploitation. There is varying levels of barrier to entry. Traditional characteristics are of
espionage and sabotage with varying level of sophistication and control of deployment.

(click to make larger)

Generation 3: Fusions of generation 1 & 2 weapons then become point and shoot weapons that can destroy,
degrade or disrupt the adversaries systems without requiring the vulnerabilities to be exploited. The
adversary is no longer required to make a mistake. These kinds of weapons simply destroy the command
and control, (communication and coordination) behaviors of cyber infrastructures. Emerging characteristics
are of selective targeting and speed of deployment.

(click to make larger)

selil.com/archives/3152/comment-page-1 2/9
7/25/2019 Generations of cyber weapons – SV EOTI

As a slight diversion from the main topic, I often get the query, how do you exploit somebody in cyberspace
without a network? That is a great question. The first part of this question is assumption that the network is
required, and a bias toward network centric operation. The second part of this question is the concept that
only exploits against vulnerabilities count as cyber conflict. All of which is due to a current bias in the conflict
realm towards effects that are kinetic and ignore the idea of the Boyd OODA loop. Where observe, orient,
decide and act are element of decision-making that allow a commander to evolve an engagement toward a
particular conclusion.

To answer the diversion we will consider the concept of big data. Big data is a buzzword that applies to large
data sets and the mechanisms of analysis of those large data sets. If you have a significantly large data set,
an avatar of an individual can be created, and inputs evaluated of behaviors of that person based on
particular stimuli. This is done in advertising extensively to increase sales. It can be done to identify trends
that the individual may not be even aware they are exhibiting. As such without ever reaching across the
network to exploit a vulnerability the information assets can be utilized to create a strategic consequence.

Why this is important is that generation one weapons primarily work against the availability of systems and
the inherent infrastructures that they operate upon. While generation two weapons tend to operate at the
logical layers against the protocols and applications that run on top of the network. Finally generation three
weapons appear to be destined to work against the entirety of the systems of systems infrastructures
inclusive of the human being.

In the rice-bowl politics of Washington DC there is an effusive desire to bend cyber towards exclusive
electromagnetic spectrum weapons. Within this construct we can see that those weapons would be
generation one weapons and included within the taxonomy. The querulous point made my these proponents
is that there is nothing in cyber that doesn’t use the electromagnetic spectrum so therefore that is the defining
characteristic. Unfortunately things like quantum computing, TCP/IP avian delivery mechanisms, and other
esoterica break their model. In the world of science I only need one example to refute the principle espoused,
and that is not merely academic. It is the founding principle of logic we use for creating the rules.

The discussion of what else besides electromagnetic spectrum might be involved is heavily biased by the
network centric nature of the principles and their inherent biases. Technologists have a tendency to ignore
the human entity in the network and in information technology professionals often refer to their users as
(L)users. This creates a seam upon which an adversary can apply force.

The focus on the generations of weapons isn’t about merely separating or binning them into artificial
constructs. It is an attempt to create an awareness that there is a larger depth and breadth to the conflict
spectrum across the cyber domain. The focus on things like the power grid inherently create angst against a
cyber attack but would the weapons of that attack look like? If the weapon is a generation one weapon it
likely will be a form of disruption and have an effect against availability. That though is only one form the
attack could take.

Focusing on one aspect of the weapons used in the cyber domain or one set of targets has a tendency to
create a false sense of fear ignoring the resiliency of the various networks, but it also ignores the inter-
connected nature of the various networks which is inherently fragile. Further that same bias of ignoring the
human component in both variations (resiliency and fragility) to the network gives a poor metric for risk
assessment.

selil.com/archives/3152/comment-page-1 3/9
7/25/2019 Generations of cyber weapons – SV EOTI

In the 2004 Report of the commission to assess the threat to the United States from Electromagnetic Pulse
(EMP) Attack Volume 1 on page 9 a very interesting graphic depicts in the interconnected nature of the maxi-
infrastructure of networks.

(click to make larger)

This ties the critical infrastructures and the various networks together in a tidy picture. What is missing is the
other networks. There are the familial networks of the humans involved, the cash and tender networks
outside of the financial trading networks, the actual highway and shipping networks of traffic lanes (never
mind traffic controls), and so many other networks. The human networks were part of what Enron exploited to
create rolling brown outs in the California region. The mechanisms of legislation and deregulation allowed for
a sideways attack that disrupted, degraded, and ultimately created political chaos.

That fusion of the various disruption techniques is part of what makes generation three cyber weapons more
powerful than generation one or two. Though a focus on the “point and shoot” aspect will create imagery of
some kind of “cyber rifle” instead think of a mechanism to instantly digest the components of a system and
know the critical fault lines. Perhaps we’ll simply start with generation 1 and 2 fusions to create generation 3
weapons. Simply put I don’t know. It does appear that a disconnect exists in the discussion of cyber
weaponry and how it might be employed against an adversary.

When thinking about the various networks it is possible to lose focus that any attack against a nation will
have a purpose and rarely will that purpose be to attack a network. There will be some strategic
consequence that inherently and adversary will be trying to accomplish. Even if that consequential effect may
be only to slow down a nation-state actors response. Currently we talk extensively about attacks to
confidentiality and integrity of information systems. Rarely are we talking about the inherent consequence of
those attacks. The metrics of discussion are the number of passwords lost, the number of accounts
disrupted, and the discussion does not focus on what that means. In summary we focus on the mechanism of
the attack rather than the effect of the attack. That then is conflated with the attack tool type rather than the
consequence.

Given a good taxonomy of the types of cyber weapons an effects based discussion could be possible. If you
use high energy radio frequency to disrupt or degrade the communications of an adversary you have an
understanding of the utility of the weapon. If a zero day exploit and an access to particular adversary systems
is used to create the same disruptions a cost for effect analysis is possible. This kind of operational risk
assessment relies on understanding the weapons types and their effects.

selil.com/archives/3152/comment-page-1 4/9
7/25/2019 Generations of cyber weapons – SV EOTI

← The cyber force matrix Turning out the lights on purpose →

9 comments for “Generations of cyber weapons”

Pingback: Cyber Offense, Defense, and Economics

Pingback: The reasons a “cyber attack” is NOT going to happen

Pingback: My Infosec Wish for 2013: A Balanced Cyberwarfare Debate

Pingback: My Infosec Wish for 2013: A Balanced Cyberwarfare Debate - SYS - Information security &
technology news

Pingback: System Shutdown: Does the Government Shutdown Help Us Understand Cyberwar?

Pingback: Do Cyborgs Dream of Electric PowerPoint?

Pingback: Cyber Offense, Defense, and Economics - CTOvision.com

Pingback: My Infosec Wish for 2013: A Balanced Cyberwarfare Debate - CTOvision.com

Pingback: Cyber Offense, Defense, and Economics - CTOvision.com

Leave a Reply
You must be logged in to post a comment.

selil.com/archives/3152/comment-page-1 5/9
7/25/2019 Generations of cyber weapons – SV EOTI

CYBER?

Cyber security and the technologies of securing the information enterprise of industry and government
require a trans-disciplinary while still STEM focused research agenda. The term “cyber” itself denotes
a human cognitive centric concept that deals with the disintermediation of technology centered within
human activity. The changing focus from system threat mitigation to enterprise risk management has
opened completely new areas of inquiry into security.

CATEGORIES

2013 Iron Butt Rally

2015 Iron Butt Rally
Academic Life
Automotive
Book/Article Reviews
Cruising
Cyber Conflict
Daily News
Digital Forensics Incident Response
Enterprise Risk Management
Family

selil.com/archives/3152/comment-page-1 6/9
7/25/2019 Generations of cyber weapons – SV EOTI

Food
Health
Information Assurance and Security
Innovation and Creation
Long Distance Riding
Motorcycling
Photography
Politics
Purdue
Rant
Refit
Sailing
Scholarship of teaching and learning
Technology
Threat Intelligence
Video
Wing World Magazine

POWER

Amateurs argue about crime and punishment. Experts argue about authorities and budgets.

selil.com/archives/3152/comment-page-1 7/9
7/25/2019 Generations of cyber weapons – SV EOTI

Search …

TECHNOLOGY

The study of the art and craft of doing work with tools.

META

Log in
Entries RSS
Comments RSS
WordPress.org

TECHNOLOGIST

A person who enhances the quality, efficiency, or capability of work through tools.

RECENT COMMENTS

Inflection point: Opportunities go whoosh – SV EOTI on February 1, 1986

Out with 2018 and in with 2019 – SV EOTI on Prognostications for 2018
Prognostications for 2018 – Selil and Sveoti on 2013 Prognostications

selil.com/archives/3152/comment-page-1 8/9
7/25/2019 Generations of cyber weapons – SV EOTI

Generation warfare a cohesive explanatory model – Selil on Gathering dimensions of conflict into a
unified model
Research Note: Security, privacy, insider threats, and espionage – Selil on Research note: A new
way to think about insider threats
Examples of pre-history (before 1980) high technology attacks – Selil on Review: Computer Capers
by Thomas Whiteside
A change to the cyber risk landscape | Black Swan Security on Attribution of cyber adversaries
Presentations, posts, categories – Selil on Considerations of defense in depth
Cyber Offense, Defense, and Economics - CTOvision.com on Generations of cyber weapons

Copyright © 2019 SV EOTI. All Rights Reserved.

The Magazine Basic Theme by bavotasan.com.

selil.com/archives/3152/comment-page-1 9/9