After the Doklam and Ladhak standoff, it was apt that the Chinese army is more a paper tiger since the chinks in its armors were revealed. Several of China’s war capabilities are not enough to sustain a war that can last over a few weeks. Its aviation and air force is not at the level of war preparedness; its army is more paramilitary in nature that reports to the Communist Party and not the Govt., the retired soldiers are inadequately paid with resultant demoralization. Of course, it has a nexus of alliance where partners don’t trust each other (Russia has balked from giving its S400 technology to China. There are numerous examples of weaknesses. However, it is never a great idea to be complacent about adversaries’ weaknesses.
Cyber is definitely not the area where we see those weaknesses. Those are massive capabilities that have been built, and the multiple cuber attacks from the past are just an example of pf becoming battle hardy. It has a massive army of cyber warriors who are supported by the state (Govt.). It’s a huge complex multistory complex with several thousand workforces practicing daily warfare techniques.
Let’s turn towards North Korea. We all know how NK attacked Sony a few years back after Sony made a cartoon movie on its dictator, Kim Jong Un. There is no retribution, at least that I know about. Let’s visit Russia. If China and North Korea are so ahead in the cyberwar preparedness, Russia is a master. Their better side is commercial products such as Kaspersky. The stealth cyber technology is evident from the irregularly irregular attacks that they conduct at a frequency.
Recollect the recent killing of the nuclear scientist of Iran. A report from Guardian by Patrick Wintour states a “satellite-controlled smart system” was used remotely to identify and kill the nuclear scientist. He was killed using a gun that used AI and was Satellite operated. Not many may recollect the recent war in the Caucasus. Azerbaijan won the recent Nagorno Karabakh conflict after using Turkish made unmanned drones that destroyed Armenian fortifications. As Andrew North reports in Nikkie Asia Review, ‘Turkish-made combat drones have given the lowly-regarded Azeri military a potentially decisive edge, with Turkish arms manufacturers hoping for lots of new orders from around the world.’ Not sure if you recollect how Stuxnet was deployed to blow the centrifuges at the nuclear facility at Natanz, Iran. It that entire Nuclear facility was brought down by firmware grade malware that destroyed 984 centrifuges used at the nuclear facility.
Let’s visit the Kill Chain.
Lockheed Martin, a US-based company that is the manufacturer of the evolving F series of fighter planes, came up with the model of understanding Cyberattacks. It is a very well known model called The Kill Chain. According to the Kill Chain Model – Reconnaissance, weaponization, Delivery are the select few steps during a seven stage cyberattack. Cyber sleuths from private corporations follow this model to safeguard their assets. Understanding the Kill Chain provides robustness unseen in the industry.
What’s wrong with the Kill Chain?
Our Kill Chain model is not enough; we witness frequent attacks on industrial complexes and the State infrastructure. I am tempted to use the corollary to what Einstein said, to solve the problem, we need to see beyond how we created it. The solution is definitely not within the realms of technology, it is beyond that, but one thing is certain, if our understanding of Kill Chain is not safeguarding us and not deterring our adversaries, it is not enough. Otherwise, also, I would say, no one would fashion their best armor on display for the adversary to find gaps. Whether Kill Chain methodology is deployed or any other cyber warfare methodology, it is not enough.
Future wars are cyber wars, and we are not well prepared. Let’s understand that our Kill Chain model, based on threat driven approach, is not enough. Zero day attacks are a potential gap, that can be exploited. Not alone that, a well coordinated strategized attack and access to a system of least consequence, may pose a potential entry point and cascading of a full blown war.
US cyber-attack: US energy department confirms it was hit by Sunburst hack