​‘International cyber warfare is becoming more sophisticated’

U.S. President Barack Obama (C) delivers his State of the Union address to a joint session of Congress on Capitol Hill in Washington, January 20, 2015. (Reuters / Mandel Ngan)
Cyber warfare has developed into a more sophisticated type of combat between countries, where you can destroy communications infrastructure, said Marc Rogers, Head of Security for DefCon, adding that ordinary people become pawns in these games.

US President Barack Obama delivered his State of the Union Address this Tuesday in which one of the main issues discussed was US cyber-security policy. In June 2013, whistleblower Edward Snowden leaked several documents, according to which the US and its allies had been attempting to expand their influence in the digital world. In the wake of the leaks, Obama urged Congress to pass legislation to “meet the evolving threat of cyber-attacks.”

RT:Snowden's new leaks show that the US military is preparing for a new area of battle - Cyber warfare. Could you tells us in detail how it is planning to combat potential enemies?

Marc Rogers: I don’t think there is anything that new here. Cyber war is something that has been going on for some time. It just is becoming more sophisticated. Traditionally cyber war was essentially blocking the communications channels of other countries. So if you are preparing to invade someone you then flood their networks, flood their telephone systems, flood their data and cripple their ability to communicate.

Now we are talking about a much more sophisticated type of cyber war where you’re infiltrating other countries, you are looking for their spy operations, you are looking for their implants, their little tricks they’ve hidden, and you’re even trying to subvert them for your own ability, or you are trying to put things in place so that in the event of a conflict you can hijack all of their stuff, steal information and gain the upper hand in terms of intelligence and in terms of destroying their communications infrastructure.

RT:It is becoming more evident that the US is trying to expand its influence over cyber space. What implications could this have on regular internet users and the digital world?

MR: The biggest concerns are that ordinary people are likely to become points in these games. One of the most devastating cyber weapons at the moment in terms of flooding is the botnet. Botnets are millions of compromised ordinary PCs. So there is a very strong chance that your ordinary desktop PC could become unwillingly the tool of a nation state using it to attack it.

The other problem is that a lot of the tools that are being used to protect people, that security researchers and developers use to make sure companies are safe and use to make sure people are safe online, are going to stop being seen increasingly as either weapons or assets needed to build weapons. And they are going to be restricted. And if these things get restricted it means governments potentially become more secure, have access to more capabilities to be secure, but ordinary citizens lose that ability because people accessing these tools are now seeing it to be a threat.

RT:One of the US military’s main goals in conducting cyber warfare is to disrupt the enemy’s crucial infrastructure such as transportation or communications. How legal is targeting and disrupting civilian infrastructure?

MR: There has been a way for this kind of test to happen for a long time. We call them penetration tests. And in the commercial world we target companies and we attack them like we are legitimate attackers. Ultimately, only by walking in the shoes of an attacker you see how infrastructure stands up to it. There are ways to do it. When we conduct a penetration test, it is done within a very strict legal framework and it is done with a lot of caveats and restrictions because it’s easy for a test like this to get out of hand and cause immense damage. When you start to scale this up to the size of the country the mind kind of boggles a little bit as to how they can protect this and contain it. And I just do hope that they are looking to contain it because there are secondary effects that could be terrible. For example, if you take out all the communications infrastructure in an area what happens to emergency calls?

RT:What about other countries, other entities, do you think the revelations that America sees the internet as a new battlefield will push others to expand their cyber capabilities both offensive and defensive?

MR: A lot of countries have been stepping up for quite a while. In fact I would almost argue to say that the US and the UK are a little bit late to the game. Although, I have no vision of what they have been doing behind the scenes. It is just that this stuff is becoming public. I’ve seen a lot of this kind of preparations and certain tests like this happened over the last 10 years. And there are many countries participating in and many countries building up strong defenses and strong arsenals.

The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.