Pentagon recognises the value of hacking as a form of warfare
The Pentagon is planning to change its approach to the development of cyberweapons, according to a new report to US Congress obtained by the Washington Post. The division into “rapid” and “deliberate” development systems could give the US military the ability to request tailor-made malware that could be ready in a matter of days.
With the number of hack attacks aimed at US targets increasing, and military systems becoming more dependant on networks and connectivity, Congress requested the Pentagon prepare a report on how it could accelerate the acquisition of cyberweapons.
The result, which builds on the 2011 defence strategy for cyberspace, puts the Pentagon’s Cyber Command in charge of a registry for a new generation of weapons. This registry would catalogue the capabilities of known viruses and malware, and where they are stored.
The new framework sets up two systems for cyberweapon development: rapid and deliberate. The rapid process will take advantage of existing or nearly completed hardware and software developed by industry and government laboratories.
The process is designed for weapons that can cause more damage. It would be used for projects expected to take longer than nine months — still incredibly short compared with the time it takes to develop a missile system.
Both types of cyberweapons would then be used in offensive operations, or to protect individual computer systems against specific threats, said the report. These endeavours will be financed by the newly established Cyber Investment Management Board, chaired by senior Pentagon officials.
Herbert Lin, an expert on the subject at the National Academy of Sciences, told the Washington Post the Pentagon has recognised that “cyberweapons are fundamentally different” than conventional weapons.
“You can make a general-purpose fighter plane and it will function more or less the same in the Pacific as in the Atlantic,” Lin said. “The same is not true for going after a Russian cyber-target versus a Chinese target.”
Every computer system is unique, and the designers of military malware need to know the target operating system, what patches have been made, when security solutions were last updated and what switches it is connected to. “Even sophisticated cyberweapons can be rendered obsolete in weeks or months,” Lin concluded.
Earlier, US officials confirmed that the country is developing cyberweapons that can target enemy systems even when they are not connected to the Internet.
It is not just serious military organisations that need protection from cyberattacks. Just last month, the infamous hacker collective LulzSec had claimed it hacked a dating website for US military personnel, stealing passwords and emails from almost 171,000 accounts.
Could you develop cyberweapons for Pentagon? Try our quiz and find out!