One of the most disappointing things about Ghost Fleet was the dog that didn’t bark: the massive immeidate American cyber-counterattack against China. It’s one thing to write an exaggerated warning against a threat that you believe your country is neglecting. It’s quite another to ignore the loud and massive preparations for cyberwar that the United States has already made — and that those very authors have reported upon extensively. It was weird; weird enough to remove much of our ability to enjoy the book.
One thing that the authors get completely right is that much of any future cyberwar will be fought using malicious programs that are pre-positioned inside hardware. Trojaned electronics are a very real concern. It is entirely conceivable that in a future conflict, the Chinese government could do serious damage to the American civilian infrastructure. Moreover, with the advent of the “internet of things” such an attack — when combined with the more “traditional” operations described in our last post — such an attack would consist of a serious Weapon of Mass Annoyance, as toilets seized up and heating systems went haywire. To their credit, the authors evocatively show just such effects: a home front dealing with unfixable automated refrigerators.
Unfortunately, the authors jumped (a lot of sharks) far away from the great fictional war classics like Red Army or Arc Light or The War in 2020. They moved out of the realm of the plausible. Let’s start with the idea that the Chinese could install Trojan horses in most of our military systems. They couldn’t. There seems to be a fundamental misunderstanding on how some of this works. Adding a modification to a chip is a pretty profound process. It is highly likely to add glitches that would be easily detected. It would likely add significant time to delivery as well … and sudden additional delays for manufacturing a relatively generic chip would catch people’s attention.
Field-programmable gate arrays (FPGAs) are even less susceptible to Trojan horses. (Elsewhere, the authors of Ghost Fleet have pointed out in ominous tones that two-thirds of all the U.S. military’s field-programmable chips are made in China and Taiwan. We’ll ignore the fact that Taiwan is not in fact a part of China but an ally of the United States and pretend that all the key chips come from the People’s Republic.) FPGAs are not where you need to worry about Trojan horses because FPGAs are blank slates: the customers can put whatever programs they want on the chips. There is no way for the manufacturer to know what the customer (whether the U.S. Air Force or Intel) plans to put on the chips.
Remember, in order to subvert a program, a hacker must have an understanding of a program. But there is no way to know what program will be placed on a FPGA. Furthermore, many FPGAs allow for a program to be permanently loaded — written once, read many – such that any attempt at overwriting with a new subverted program would be impossible.*
Moreover, the United States has a trusted foundries program administered by the National Security Agency to make chips for the military. (Bizarrely, the authors have the trusted foundries play a key role in the successful U.S. counteroffensive.) Now, the trusted foundries do not make the United States invulnerable. But it does make a breakdown on the scale depicted in Ghost Fleet very hard to believe. The worst case scenario is an attack allowing for the crashing of the software through understanding the hardware — garnered through espionage.
Recovering from a cyberattack based on Trojaned electronics would “merely” require resetting the software. The scare quotes are because such a reset would be far from simple and would take a substantial amount of time. During a battle, such an attack could be catastrophic. We believed in the U.S. defeat during the initial offensive. (Save perhaps the actual invasion of Hawaii: more on that later.) But over the course of a war, the problem is entirely addressable, and the U.S. should have gotten a handle on the issue much faster than it did in the book.
But to be fair, while the scale of the attack may have been hard to believe, but it was not impossible to believe. Yes, the details were wrong, but the United States could in fact get punched in the nose as hard as it was in the opening battles of a future war.
What was impossible to believe was that the United States would not strike back, hard. The U.S. is already training offensive cyberteams. And this is the latest part of a long-standing program — viz the fact that the only documented cyberattacks in the history of the world have come from the Israel and the United States. Hooah, indeed.
As for Trojan Horses hidden in hardware, the Chinese have far more to fear than we do. They don’t know what they are manufacturing! It’s far more likely the U.S. is slipping in something into their chips than vice versa. Not because the U.S. is miraculous, but because we are doing the design. Chinese firms, for the chips made there, do the manufacture. It’s easier for us to verify that a design is what we think it is than it is for them to verify that a design does what they think it does.
Now, perhaps the United States isn’t installing Trojan horses in Chinese electronics. We’re perfectly willing to accept that as a premise. (Even if it’s improbable.) And we are willing to accept that the Chinese could inflict enough damage on American systems as to allow them to win a naval campaign in the Pacific. What we’re not willing to accept is that the United States would be unable to strike back against Chinese infrastructure.
A realistic counter strike would cripple the Chinese in a manner in parallel to the United States. Those same fridges taken out in the U.S. are likely to be taken down in China. The irony of the Chinese situation is with their modern infrastructure, they are likely to have far more of their critical infrastructure taken down in a cyberwar scenario. The analog systems of yesteryear are completely immune to the hacking of digital systems. Digital upgrades will be very uneven in the U.S. They will be almost ubiquitous in China. The Chinese could pummel the United States. The United States would equally pummel the Chinese in a cyberwar. The authors highlighted Los Angeles and the problems with fridges, a metropolitan area currently of 13 million people. What happens when Beijing’s 21 million can’t store food either?
A realistic scenario for cyberwarfare would be the race of the cripples: compromised systems on both sides will cripple each side’s military and homefront in unexpected ways. Both sides would go into battle with their equipment malfunctioning. Both sides would find some of their premier weapons unusable. No one has a monopoly on cyberwar. As of 2015, the U.S. has a significant lead, despite what the authors imply. It is certainly possible that the U.S. would lose that lead by 2024, but it is simply impossible that America would lose the ability to strike back.
The revelations about Stuxnet and the Equation Group have made it clear that the United States has adapted its Cold War approach to nuclear warfare to the new world of cyberwar. During the Cold War, it was theoretically possible to defend against nuclear weapons on a large scale. (Using nuclear tipped interceptors, for example.) But the costs — and there were many! — were deemed too large.
Instead, American war planners adopted an approach that worked surprisingly well: mutually assured destruction (MAD). If a power launches nuclear weapons against the U.S., then the U.S. will literally destroy them in response.
The U.S. could construct an economy invulnerable to cyberattack, but that would slow progress in development of computers and the internet to a crawl. Moreover, it would require civilian discipline unprecedented outside of the two World Wars: does your grandmother always update her computer? Or your uncle his phone? Your child her tablet? Or your husband his new smart thermostat?
Rather than attempt the impossible, the U.S. has applied MAD to cyberwarfare: China unleashes cybernetic hell on the U.S. and the U.S. will unleash it in turn on China.
Finally, there is no way that a cyberwar on this scale wouldn’t go global. The authors themselves have noted in other venues how Stuxnet spread to systems far outside Iran. The same would happen with Chinese and American cyberweapons unleashed in a Third World War. To some extent, that’s a minor point: why should the reader of a good WW3 yarn care whether municipal sewers and automated metros in Lyon are going haywire? They shouldn’t. But the rest of the world will be affected and they will be angry … and in a scenario where China strikes first, they will be angry at China. Maybe America’s NATO allies would refuse to invoke Article 5. (We’ll get to whether that is believable in a later post.) But there is no way on God’s green Earth that they would pretend as though nothing has happened.
In short: the scale of the effect of the initial cyberattack on the U.S. is believable, even if the depictions of how it was carried out make no sense. But it is improbable. And it is completely impossible that the U.S. wouldn’t strike back. We can believe a Chinese victory in the first phase of the war. But one of on the scale depicted was laughably silly and the lack of an American counterstrike was ludicrous fantasy.
And so, once again, our disbelief was desuspended. If you can’t believe the scenario is possible, then what’s the point? These guys know enough to have done much Much MUCH better.