Cybersecurity & Tech

Developing "Loud" Cyber Weapons

Herb Lin
Thursday, September 1, 2016, 2:00 AM

From a recent story on fedscoop:

Published by The Lawfare Institute
in Cooperation With

From a recent story on fedscoop:

The U.S. military's top cyber warfare unit is working to develop weapons distinctly different from those used by the intelligence community. . . . [Cyber Command] is looking for tools that can be definitively traced back to the United States military, diverging from the ultra-stealth exploits often used at bureaus like the National Security Agency. . . . “In the intelligence community you never want to be caught, you want be low and slow, you never really want to be attributed. There’s a different paradigm from where you are at in the intelligence community," said [the leader of] the Department of Defense’s capability and tool development project within Cyber Command. "But there’s another space over here, where maybe you definitely want to be louder, where attribution is important to you and you actually want the adversary to know.” . . . .The development of “loud” offensive cyber tools, able to possibly deter future intrusions, represent a “different paradigm shift” from what the agency has used to in the past.

Taking this requirement at face value raises a number of interesting issues:

Give Lawfare
a birthday gift!


  1. If the tool itself has to carry attribution markers identifying the United States as the perpetrator, how will we prevent Elbonia from scanning for those attribution markers and blocking artifacts with such markers from acting?
  2. How do we prevent Zendia (a third party) from usurping U.S. attribution markers and using them in its own cyber weapons, thereby falsely implicating the United States for such use?
  3. One can imagine technical answers to these questions. One obvious answer is that every cyber weapon used has to contain some kind of special code (a digital “Stars and Stripes” insignia specific to the instance of the weapon being used) embedded inside. To prevent Elbonia from scanning for it, the insignia is encrypted, but when the United States wants to claim responsibility, it provides the weapon-specific decryption key to Elbonia. But in that case, why not just call the Elbonian embassy and describe the circumstances of the attack with a high degree of specificity?
  4. Is enabling a national attribution marker required by the laws of war? Fighter planes and cruise missiles carry a U.S. insignia; soldiers wear U.S. uniforms. But bullets do not. Is a cyber weapon more like a platform or soldier, or more like a bullet?
  5. Perhaps the "loudness" of the new cyber weapons isn't a technical issue, or isn't just a technical issue. Could unique tactics and procedures be developed that would be part of "assured attribution"? Could such tactics and procedures continue to be effective?

I look forward to further explanations and developments.

Dr. Herb Lin is senior research scholar for cyber policy and security at the Center for International Security and Cooperation and Hank J. Holland Fellow in Cyber Policy and Security at the Hoover Institution, both at Stanford University. His research interests relate broadly to policy-related dimensions of cybersecurity and cyberspace, and he is particularly interested in and knowledgeable about the use of offensive operations in cyberspace, especially as instruments of national policy. In addition to his positions at Stanford University, he is Chief Scientist, Emeritus for the Computer Science and Telecommunications Board, National Research Council (NRC) of the National Academies, where he served from 1990 through 2014 as study director of major projects on public policy and information technology, and Adjunct Senior Research Scholar and Senior Fellow in Cybersecurity (not in residence) at the Saltzman Institute for War and Peace Studies in the School for International and Public Affairs at Columbia University. Prior to his NRC service, he was a professional staff member and staff scientist for the House Armed Services Committee (1986-1990), where his portfolio included defense policy and arms control issues. He received his doctorate in physics from MIT.

Subscribe to Lawfare