 Strategic Cybersecurity Module 4, The Bureaucracy of Cyber Conflict. Once you have completed the readings, lecture, activity, and assessment, you will be able to describe how President Ronald Reagan was alerted to the problem of cybersecurity. Welcome to Strategic Cybersecurity Module 4. Although many might believe that cyber espionage is a recent issue, the fact is that nation states have been using cyber espionage for decades to steal secrets from one another. In fact, the first act of nation state espionage is believed to have occurred 50 years ago in 1967 when East German spies hacked into computers operated by an IBM subsidiary in West Germany. The intrusion was so worrisome that it prompted the U.S. House of Representatives to hold three days of hearings on the risk of computer espionage. Historically, one of the biggest issues with cybersecurity and thus cyber conflict is that politicians and other national security leaders may not take it seriously, particularly if they do not understand the technology. By the early 1980s, both the U.S. military and many corporations in the country were using computer technology on an increasing level to support their operations. The U.S. Department of Defense's strategic command was relying heavily on computers for its nuclear weapons mission, specifically with regard to operating advanced guidance systems and potentially tracking incoming enemy missiles. Computers were still expensive mainframe systems and few government officials, including senior policy makers, were at all familiar with them. Hollywood was left to introduce the potential uses and vulnerabilities of the new technology to the public and even to the Oval Office. In 1983, President Ronald Reagan viewed the motion picture war games about a young hacker who accesses a military supercomputer and nearly begins a war. Though the hacker initially believes that he is playing a benign computer game, the supercomputer is, in fact, part of a nuclear weapons control system and a situation erupts that nearly results in World War III. After viewing the movie, President Reagan asked an advisor to research whether such a scenario could actually occur. Months later, a senior military advisor reported to Reagan that many of our important military computer systems did indeed lack sufficient protections. By the beginning of the first Gulf War in January 1991, computers were ubiquitous in all aspects of U.S. military operations. Computer supported smart bombs, satellite communications, advanced avionics, and sophisticated target tracking systems were all on full display during that war and initiated net-centric warfare. Net-centric warfare essentially refers to the ability to network sensors and communication systems so that situational awareness of military commanders and other strategic decision-makers is enhanced. Robust situational awareness helps commanders increase targeting precision and improve the military's overall unity of effort. Both China and Russia were caught off guard by the United States' sophisticated computer-enabled military operations and were awed by our quick victory over Iraq. China in particular was especially concerned with the United States' new ability to wage high-tech war, particularly because China's military relied on more primitive technology, similar to Iraq's. As a result, both China and Russia initiated long-range strategic development programs to upgrade their military capabilities with the goal of creating their own net-centric militaries. Even as it ramped up technologies, however, China believed that the United States had become over-reliant on technology and began research on how to asymmetrically exploit and disrupt this over-reliance. Since the first Gulf War, many of our adversaries have exponentially increased both offensive and defensive cyber capabilities. The United States' advantage in technology over the last three decades has rapidly diminished, and we now struggle to out-innovate our foes. As with most new weapons, however, each country is still trying to figure out how to deter others from using cyber weapons. For instance, the use of nuclear weapons changed the way that military strategists war-gamed, culminating in deterrence doctrines like mutually assured destruction. And the use of cyber weapons has forced strategists to go back to the drawing board to develop similar types of deterrence theories. Still, at the dawn of the cyber age, we lack any system of cyber deterrence similar to that of nuclear weapons use. Simply consider the Russian interference in the 2016 US presidential election. The US Intelligence Communities Report, background to assessing Russian activities and intentions in recent US elections, noted that the purpose of Russian interference was to, quote, undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency, end quote, among other things. Russia deliberately attacked the very fabric of American society in hopes of sowing chaos and ultimately weakening the geopolitical power of the United States. How does one deter this type of interference from a nation-state rival like Russia? We could use a tit-for-tat approach, similar to that used in the era of Cold War espionage. And consider how best to deter the actions of North Korean leader Kim Jong-un, who ordered an attack on Sony Pictures as revenge for release of the motion picture The Interview, which painted North Korea's leadership in an unfavorable light. Much like the nuclear weapons paradigm, these questions of deterrence in cyberspace will eventually be worked out. One positive development for the United States, however, is that our country was relatively quick to recognize the need for an organizational backbone to facilitate the development of both offensive and defensive cyber operations. For example, by the time of the Kosovo war in the late 1990s, the US military had the capability to use computer technologies to disrupt enemy operations and, in fact, use this capability to disrupt the Serbian Integrated Air Defensive Systems, or IADS. Soon after the war's end, the US military formed the Joint Task Force Computer Network Operations, or JTF-CNO, to better coordinate the types of offensive computer operations the United States had conducted against Serbia. Eventually, the JTF-CNO morphed into an organization called the Joint Task Force, Global Network Operations, co-located with the National Security Agency headquarters, and became the precursor to today's US Cyber Command. Quiz question one. What movie was President Ronald Reagan watching when he asked his advisors to look into the security of the networks controlling the nation's nuclear arsenal? A. Kramer vs. Kramer. B. Dr. Strangelove. C. Wargames. D. The Day After. The answer is C. Wargames. Quiz question two. According to the article, Cyber Security, a prehistory, which of the following is not a purpose of Reagan's National Security Decision Directive 145? N. S. D. D. 145. A. The directive helped secure the information systems of the federal government. B. The directive made NSA responsible for setting standards of all government telecommunication systems. C. The directive gave the president the final authority to launch nuclear weapons. D. The directive gave NSA the mission of conducting security research on government telecommunication systems. The answer is C. The directive gave the president the final authority to launch nuclear weapons. Quiz question three. True or false? The first known incidents of cyber espionage occurred in 1967 when a computer operated by an IBM subsidiary in West Germany was hacked. The answer is true. The activity for this module asks that you consider your own career or current job and reflect on how computer technology has affected it compared to 30 or 40 years ago. Did the type of work you do or what is created as a result of computer technology in your work even exist three or four decades ago? How do you think your job may change over the next few decades? Will your job exist or could it be automated due to innovations in artificial intelligence?