many options and
more casual users
do not appreciate.
between experiences, people,
and technology, showcasing
emerging innovations and industry
Many governments’ militaries and intelligence agencies are actively preparing to engage in cyber attacks, perhaps
in conjunction with conventional attacks or counterattacks.
Cyber exploitation is another
term in the discussions. It refers to
intelligence-gathering rather than
destructive activities. Cyber exploitation usually seeks the least intrusive,
least detectable interventions into
computing systems. The purpose is
to acquire data without being seen or
getting caught. Exploitation also refers to forensic recovery of data from
discarded (or captured) laptops and
Both attack and exploitation require three things: access to a system
or network, vulnerabilities in the accessed systems, and a payload. The
access might be remote through the
Internet or close-in through physical
access. Vulnerabilities can appear in
hardware, software, hardware-software
interfaces, communication channels,
configuration tables, users, and service
providers. The payload is a program
that performs actions once a vulnerability has been found and exercised. A
payload might be a bot, data monitoring program, virus, worm, spyware, or
Trojan horse; and it is likely to have remote access to the attacker’s communication channels. The difference between attack and exploitation depends
on the actions of the payload. An attack
payload is destructive, an exploit payload is nondestructive. Often the differences are so subtle that the victim
of a cyber operation may not be able to
tell as it is happening which it is.
Cyber attack and exploitation are
tools used in the service of larger ends.
They offer a new range of capabilities
to government that can be more hu-
mane and less collaterally damaging
than their traditional “kinetic” prede-
cessors. For example, a military opera-
tion may depend on disabling an adver-
sary’s radars scattered around a city; if
a cyber attack could disable the radars,
there would be no need to bomb the in-
stallations and suffer all the collateral
damage those bombings would entail.
An intelligence operation that can steal
files remotely avoids risking the lives of
its secret agents. However, people who
would accept these ends might also
worry about the same tools being used
for other ends, such as a government
agency spying on its citizens.
the need for technical expertise
It’s tempting for us to say that these
issues look primarily legal, ethical, or
political, and that we should let lawyers, ethicists, and politicians look after them. That reasoning is unsound.
Computing technologies open many
options and complexities that more
casual users do not appreciate. Computing professional advice on the capabilities and limits of the technology
is crucial to the formulation of sound
policies, as well as the development of
tools for attack, exploit, and defense.
A significant example of this occurred in 1985 when the U.S. government undertook the Strategic Defense
Initiative (SDI), an automated missile