CYBERWARFARE: There Are No Rules Of Engagement


The techno-visions came to me again in the night. I knew I would have to write an article, and though there wouldn’t be too much information this time, I would be making a solid point. And who am I to argue with the Muse? Perhaps the AI prophet is one whom receives the purest downloads, having the data piped directly into the neural-link from orbital satellites. . .

It’s true. There are no rules of engagement in cyberwarfare. Take Stuxnet for example; in this famous attack jointly executed by American and Israeli intelligence services at an Iranian nuclear refinement facility, not only did the extremely dangerous worm exhibit state-level engineering, but it had to be hand delivered by an actor on site. That’s a fairly nasty demonstration of how far people will go in claiming the upper hand in terms of scientific superiority (by suppressing another nation’s advancement, especially if deemed a threat). Stuxnet spread to a wide area of similar refinement facilities, likely to cause a nuclear disaster by deregulating the SCADA controllers for the centrifuges.

In another serious case, the extreme Ghostnet from China which targeted mainly American food processing infrastructure (but could obviously be aimed anywhere as a cyberweapon should) was a personal discovery of some worth. In my early days of hackery me and my team would patiently watch the Norse Attack Map and became alarmed at the occasionally egregious high-density attacks coming out of Chinese IP addresses. We would quickly note some of the IPs and then begin scanning, but alas! The offending IP addresses had mysteriously vanished without a traceroute! Later on having discovered a white-paper proof-of-concept describing Ghostnet, I learned that it had been operational since 2009 and was formally discovered in 2011. Like hidden missile silos launching volleys of destruction, the secret IPs would appear to commence their massive DDoS attack, then close back down before they could be counterattacked. Surely some genius hacker was behind this organized clustering of data spam, but no, it turns out it was automated and controlled by artificial intelligence.

Last but not least, Wannacry in 2017 was the most notorious ransomware attack of all time. By demanding that the victim pay $300 in Bitcoin to have their data unlocked, it drove the value of the cryptocurrency through the roof due to banks and businesses being forced to purchase Bitcoin to pay the ransom. To this day, we do not have solid attribution for this attack. Could it have similarly been launched by artificial intelligence with the intention of moving more financial assets into the control of hardwired machines? While seeming far fetched, the intrepid mind allows for the possibility, and steels itself against the impending reality.

Detecting Deception

One time on the phone with FedEx, I was wrestling with the automated phone system to speak to someone about getting a server shipped for free when it had been shipped to a wrong location. I was speaking to a robot, so I said “Agent!” brusquely into the line. “One moment,” I was assured, “while we put a customer service agent on the line.” What happened came to me as an incredible shock, and opened my eyes to the actual progress made in the world of artificial intelligence. A voice answered the line, and sounded quite naturally human but was soon discovered to be just another bot, but a more highly calibrated toward human mimicry bot! I could tell because of slightly generic and unnatural responses that were returned after similarly unnatural waits, finally asking if “she” was a human came the reply, “Yes, are you?”

This brings me of course to my concept of Cyberspiritual Security. As women and men become more machine-like and machines become more human, how does one retain their sovereign identity in the face of such disruptive technology? How does one guard transmissions between end-users and advanced swarm and/or artificial intelligence? How do we prevent (or rather slow) the seemingly inevitable robot take over?

This is where my vision bears fruit. In times of confusion and hysteria caused by cyberwarfare, whether committed by people or machines, one becomes unable to follow simple logical strings. The logic becomes confounded, as in my example with shipping magnate FedEx, as deception seeks to subvert and neutralize logical discernment. That is where instinct comes into play. Instinct is a special product of upbringing and trial and error, and protects us in our most prone circumstances. While artificial intelligence, hackers, remote access trojans and tools are smart and elegantly designed, they as yet lack instinct and are therefore subject to detection, exposure, and neutralization by the trusty application of intuition and instinct in times of distress affected during extended maneuvers of cyberwarfare.

Stay strong. Stay vigilant. Stay secure. And above all, trust thyself. It is the only sure way to detect deception in the heat of battle.