Saturday, June 2, 2012

The Great Overreach - How the US changed the way the world wages war, and destroyed itself in the process

"That's an odd reading..."
There is a reason the United States military is unmatched globally, and can win any fight with any force, even those that are much larger.  The reason is technology.  Materials science.  Advanced electronics.  Spaceflight.  As hard as it is to build an aircraft carrier or a nuclear submarine or an ICBM or a spy satellite, it is many times harder to operate them, to learn to use them, and for that knowledge to become institutionalized and so made a part of the force itself.  And those capabilities are out of reach of any, or really all, of America's potential adversaries.

The science, the engineering, the management capabilities necessary to design, build and deploy these sorts of systems is far beyond any other nation or organization, and would take years, perhaps decades to develop.  And even after that, the creation of an officer corps, a leadership and training structure and an operational infrastructure comprising the huge variety of expertise and experience necessary to make it all work is a generational process.  In a world where the US dominates this kind of conventional warfighting, you would think that the maintenance of that dominance would be a central organizing principle of the US strategic agenda.

But apparently you would be wrong.  Recently the US has made a decision to focus its combat operations in two particular areas - drones and offensive cyberwar.  In addition to being inexpensive and quickly and easily deployed, these technologies have the additional advantage of allowing the US to strike within the borders of any nation, at any time - even nations with whom we are at peace, even nations who are ostensibly our allies.

But in addition to their low cost and short development cycles, Unmanned Combat Aircraft and Offensive Weaponized Software have another, much more critical similarity:  At their root, the expertise required, the innovation available, the key component in both drones and malware is software.  Not stealth.  Not sensors.  Not satellites.  Not silicon.  Just software. If there is one engineering discipline where America does not hold a crucial advantage, software would be that discipline.

A small group, ten or twenty smart young people, can develop brilliant software at virtually no cost.  No materials to purchase, no big research labs, they don't even have to know each other.  And yet this is the direction America has chosen to take the world's bloodlust.  Into the realm of small, cheap aircraft piloted by software, and into the realm of malicious software, a specific area of technology, it should be noted, that America does not lead in even today.

In 2003, Iraq had a million men under arms.  The US invaded that country, defeated its army and occupied its capitol in a matter of weeks, with minimal losses.  There was simply no military force in the world that could stand against the offensive onslaught the US combined arms capability provided.  A world with no real competitors.  So it is beyond baffling to see the American braintrust quickly migrating their endless, global warfighting to two platforms where they hold no significant advantage, and, in the case of Weaponized Software, it can even be argued that they have the greatest vulnerability.

Iran has been under explicit threat of American attack for years.  In Pakistan and Yemen, American drone aircraft routinely slaughter families and decimate neighborhoods.  In Palestine and Gaza, America is regularly seen as enabling the day-to-day immiseration and collective punishment of an entire people.  There was quite literally nothing they could do about it - no way, no matter their anger or their radicalization, for them to attack such a powerful enemy so far away.  And now, in one of those slow evolutions that is hardly noticed at the time, it was the US itself that changed the rules, and allowed small, poorly funded groups to fight the mighty American military on a level playing field.  This is a process we will very likely look back on in ten years with deep regrets.

Unmanned aircraft launched from ships, from Mexico, from a Walmart parking lot in St. Louis can kill Americans just as they kill Pakistanis.  They can be launched from the Sinai, from Lebanon, from Serbia - with GPS, real-time video and increasingly autonomous software piloting the craft, limitations in range and payload can be offset by numbers and accuracy.  It is the US Government that has established that sovereign borders are no defense against unmanned aircraft and malicious software.  When these attacks start to fall on the US, and make no mistake, they WILL, our government will cry out in aggrieved hypocrisy, but the world will look on sadly, knowing that it was the US that established these new norms.

But as awful as the daily threat of death by airborne robot will be for Americans - a threat, it should be said, that communities in various corners of the world lives with even today - it is the dangers associated with cyber attacks that should frighten us the most.  Software is a marvelous concept - it is not any one thing - like music, or the written word, it is endlessly malleable, enabling invention after invention, whole new uses appear to one visionary after another.  The ways that America can be hurt with a carefully crafted digital payload cannot be enumerated, because there will always be another innovation, another flash of deadly insight.  Remember that STUXNET, the original offensive software weapon, did not just corrupt files and steal data - it was designed to utilize the SCADA systems to actually destroy physical systems.  When word of the STUXNET worm reached the public, Michael Hayden, head of the CIA, was quoted as saying "...somebody crossed the Rubicon".

Again, if the US believes that it can launch a targeted, destructive digital attack on any nation it pleases, it will be very difficult for the US to claim that a similar attack directed against it is out of bounds, an act of terrorism or a crime.  And what is the barrier to another nation getting in the offensive software business?  You need a group of smart, angry, motivated young people and some computers.  That's not building a jet fighter or an ICBM.  People are building powerful, innovative software all over the world every day.

The world is changing at an incredible pace - and much of the changes are not for the better.  But in the decade since the 9/11 attacks, the shift to a world endlessly at war, not just Axis vs. Allies, but many sides, many factions, states fighting with and against non-state players, attacks coming daily, with no neutrality and no way for it to end will have a profound effect on the way we, and even more our children, live...


  1. Anyone made any software yet than can do a run on a bank?

    1. The best way to rob a bank is to own one, S_McG.

  2. Replies
    1. The list would include the United States, the UK, Germany, China, Russia, Israel and Taiwan, says Scott Borg, head of U.S. Cyber Consequences Unit, a security consulting firm.

      Needs blink tag.

      P.S. Mikey, per Mr. McGravitas' link (IF that is his real name!):

      David Sanger’s article in today’s New York Times confirms that Stuxnet was authored by the United States.