As NATO describes —traditionally converted into doctrine— a domain of military operations must respond to differential characteristics that aim to (1) operate in it, (2) not be completely included in another domain, (3) imply action of forces of the sides, (4) exert control over the opponent, (5) promote synergy with other domains, and (6) provide the opportunity to generate imbalances with other domains .
Using this definition, it is evident that the digital transformation of society has brought with it a 5th domain of action that has become a new environment for military operations, both offensive and defensive. An environment that has been called cyberspace.
Rules in cyberspace
In this new ‘battlefield’ the control of the environment becomes almost unapproachable. Every five years we find that networked computers multiply by three. Teams that interact with each other expanding their limits. De facto, it is estimated that by the year 2040 the number of interconnected elements will exceed 5,000 million worldwide.
From a military perspective, a particularity of this domain is that the adversary is often unknown , there are no prior warnings, deception and decoys are simpler to deploy, and threat management is complex – even more so when the actions that could anticipating an attack are ambiguous.
While the belligerents that precede a traditional war are well known, the beginning of a cyber war is yet to be seen . The limits between surveillance and actual attack are blurred and to this must be added the proportionality of the response.
If you think about it carefully, some of the actions against economic , industrial or social interests , carried out historically by numerous hackactivists , could at some point be considered as hostile actions of a foreign power .From hacker to soldier
Cyber defense military operations involve concepts that interrelate information gathering operations (IO), information manipulation operations (PSYOP), identity theft or “ deception ” services (MILDEC) and finally electronic warfare (EW). So far, we could say that we have seen actions that fit into the first three concepts; Regarding the fourth, we will maintain a tense prudence.
If we analyze the traditional models of a cyber attack, we will find that there are three patterns that are used with some assiduity: (a) the exploitation of known vulnerabilities and that are normally used by cyber criminals; (b) the discovery of new vulnerabilities that are commercialized in the black market of the Dark Web for their exploitation in restricted environments; and (c) the creation of new vulnerabilities — including social engineering. The latter is where military units and / or intelligence services tend to focus.
However, whatever pattern is used, none of them is easily verifiable as a true military act. Damages caused by data theft, manipulation or unavailability of services are common in all areas of society. They are not easily related to military objectives despite the fact that cybercriminals maintain close relationships or even appear to be protected by the States themselves . These are usually actions that show “technological strength” through acts that could be perceived as dissuasive – just like military maneuvers organized between allied countries.
A relevant characteristic is that, in many cases, the cost of carrying out these attacks is relatively low. Social engineering techniques make the process much easier. In other cases, the value of the “weaponry” used is mainly strategic, even more so if it is taken into account that the exploitation of a vulnerability created or discovered has a limited time of use after being used since it will quickly promote the development of countermeasures. Hence, the actors take care of its use with exquisite zeal.
Currently, the best prepared countries to face a cyber attack are the US, Russia, Israel, China, North Korea … Nothing surprising, on the other hand, if one takes into account that they all have cyber defense units; a veritable army of technological troops.From hacker to soldier
It is generally difficult to estimate the size of the cyber armies that exist in the world . There is talk of more than 6,000 troops in the US, between 3,000 and 6,000 in North Korea or more than 100,000 in China. It is clear that in cyberspace the strength does not lie only in the number of available troops but rather in their qualifications and in the “weapons” at their disposal. And again knowledge and technology make the difference.
Therefore, it is not surprising that many countries are beginning to consider the idea of recruiting as reservists those select – and few – professionals – and non-professionals – in the cybersecurity sector who can contribute their extensive experience to the defense of their integrity territorial and “its digital borders”. It is a controversial initiative that is still being analyzed and that is gradually taking shape in Europe, with countries such as France or the United Kingdom as prominent references. In Spain , the idea has been studied for several years .
The profile of the cyber-soldier
Europe is likely to make it a common reality at some point . Its implementation, despite everything, will not be without important edges. One of them related to the profiles that will be needed —from technological experts to international law professionals, for example.
And when we talk about profiles we are also referring to the personality of the candidates. Will some of these profiles assume military regulations that clash with the guidelines and ways of acting that precisely made them attractive values for defense and attack activities in cyberspace?From hacker to soldier
The answer does not seem easy. So we are likely to be more successful if we ask the question in reverse. Once the singularities are known, will states be willing to turn hackers into soldiers? Bets are allowed.