If you want to plan a cyber war, look no further than the Bruce Willis movie, Live Free or Die Hard. That may sound fishy, but that is what a former government cyber war expert told the Defcon security conference today in Las Vegas.
Chris Cleary, a former senior planner at the U.S. Cyber Command and manager of cyber strategy at security firm Sparta, isn’t allowed to talk about the government’s plans for cyber war. But he was able to analyze the 2007 Bruce Willis film, about a terrorist-hacker named Thomas Gabriel who seeks to bring down the nation through a series of cyber attacks. Willis supplies the firepower as a good hacker tries to fight back.
Cleary said in his speech that the film, based on an article “Farewell to Arms” by John Carlin, shows how to execute a war that combines both cyber operations and conventional attacks. Gabriel’s plan is to eventually get into the FBI’s computer network and steal a trove of data. He starts out by going after critical infrastructure, piece by piece.
“The goal is to disrupt, degrade and defeat,” Cleary said in a crowded room of hackers, security professionals, and other observers.
Anyone who wants to wage a successful war has to engage in joint operations planning that makes events happen one after another, like diversions that divert attention from the main object of the attack. Gabriel’s diversion started with an attack on the transportation system, including messing up traffic lights. That led to the evacuation of a bunch of government buildings such as the Social Security Administration. Gabriel further sets off a panic with a fake video of the U.S. Capitol building exploding.
Then Gabriel goes after more critical infrastructure. The kind of targets that cyber attackers can take down include the power grid, law enforcement networks, telecommunications and Wall Street. All of this can be done without major military action, Cleary said, as long as it is done in well-executed and coordinated plan. Gabriel goes after a secret national security computing facility in an attempt to take down the country’s ability to defend itself against cyber attacks.
Gabriel’s evil plot is eventually interrupted by Willis. Today, it’s not such an outlandish plot given the history of technological progress, the linking of everything critical to the net and the improving capabilities of various parties in developing cyber warfare techniques.
Gabriel’s ultimate motivation in the movie: he was fired from his job as a cyber expert at the National Security Agency because he tried to sound the alarm about the vulnerability of the nation to cyber warfare. Ultimately, Cleary asked hackers to think about how their skills can complement the government’s in responding quickly to security threats.