We Are at War
The next cyber-war has begun. China, Russia, North Korea, Iran, Al-Qaeda, and others are engaged in full frontal cyber-war today, attacking Western institutions including the U.S. government, banks, high tech companies, critical infrastructure, and social media.
This is all well-documented by the U.S. Director of National Intelligence in a January 2019 report, Worldwide Threat Assessment of the U.S. Intelligence Community. The report concluded the critical cyber threats to U.S. national security are originating primarily from China and Russia; they are ongoing and increasing in intensity and impact.
Our adversaries and strategic competitors will increasingly use cyber capabilities—including cyber espionage, attack, and influence—to seek political, economic, and military advantage over the United States and its allies and partners….
At present, China and Russia pose the greatest espionage and cyberattack threats, but we anticipate that all our adversaries and strategic competitors will increasingly build and integrate cyber espionage, attack, and influence capabilities into their efforts to influence US policies and advance their own national security interests.2
The highly successful Russian efforts to weaponize Facebook and other social media in an attempt to co-opt the 2016 U.S. presidential election are well documented and still under investigation.
China is particularly active. China’s cyber-espionage division, known as Unit 61398, over 100,000 strong, has successfully completed numerous devastating cyber-war missions directed against the U.S. and others. In 2009, Operation Aurora exploited vulnerabilities in Internet Explorer to penetrate Google, Adobe, and two dozen additional companies to access the source code for many computer software products. The goal was to better enable China to monitor and contain dissidents.3
Unit 61398 has stolen reams of trade secrets from Alcoa, U.S. Steel, and Westinghouse. Included in this plunder were Westinghouse’s IP and trade secrets for designing and operating nuclear power plants.
In 2015, it was revealed that a foreign enemy, generally thought to be China, succeeded in stealing 21.5 million documents—including the personnel records of 4 million people—from the U.S. Office of Personnel Management. These data include the background checks and extensive personal and highly confidential information on 4 million people who had been considered for employment by the U.S. government, including those who had been granted or considered for a security clearance.4
Facebook, Sony Pictures, Target, Visa, Mastercard, Yahoo!, Adobe, JP Morgan Chase, Equifax, the U.S. Department of State, the Democratic National Committee—the frequency of these nefarious attacks by foreign nations and other bad actors is sufficiently ubiquitous that we are no longer surprised to open the morning paper to find that another few hundred million top secret documents or highly personal financial or medical records have been stolen by a foreign enemy. If this is not war, what is it?
The Strategic Role of AI
National governments around the globe clearly view AI as a strategic technology, with more than 25 countries having published national AI strategies in recent years.5 These strategy papers cover AI policy across scientific research, talent development, education, public and private sector adoption and collaboration, ethics, data privacy standards and regulations, and data and digital infrastructure.
No country has been more ambitious in its national strategy for global AI supremacy than China. Backed by massive investments in R&D, China foresees a future where AI infuses every aspect of its industrial, commercial, governmental, and military operations, including advanced AI-powered weapons in every domain: land, air, sea, space, and cyberspace.
Just as AI is playing a central role in the digital transformation of business and industry, AI is driving the transformation of 21st-century warfare.
The AI Race Is the First Phase in the War between China and the U.S.
In July 2017, China released its “Next Generation Artificial Intelligence Development Plan,” with the explicit goal of becoming the world leader in artificial intelligence by 2030. It will increase government spending on core AI programs to $22 billion in the next few years, with plans to spend nearly $60 billion per year by 2025. China’s defense budget has doubled during the past decade, reaching an estimated $190 billion in 2017.6
Of particular note is the role of AI-enabled cyber warfare in China’s military strategy. In a 2018 report to Congress, the U.S. Defense Department highlighted that cyber warfare figures prominently in China’s goal to turn the People’s Liberation Army (PLA) into a “world-class” military force:
Chinese military writings describe informatized warfare as the use of information technology to create an operational system-of-systems allowing the PLA to acquire, transmit, process, and use information to conduct joint military operations across the domains of land, sea, air, space, cyberspace and the electromagnetic spectrum during a conflict. Ongoing military reforms are aimed at accelerating the incorporation of information systems enabling forces and commanders to carry out missions and tasks more effectively to win informatized local wars. The PLA continues to expand the scope and regularity of military exercises simulating these operations and likely views conventional and cyber operations as means of achieving information dominance.7
FIGURE 8.1
China is working to apply AI across its arsenal of weaponry, including advanced aircraft, missiles, autonomous vehicles, and cyber weapons:8
• According to Yang Wei, former chief designer of the Chengdu Aircraft Corp J-20 stealth fighter, China’s next-generation fighter will utilize AI to achieve air superiority
• AI will enable future unmanned combat aircraft (UCAV) that are more responsive than human-controlled aircraft, as well as new space-combat platforms equipped with energy-based weapons
• AI will also enable deep-sea, unmanned underwater combat vehicles (UUCVs) to assert control over the ocean floor and defend the large sensor grids that make up China’s “Underwater Great Wall”
• Future cruise missiles will deploy AI that enables commanders to control missiles in real time, add tasks in-flight, or operate them in “fire-and-forget” mode
• To dominate in electronic warfare, AI-enabled cyber weapons will be used against enemy networks, utilizing advanced methods to “make the opponent unable to perceive, or perceive garbage information and false information”
Weaponization of Critical Infrastructure
The use of AI-enabled cyber weapons as a precursor to—or perhaps in place of—a military conflict in itself poses potentially catastrophic risks. Consider the U.S. power grid. The electricity grid is the engine that powers all mechanisms of commerce and civilization in the United States. Should this engine fail, all dependent activities immediately cease to function, including water and sanitation, the food supply chain, financial institutions, health care, communications, media, transportation, and law enforcement.
The U.S. power grid is brittle, fragile, and highly susceptible to destructive cyberattack by bad actors, terrorists, rogue states, and foreign enemies. And they know it. The U.S. power grid is subject to incessant attacks employing phishing and spear-phishing, identity theft, denial of service attacks, and a spectrum of viral injection techniques delivering and embedding clandestine malware, bots, and worms that, if and when enabled, have the capability of disabling critical portions of the power system if not the entire grid itself. If and when that happens, the world as we know it comes to an end. Think Mad Max meets Peoria.
How vulnerable is the grid? The North American Electric Reliability Corporation has predicted that the malicious software used in the sophisticated Russian attack that brought down the Ukrainian grid in 2015 could be modified to use against utilities in the U.S.9 One email-delivered virus could wipe out the reboot sequence on the computer SCADA (Supervisory Control and Data Acquisition) system of any large grid operator—effectively hitting the “off” switch. A 2017 survey of North American utility executives found that more than three-quarters bel
ieve there is a likelihood that the U.S. grid will be subject to a cyberattack in the next five years.10
The risk is not just cyber but also physical. Rebecca Smith of the Wall Street Journal has reported that if nine specific substations in the U.S. were to be disabled, the entire U.S. power grid could be offline for weeks to months.11 In 2014, Jim Woolsey, former head of the CIA, warned of the increasingly likely threat of a nuclear electromagnetic pulse (EMP) attack.12 One high-altitude EMP explosion would disable the grid for years. A decade ago the EMP Commission determined that as a result of a long-term shutdown of the grid—in a social milieu of total chaos—only 1 out of 10 Americans would survive after one year.13,14
The vulnerability of the grid, the new reality of cyber-physical attacks on critical infrastructure, and the almost unimaginable devastation that would result have been well-known and documented by U.S. national leadership and media for decades. Nevertheless, the U.S. has no cohesive national policy to secure critical grid infrastructure—especially for local distribution systems. There is no national policy to deal with the aftermath of an effective cyberattack on the power grid. The national Armageddon nightmare has changed from the prospect of a 20th-century nuclear winter to the potential of a 21st-century digital winter.
In 2010, William Perry, Stephen Hadley, and John Deutsch reported in a confidential, but now public, bipartisan letter to the chairman of the House Energy and Commerce Committee that “the grid is extremely vulnerable to disruption by a cyber or other attack. Our adversaries…have the capability to carry out such an attack. The consequences…would be catastrophic.”15
Recent reports in the Wall Street Journal and other outlets describe numerous successful state-sponsored penetrations of U.S. utilities by Russia.16 The effect of these penetrations is to weaponize the U.S. grid. Why would adversaries need nuclear or biological weapons, when they have the ability to bring the United States to its knees with a few taps of a keyboard from Tehran, Pyongyang, or Moscow?
Leaders from agencies charged with protecting national security, including the CIA, DIA, NSA, FBI, FEMA, DHS, and DoD, have attested to the significance of the vulnerability and the scale of possible devastation. Both the government and the media have confirmed that this is no longer just a threat; it is happening every day.
The digitalization of the grid and exponential growth in interconnected distributed energy resources dramatically expands the vulnerable attack surface, multiplying what today are a few critical network nodes to millions.
This is a solvable engineering and governance problem. From a science and engineering perspective, this is an order of magnitude less complex than the Manhattan Project or the Space Program. Critical infrastructure can be secured. Distributed digital resources can be made a strength.
The legal framework governing the regulation of U.S. utilities was first outlined when Franklin Delano Roosevelt was president and fewer than 1 in 10 American households had a refrigerator. Federal and state governments need to bridge antiquated jurisdictional and regulatory boundaries to collaborate, cooperate, and coordinate in this age of new technology and new threats. The cyber-physical security of the grid is a matter of national security and requires a commensurate degree of attention, resources, and coordination.
It is a simple matter of priority and budget. There is no need to wait until—as some think inevitable—a catastrophic 9/11-type attack on the U.S. power grid wreaks untold devastation on the country.
It is time for the White House, Congress, governors, and state legislatures to set the priority. It is time for the public and private sectors to step up to the plate; to acknowledge that the problem is critical; to implement a plan to address the vulnerability; and fix it.
AI-Driven Hyperwar
Retired U.S. Marine Corps General John Allen provides a vividly imagined description of what AI-driven warfare—or “hyperwar”—might look like in the near future:
The battle damage was devastating and constituted the leading edge of what the United States soon would discover was a widespread, strategic attack. The guided-missile destroyer had not “seen” the incoming swarm because it had not recognized that its systems were under cyberattack before things turned kinetic. The undetected cyber activity not only compromised the destroyer’s sensors, but also “locked-out” its defensive systems, leaving the ship almost helpless. The kinetic strikes came in waves as a complex swarm. The attack appeared to be conducted by a cloud of autonomous systems that seemed to move together with a purpose, reacting to each other and to the ship.
The speed of the attack quickly overwhelmed nearly all the ship’s combat systems, and while the information technology specialists were able to release some defensive systems from the clutches of the cyber intrusion, the sailors in the combat information center (CIC) simply were unable to generate the speed to react. Decision-action times were in seconds or less. Indeed, it appeared from the now very limited situational awareness in the CIC that some of the enemy autonomous weapons were providing support to other systems to set up attacks of other systems. The entire event was over in minutes.17
This new kind of hyperwarfare, with its unprecedented speed and massively concurrent action, is made possible by AI-powered decision-making.
These autonomous weapon systems are available today. In early 2018, Russia completed testing of its hypersonic glider, Avangard, that can travel at Mach 20—more than 15,000 miles per hour—and is designed to sneak under U.S. ballistic missile defenses.18 The U.S. Air Force doesn’t anticipate fielding an equivalent hypersonic weapon system until 2021.19
The U.S. Technology Lead Is at Stake
In response to the threat posed by AI-enabled adversaries, the U.S. Congress is holding hearings on the Defense Department’s progress on artificial intelligence and in 2018 established a new National Security Commission on Artificial Intelligence, mandated by the National Defense Authorization Act. Its members are appointed by senior congressional leaders and agency heads to develop recommendations for advancing the development of AI techniques to bolster U.S. national security.
The Defense Advanced Research Projects Agency (DARPA) announced plans to spend more than $2 billion on research into so-called “third wave” artificial intelligence capabilities over the next few years. This is a small fraction—just 10 percent—of the $22 billion China intends to spend on AI in the near term. The DARPA initiative is called “AI Next” and aims to develop AI technology that adapts to changing situations as human intelligence does, as opposed to the current mode of processing high-quality training data in myriad situations to calibrate an algorithm.
U.S. National Defense Strategy
“We face a more competitive and dangerous international security environment than we have faced in decades,” Heather Wilson, U.S. Air Force Secretary, said. “Great power competition has re-emerged as the central challenge for U.S. security and prosperity.”20 The 2018 National Defense Strategy articulates the U.S. strategy to compete, deter, and win in an increasingly complex security environment.
Rapid technology change—AI, autonomy, robotics, directed energy, hypersonics, biotech—largely defines this complex environment. Long-term strategic competitions with China and Russia are the principal priorities for the Department of Defense requiring both increased and sustained investment due to the magnitude of the threats to U.S. security.
For decades the U.S. enjoyed dominant superiority in every operating domain. Today, every domain is contested—air, land, sea, space, and cyberspace. Competitors and adversaries target U.S. battle networks and operations, while also using other areas of competition short of open warfare to achieve their ends (e.g., information warfare, ambiguous or denied proxy operations, and subversion).
China is leveraging military modernization, influence operations (e.g., propaganda, misinformation, social media manipulation), and predatory economics to coerce neighboring countries to reorder the Indo-Pacific region to its advantage. As China continues its economic and military ascenda
nce, asserting power through an all-of-nation long-term strategy, it will continue to pursue a military modernization program that seeks Indo-Pacific regional hegemony in the near term and displacement of the U.S. to achieve global preeminence in the future.21
According to U.S. defense analysts, China’s cyber activities directed against the U.S. and Department of Defense are sophisticated and extensive:
To support China’s military modernization, it uses a variety of methods to acquire foreign military and dual-use technologies, including targeted foreign direct investment, cyber theft, and exploitation of private Chinese nationals’ access to these technologies. Several recent cases and indictments illustrate China’s use of intelligence services, computer intrusions, and other illicit approaches to obtain national security and export-restricted technologies, controlled equipment, and other materials.
Computer systems around the world, including those owned by the U.S. Government, continue to be targeted by China-based intrusions. These intrusions focus on accessing networks and extracting information. China uses its cyber capabilities to support intelligence collection against U.S. diplomatic, economic, academic, and defense industrial base sectors. China can use the information to benefit China’s defense high-technology industries, support China’s military modernization, provide the CCP insights into U.S. leadership perspectives, and enable diplomatic negotiations, such as those supporting China’s Belt and Road Initiative. Additionally, targeted information could enable PLA cyber forces to build an operational picture of U.S. defense networks, military disposition, logistics, and related military capabilities that could be exploited prior to or during a crisis. The accesses and skills required for these intrusions are similar to those necessary to conduct cyber operations in an attempt to deter, delay, disrupt, and degrade DoD operations prior to or during a conflict.22
Digital Transformation Page 17