Cyber Tactical Operations (OCT) have numerous limitations, which explains why they have been used so little. Due to their long planning and development time, these are difficult to integrate into the traditional target cycle of conventional armed forces. Traditional weapons only need to be attacked once. Whereas OCTs have to offer permanent covert access to a hacked system. However, this can be detected by the enemy and lead to loss of access. This means that a lot of resources must be invested in your planning to keep the chances of being discovered as low as possible. There is no point in investing large sums of money in a covert tactical ability if it is to be discovered on the first mission.
During the 2007 Iraq war, the United States implemented an OCT. which gave them covert tactical capacity based on three key components that gave them an advantage over the Iraqi insurgency.
What are these components?
First, the NSA correlated Iraqi ISP’s phone metadata with geographic maps, which could pinpoint the location of cell phones used to activate improvised explosive devices. The NSA was able to remotely destroy some of them and track down the location of insurgents nearby.
The second component concerned the use of malware against the computer systems of the uprising. They used two methods: first, they carried out a large-scale infection of numerous Iraqi users through email phishing techniques; In addition to controlling Obelisk, a kind of Al Qaeda intranet.
Finally, the third component consisted in carrying out information operations against insurgents. After gaining access to the Iraqi telephone network, US forces sent fake text messages to the insurgents to demoralize them and to set traps where meetings were held to track those who had surfaced. The malware was also used to track down people who uploaded propaganda videos through internet cafes in order not to be detected.
What has been learned from Iraq is that in vast desert landscapes, technology often fails.
For tactical cyber operations to work, there must be a stable connection with sufficient bandwidth. There has to be electricity, which makes this technology unreliable in combat situations.
Rebels with AK-47s and almost no digital infrastructure are still the most likely adversary in most asymmetric conflicts, and cyber tactics are limited against these common adversaries.
For cyber operations in the field, a certain proximity to the target is required. A hostile WLAN can only be hacked within the radio wave range, so they only make sense if there is physical proximity and we can limit the effects to local proximity. (Javier Lpez, DLTCode consultant)
Copyright © Grupo Edefa SA Reproduction, in whole or in part, of this article is prohibited without permission and prior authorization from the publisher.