We're following the story that AP released today on a recent cyber attack on U.S. power grids by Russian and Chinese cyber attackers. Several months ago, acts of cyber aggression against the United States morphed and took on strange new characteristics when looked at from a high level.
More and more the investigation and analysis of these aggressive cyber attacks are becoming laser focused on the "how they did it" and less and less on an equally important examination segment that I refer to as Strategic Intent (SI). Strategic Intent is the process of understanding a derivative of Digital DNA components. The objective of SI is to gain insight into the motivations and strategic intentions of those behind the acts of cyber aggression. This must be done at a level that places each individual act in context with all the other acts launched by a single cyber adversary.
Back in 1989, an article by Gary Hamel and C.K. Prahalad called "Strategic Intent" was published in the Harvard Business Review. Hamel and Prahalad argued that in order to achieve success, an organization must align its end result to its means through the process of Strategic Intent. We have taken this fundamental construct and modified it for direct application to the analysis of acts of cyber aggression. This approach was designed to provide insight and foresight into an adversary's strategic architecture (a high-level blueprint for the deployment of new cyber warfare capabilities), the acquisition of new cyber warfare competencies and the migration of existing competencies to the cyber warfare domain.
The following represent the top three attributes of strategic intent:
- Direction
- Discovery
- Destiny
Applying strategic intent to acts of cyber aggression results in a particular point of view about the long-term intent that a cyber adversary hopes to build over the near term. It is a view of the future that conveys the unified sense of direction. In addition, it implies what a cyber adversary perceives as inherently worthwhile. Our approach and methodology reverse engineers the intent thru scenario based intelligence analysis (SBIA) and trans-disciplinary intelligence engineering (TIE). Using these two techniques we create a plan that an adversary might establish to realize their strategic objectives.
Using this approach we examined a microcosm of cyber events that has taken place in the past twenty-four months. Going down this path we came face to face with a very concerning scenario that seems to be supported by several disparate acts of cyber aggression and general events. Could China and Russia be collaborating on acts of cyber aggression against the United States?
A more troubling version around the same theme was Russia and China teaming up to create a systematic action plan of cyber reconnaissance, cyber intelligence collection and ultimately acts of cyber aggression. If this is indeed reality, the resulting risks would be severe.
As far back as 2005, China and Russia embarked on an unprecedented military collaboration. Nothing creates a bond between two organizations than a common adversary. In fact, a joint military exercise took place that had analysts sounding an alarm. It appeared that the exercises were directed toward a specific third party, the United States.
So tell us what you think. Are Russia and China working together and launching or supporting acts of cyber aggression against the United States? Are the cyber infiltrations on the power grid a real time example of a collaborative effort between China and Russia?
