The Potential for DevOps in Fighting Cyber Warfare
Cyber warfare is taking center stage as hacking incidents continue to occur, raising the specter of state-sponsored agents penetrating sensitive systems to steal strategic information, presumably for nefarious purposes. As a father of children serving in the military, the topic has gained this author’s attention. Any parent would wonder if somehow cyber warfare might be “safer” then conventional warfare. Perhaps cyber battles are similar to computer games, with no real physical harm to those on the “battlefield.” But in reality, nothing could be further from the truth; cyber warfare actually impacts real assets and real people.
Recent incidents involving government systems being compromised resulted in the personally identifiable information of thousands of federal employees being stolen. Analysts worry that if the stolen information falls into the wrong hands, it could be used to compromise the integrity of federal employees—who themselves have access to sensitive systems.
The threat is not limited to government administrative systems, however. Reports have indicated that airplanes and cars could be controlled by hackers as well. Critical infrastructure, including telecommunications and major utilities, could also be compromised, and recent incidents have even been investigated involving our nation’s water supply.
These exploits could just as easily have been perpetrated by lone wolf hackers as by state-sponsored cyber espionage agents, giving rise to the career of cyber mercenary. That’s part of the issue: We don’t always know if incidents like these are the work of an organized government cyber army or a bright teenager who knows how to write scripts. We do know that the impact of these cyber incidents can be potentially disastrous. Missile defense systems or even ballistic missiles themselves could be electronically manipulated by cyber agents with the right skills and tools.
DevOps presents an interesting arsenal in the cyber warfare arena. With DevOps, your systems have excellent environment monitoring and are cryptographically verifiable such that the slightest penetration and unauthorized change is immediately detected.
Suppose, then, that your DevOps procedures were so well orchestrated that you could quickly take down the compromised machines and rebuild them in a matter of minutes, immediately deploying the validated codebase and bringing the system back online. Let’s assume that we took a snapshot of the machine for forensic analysis later, leading us to better surveillance and counter-espionage techniques.
Our automated quality assurance and testing procedures would certainly need to be comprehensive and capable of verifying the integrity of the code base, as well as the secure trusted base upon which the code is running. With this scenario, DevOps becomes not only the intrusion detection service, but also the automated response for quickly getting back online and restoring services. There would be no need to hunt for malware because we’d know exactly what code should be running on our machines and we could make it happen immediately when necessary.
Does this mean that a few of us tech-savvy old-timers might actually get drafted into military cyber service? If so, I would like my children to get used to calling me Major Dad.
