The expansion of the cyber littoral zone and the importance of cyber situational awareness

Stewart K. Bertram | 4 August 2016

In military terminology, the littoral zone refers to the area that a naval vessel can impose some kind of effect within, such as landing troops, dropping munitions or projecting electronic counter measures. The concept encapsulates two key points.

  1. In physical terms the modern littoral zone is radically expanding. For example, some of the initial U.S. incursions into Taliban controlled Afghanistan in 2001 were actually launched from ships, significant given Afghanistan’s land locked status.
  2. The littoral zone blurs the lines between other spheres of conflict, such as land and air.

These two concepts of extended reach and blurred operational lines, encapsulated within the term “littoral zone”, can equally be applied to cyberspace.

A prime example of how this concept translates into a real world cyber example is encapsulated within this quatation taken from a Guardian news article on the hacking of the Syrian leader Bashar al Assad email account

“Activists say they were able to monitor the inboxes of Assad and his wife in real time for several months. In several cases they claim to have used information to warn colleagues in Damascus of imminent regime moves against them.”

This is a prime example of the cyber-littoral zone and how it has expanded its reach over the past decade. Encapsulated within the quotation are the elements of the growing reach of the cyber-littoral (into the direct communication of a national leader), how it has transcended the traditional confines of cyber space (the warnings given to insurgents in Damascus) and the “in real time” i.e. happening now, nature of the events.

Although the emergence of the expansion of the cyber-littoral zone is most obvious in war zone situations such as the conflict in Syria, the phenomenon is having as tangible effect on the private sector away from conflict zones. A firm example of this trend is the dissolution of the corporate fire wall through new technologies such as Dropbox, Skype, LinkedIn, Facebook and assorted “paste sites.” It’s important to observe that, just as technologies such as laser-guided munition have expanded the littoral zone within the physical realm, so these new technologies have expanded the cyber-littoral zone within cyberspace. The overall effect of this is that cyber threats have potentially a far deeper impact on victims than they have in the past. Threats strike deeper into the victim network than ever before and cross the barrier from cyberspace into a threat that can manifest within the physical world.

How do we respond to the threat posed by the expansion of the cyber-littoral zone? The obvious response is to first acknowledge the phenomenon and then to increase one’s cyber situational awareness. This concept encapsulates more than the traditional, technically driven old-school approach to cyber security. In the face of a dynamic threat, a dynamic response is needed that allows the defender to moves at the speed of the threat and incorporates both soft factors such as actor motivation, as well as hard factors such as domain squatting and document leakage.