According to a new RAND Project Air Force study, seeing that it will be very hard for the U.S. to prevent the rampage of hackers and online outlaws on critical military and civilian installations by simply enforcing their antiquated policies, the American government should decide to concentrate its time, effort, resources, and manpower on protecting these networks from any and all Internet-based perils.

The RAND research paper discovered that the U.S. and many other countries that depend on externally available networks (like the ones used for armed forces command and control, banking, telephone service, and electric power) as a basis for their economic and military might are most vulnerable to even the simplest, small-scale cyber attacks. By working against weakly protected computer networks, hackers can easily corrupt systems with bogus information, make them malfunction by sending them malicious code, compromise them so thoroughly that they could become a part of a multi-computer botnet used to corrupt other systems and propagate insidious malware, and steal all sorts of confidential data.

In most cases, the consequences of cyber attacks is negligible and fleeting, while repeated attacks can help the targets develop tougher security measures that are more difficult to breach. The study also demonstrates that military hacks are most dangerous when they're done as a part of a particular combat process (e.g., silencing a surface-to-air missile network that is defending a crucial target) rather than as a part of the main element of a protracted strategic program. When it comes to cyber warfare, the battles themselves are more important than the overall war.

The paper further suggests that virtual combat is vague and indistinct, such that it's rarely clear which attacks can compromise a system collaterally or deliberately. It's also quite hard to determine what damage was done in between assaults because of the ambiguous nature of cyber threats. Furthermore, deducing the identity of an attacker is little more than conjecture thanks to the online world's cloak of anonymity, which makes it also difficult to know when an attack has ceased or not. Motives are also a question mark to authorities more often than not.