January 5, 2008:
There hasn't been a
proper, all-out Cyber War yet. There have been lots of skirmishes, but nothing
approaching what an all out battle, via the Internet, would be. What would the
first Cyber War be like? Let's be blunt, no one really knows. But based on the
cyber weapons that are known to exist, and the ones that are theoretically
possible, one can come up with a rough idea. First, there are obviously three
kinds of Cyber War possible. Right now, we have limited stealth operations
(LSO), as Chinese, Russian, and others, use Cyber War techniques to support
espionage efforts. China is the biggest practitioner, or at least they have
been caught most often.
Next comes Cyber War only (CWO). This
is open use of a full range of Cyber War weapons. No one has done this yet, but
it's potentially less dangerous than firing missiles and unleashing tank
divisions. It is believed that Russia indulged in this in 2007, when Estonia
infuriated the Russians by moving a World War II statute memorializing the
Soviet "liberation" of Estonia (which didn't want to be liberated by the Soviet
Union.) Russia denied responsibility for the massive Cyber War assaults on
Estonia, which nearly shut down the nations Internet infrastructure. Estonia
accused Russia of being responsible, and tried to invoke the NATO
mutual-defense pact. NATO Cyber War experts went to Estonia, and shortly
thereafter the attacks stopped. Apparently Russia got the message that this
sort of thing could escalate in something more conventional, and deadly.
Then we have Cyber War in support of a
conventional war. Technically, we have had this sort of thing for decades. It
has been called "electronic warfare" and has been around since World War II.
But the development of the Internet into a major part of the planets commercial
infrastructure, takes "electronic
warfare" to a whole other level. Cyber War goes after strategic targets, not
just the electronic weapons and communications of the combat forces.
A successful Cyber War depends on two things; means and
vulnerability. The "means" are the people, tools and cyberweapons
available to the attacker. The vulnerability is the extent to which the enemy economy and military use the Internet
and networks in general. We don't know who has what Cyber War capabilities
exactly, although China and the U.S. have openly organized Cyber War units, and
both nations have lots of skilled Internet experts.
Vulnerability is another matter. The
United States is the most exposed to Cyber War attack because, as a nation, we
use the Internet more than any other country. That's the bad news. The good news is that if an attacker ever tried to launch a Cyber War by assaulting the U.S., it
could backfire. This risk has to be kept in mind when considering what a Cyber
War might do. Recall military
history. The Pearl Harbor attack in 1941
actually backfired on the Japanese, by enraging Americans and unleashing a
bloodthirsty response that left Japan in ruins. The lesson of the original
Pearl Harbor is, if you're going to hit someone this way, better make it count.
If your opponent is bigger than you, and gets back up, you could be in some
serious trouble.
The big problem with Cyber War is that
there has not been a lot of experience with it. Without that, no one is really
sure what will happen when someone attempts to use it at maximum strength. But
unlike nuclear weapons, there is far less inhibition about going all-out with
Cyber War weapons. That is the biggest danger. Cyber War is a weapon of growing
might, and little restraint by those who wield it. Things are going to get a
lot worse.