March 5, 2010: The United States is having a hard time dealing with the increasing number of Internet based attacks on government and business networks. These attacks have cost billions of dollars in lost technology, not to mention secret documents about government and military matters. The problem is not so much finding out where the attacks came from, but how to deal with them. The problem is that, you can announce who the attacker is (often China, but also criminal groups that may be working for China, or other hostile nations), but you can't provide the proof without demonstrating your knowledge of the techniques used to get into your systems, and cover your tracks while doing it. To talk about this, lets the enemy in on what you know about their techniques, and enables the bad guys to change their approach, and become harder to detect and trace. This is a new twist, unique to Cyber War. With, say, the Pearl Harbor attack in 1941, you didn't have to prove how the Japanese got their carriers to the Hawaiian Islands before launching their sneak attack. You had the attack itself as proof, and a positive ID of all those Japanese bombers. But with Cyber War, the attackers don't wear uniforms, and try to sneak in and out undetected, while stealing data or sabotaging your networks.

Hostile nations have taken advantage of these new conditions. As a practical matter, these Cyber Wars have already begun. In the last few years, the number of intrusion attempts on Department of Defense computers has grown to over 500 a day. The actual increase may be less than that, because as the Department of Defense increases its Internet defenses, and growing ability to detect intrusion attacks. The number of intrusions that succeed, or at least the ones that were discovered, has been going down. But even a few successful intrusions can result in the loss of enormous amounts of valuable data.

Thus a lot of information on the Cyber War against the United States is kept secret, since if the attackers know which of their operations are being observed, or even known about, they will take steps to get their efforts back into the shadows. Half the battle in Cyber War is knowing you are being attacked. The best attacks, especially to steal information, or set up monitoring programs, work best, if at all, if they are undetected.

It's telling that intrusions of Department of Defense computers get publicized, while you hear little about such attacks made on other countries. It could be that the United States is not making as many intrusion attempts as are known Cyber War users like Russia and China, or that most of these intrusion attempts go undetected (whether they succeed or not.)

American Cyber War officials have been heard asking Congress for permission to be more aggressive, and strike back. Officially, the answer has been "no." But if the go-ahead were given, it would best be done as a secret directive. Cyber War is one of those things you don't do in the open, not if you want to have a chance of success.

It's more likely that American Cyber War organizations have not been allowed to attack, largely because of the possible legal and diplomatic problems. There is fear, for example, that there might be collateral damage, and innocent civilian computers and networks harmed. This is not a large risk, if you are using skilled hackers and a well prepared attack. But there is a risk, and peacetime politicians tend to be very risk averse. But we are not at peace when it comes to Cyber War, and the main problem here is communicating that to the politicians.