On Point: Has the Cyber-War Begun?

by Austin Bay
April 13, 2010

A battle rages over the definition ofwar -- war in cyberspace, that is.

A definition matters because the stakesare already enormous in this "new geography of warfare."

Everyone agrees The First GreatCyber-War (a decisive struggle over the Internet and within the Internet) hasnot been fought -- yet. Cyber-skirmishing, however, is frequent and fierce, asecond-by-second form of digital probing and parrying that is cyberspace'scombat equivalent.

Computers store and share vastquantities of data -- economic, military, intelligence, communications andpolitically sensitive information are obvious targets for spies, thieves,vandals, competitors and enemies. Digital systems control key infrastructure,like electrical grids. Zap a central computer with digital viruses, and thegrid is damaged until the viruses are identified and removed. Repairinggenerators and power lines after an aerial bomb attack is an analog. Theviruses, however, don't leave high-explosive craters.

And there's the rub. Is acyber-intrusion that disrupts and destroys an "armed attack," whichunder international law would permit armed retaliation? Technology andtechniques have once again outpaced political adaptation, rendered militarydoctrine obsolete, and are decades ahead of formal law.

Strategists, lawyers and warriors arestruggling with these complex, multidimensional issues. James Andrew Lewis, inan essay titled "The Cyber War Has Not Begun" (published in March bythe Center for Strategic and International Studies), believes focusing oncyber-security (protecting digital systems) "is a good thing."However, Lewis argues, "We are not in a 'cyber war.' War is the use ofmilitary force to attack another nation and damage or destroy its capabilityand will to resist. Cyber war would involve an effort by another nation or apolitically motivated group to use cyber attacks to attain political ends. Nonation has launched a cyber attack or cyber war against the UnitedStates."

Lewis provides a reasonable definitionof an act of war and its goals. Cyber-like attacks have been used in warfare.Militaries are familiar with "cyber war in support of a conventionalwar" (acronym CWSC). In the guise of "electronic warfare," thistype of "cyber support operation" has been going on since World WarII. However, with the Internet now a major part of the planet's commercialinfrastructure, "electronic warfare" has moved to another level. CWSCcan now attack strategic targets (e.g., international lending and tradingsystems), not just the electronic weapons and communications of the combatforces.

Lewis recognizes a non-state actor("politically motivated group") can wage cyber-war. He also asserts nonation (i.e., a nation-state) has launched a cyber-attack on the U.S., allowingthe possibility of attempts to wage cyber-war by terrorists. Lewis argues thatno nation-state has waged cyber-war or even launched a cyber-attack "toattain political ends" because the U.S. can trace these attacks to theirsource.

Guaranteed exposure is a deterrentbecause the attacker would risk retaliation of some sort -- political,economic, military or, presumably, cyber. I hope he is right, though even themost informed speculations in this field are haunted by the "unknownunknowns" that time and actual warfare inevitably reveal at high cost.

Lewis discusses four types ofcyber-threats and warns against conflating them: 1) economic espionage (theftof proprietary business and economic data, and intellectual property); 2)political and military espionage (traditional spying carried into cyberspace);3) cyber crime (e.g., theft of money from bank accounts); and 4) cyber war. InLewis' view, cyber-attacks in cyber-war are "just another weaponssystem" for hitting targets.

The categories suggest structuralresponses. Police, trade and legal institutions, linked to internationalagreements, become the mechanisms for addressing economic espionage andcyber-crime. Defense and diplomatic organizations address cyber-espionage andcyber-warfare. Lewis advocates creating international "norms" andunderstandings for what constitutes an attack, and "an internationalframework" to establish "potential consequences for differing levelsof hostile action."

However, determining levels ofhostility as a crisis emerges and escalates is a very stiff requirement.History is riddled with surprise attacks whose devastating effects took time toassess. The categories are really not so discrete.

In "real space" crime andterror, and crime and rebellion all too easily mesh. Separating criminal fromrebel is often a tough judgment call. In my own view, skirmishing is warfare.In cyber-space we are witnessing the potshots by light cavalry prior to alarger clash, where opponents, at a calculated pace, probe for vulnerabilitiesand seek decisive advantage. 

Read Austin Bay's Latest Book

To find out more about Austin Bay and read features by other Creators Syndicate writers and cartoonists, visit the Creators Syndicate Web page at www.creators.com.


On Point Archives:

On Point Archives: Current 2021  2020  2019  2018  2017  2016  2015  2014  2013  2012  2011  2010  2009  2008  2007  2006  2005  2004  2003  2002  2001



Help Keep Us Soaring

We need your help! Our subscription base has slowly been dwindling. We need your help in reversing that trend. We would like to add 20 new subscribers this month.

Each month we count on your subscriptions or contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage. A contribution is not a donation that you can deduct at tax time, but a form of crowdfunding. We store none of your information when you contribute..
Subscribe   Contribute   Close