Cyber War: Here Now or Hype?
By some accounts, cyberwar is already occurring. There have been weekly reports of US systems being hacked from Chinese cyber addresses. Chinese hacking supposedly ranges from U.S. government systems to Google mail to the very computer computercyber Portugal on which you read this article. The StuxNet worm invaded and disabled physical systems of Iran’s nuclear power program for a while. It is widely believed to be the collaborative work between the governments of United States and Israel. There have even been viruses inside the USAF drone command.
While advocating for the establishment of the new U.S. Cyber Command Headquarters in Maryland, Senator Barbara Mikulski (D-Md) stated, “We are at war, we are being attacked, and we are being hacked.”
Defense Secretary Robert Gates’s has been widely misquoted as saying that U.S. Armed Services will consider cyber attacks as an act of war. Addressing the Defense Information Technology Acquisition Summit, he said, “Fortunately, to this point cyber attacks on our military networks have not cost any lives… When exactly is a cyber attack an act of war?”
The clear implication is that there will eventually be a level of cyberattack not yet met that will generate a military response. Then addressing The 10th IISS Asia Security Summit in Singapore on June 4, 2011 he elaborated a little further with a question, “What would constitute an act of war in the cyber world that would require some kind of a response, either in kind or kinetically?”
Reports of cyberwar seem to be everywhere. Is CyberWar happening and are we on the verge of armed military conflict as a result?
Well, hold on a minute…
The US State Department says that the likelihood of a cyberwar between the United States and China is minimal and isn’t currently occurring. According to an article in San Francisco’s Examiner, “US-Chinese cyber war dismissed by State Department'”
Christopher Painter, State Department Coordinator for Cyber Issues was specifically asked on October 18, whether there is a possibility that a large-scale cyber war could break out between China and the US, and what would cause such a war. Painter responded that “our job is to avoid any kind of cyber conflict… People talk a lot about cyber war. Frankly, I don’t think we’ve really seen it.” He said that the threats that do exist are exaggerated and the task at hand is to foster understanding and trust rather to than to expect such conflicts.
America’s Cyber-Security Coordinator (“aka Cybersecurity Czar”), Howard Schmidt said directly to a Wired magazine interviewer, “There is no CyberWar.”
Why then, do we hear an almost constant drumbeat about Cyber War? Jerry Brito and Tate Watkins, in the pages of Reason Magazine claim it’s all about control – controlling the information world and perhaps (again) the very computer on which you are reading this article. They “noted that warnings from members of Congress and government officials about online threats almost unfailingly include rhetoric about war, doom, or catastrophe. But the evidence they offer almost unfailingly relates to things like espionage, crime, vandalism, or flooding websites with traffic via distributed denial of service (DDoS) attacks.” They go on to note that there’s little verified evidence that there’s a serious threat from such online behavior, but rather that talk about dire consequences (and us losing the race to battle cyber threats) is primarily an attempt to build and grow a “cybersecurity-industrial complex.”
As a result, billions of dollars are being funneled into organizations and companies to battle a threat that may be mostly in the imaginations of those would profit from taxpayer largesse.
To take the point further, Dr Thomas Rid, from the Department of War Studies at King’s College London, argues in the Journal of Strategic Studies that cyber war is not now happening and will never take place. To be defined as Cyber War, Rid echoes Carl von Clausewitz in saying that an attack would have to be “a potentially lethal, instrumental, and political act of force conducted through malicious code,” but that the worst we are seeing and will see is “sabotage, espionage, and subversion.” These acts, he argues, do not constitute acts of war – cyber or otherwise.