The use of cyberspace as a tool of war has changed the nature of conventional warfare. This not only poses problems in terms of how to respond to those threats but also how to develop agreements among countries to curtail its use.
Richard A. Clarke, former counterterrorism adviser on the National Security Council defined “cyberwarfare” in his book Cyber War as “actions by a nation state to penetrate another nation’s computers or networks for the purpose of causing damage or disruption.”
The Lipman Report, which offers insights from private sources on national security risks, warns that several sectors of the U.S. economy are seriously endangered, including cyber threats to public and private facilities, banking and finance, education and government, and other sectors which depend on computers for daily operations.
“The United States is ill-prepared to defend itself from cyber espionage when its adversary is determined, centrally coordinated, and technically sophisticated, as is China’s government,” stated a U.S. Congressional advisory body in November 2015.
Cyber attacks can wreck havoc in a country’s defense system and on its economy. One of the best known incidents was perhaps the one caused on Iran’s centrifuges by the Stuxnet worm in its Natanz nuclear enrichment facility, which probably delayed its nuclear development activities by several months. Many consider this worm the most advanced piece of its kind, one that significantly increases the profile of cyberwarfare.
“We have entered into a new face of conflict in which we use a cyberweapon to create physical destruction, and in this case, physical destruction in someone else’s critical infrastructure,” declared Ret. Gen. Michael Hayden to the CBS’s 60 minutes. Hayden, who served as CIA director under President George W. Bush, acknowledges that he knows more about the attack on Iran than he is willing to discuss publicly.
There are also potential problems with this kind of warfare, however. Malware modeled after Stuxnet could also be used to target critical infrastructure in the U.S. such as electrical power grids and water-treatment plants, in addition to Department of Defense facilities and banks. All these actions could adversely affect security installations and cause enormous economic damages.
According to Defense officials, Pentagon computers are targeted about 5,000 times per day. Although so far the extent of the damage has been controlled, there are no assurances that in the future this kind of activity may not cause significant and long-lasting effects. In a public notice, the North American Electric Reliability Corporation (NERC) has alerted that the U.S. electrical grid is exposed to cyberattacks, which could cause enormous damage.
In this regard, Richard A. Clarke stated to National Public Radio (NPR), “We’re probably doing things on lot of networks around the world to get ready for cyberwar, and yet we don’t have a military strategy that has been shared with the Congress or the public. And I suspect we don’t really have a military strategy at all.” And he added, “We have extremely good cyber-offensive capabilities – and almost nothing in the way of cyberdefense.”
Because the U.S. has proved unable to prevent sophisticated cyberattacks, a U.S. Congressional group has suggested that U.S.-based companies “hack back” to recover stolen data, making these attacks more costly to carry out. U.S. laws don’t allow corporations or private citizens to carry out retaliatory cyberattacks.
China, along with Russia, Iran and North Korea have reportedly developed plans to disrupt the critical infrastructure of electrical grids, water purification plants, air traffic control units, subways systems and telecommunications.
The real dilemma is how to reach international agreements to limit military attacks in cyberspace. A Ukrainian professor of international law, Alexander Merezhko, has developed a project, the International Convention on Prohibition of Cyberwar in Internet, and an American General, Keith B. Alexander believes that talks should be carried out between the U.S. and Russia on ways to avoid military attacks in cyberspace.
In September 2015, President Barak Obama and China’s President Xi Jinping, agreed that neither country would carry out cybertheft of intellectual property for commercial gains. They also agreed to work together with other countries to establish international rules for conduct in cyberspace. Unless agreements among the leading world powers are reached soon, the consequences on international commerce and world peace will be devastating.