Threat Management, Threat Intelligence, Network Security, Network Security, Security Strategy, Plan, Budget

Defining the qualities of cyber warfare

Cyber war is one of the hottest buzzwords trending through newsfeeds. But even though many are quick to use the term, not everyone fully understands the concept.

Cyber warfare is a reality, but the reality of the situation may be far different than many believe.

Governments are taking potential threats seriously, with at least 12 of the world's 15 largest military powers building cyber warfare programs that assess tactics and capabilities that will be critical in any future cyber war. It has also been reported by intelligence sources that the number of intrusions and attacks have increased dramatically over the past several years.

Accusations of cyber attacks are also on the rise worldwide, with Iran ranking high on the danger list. Iran has become “a force to be reckoned with,” U.S. Air Force's Space Command leader Gen. William Shelton reportedly said in a January speech in Washington, D.C. Additionally, it has been reported that Iran has been fortifying its own cyber attack capabilities following the Stuxnet attacks, which are believed to have resulted in the explosion of several Iranian nuclear centrifuges.

The world is moving toward a greater strategic use of cyber weapons to persuade adversaries to change their behavior. Past conflicts required soldiers that were physically and mentally tough enough to succeed in battle. However, physical strength need not be an issue at all for the new brand of soldiers who instead must possess a sophisticated knowledge of computer security and code.

F-Secure Chief Research Officer Mikko Hypponen reportedly noted at the recent DLD13 conference in Munich that hackers have morphed from the “happy teen hacker” type that is just hacking for fun to those who engage in it with a motive and for a proverbial kill.

“Hackers now are either criminals out to make money, activists out to protest or governments engaged in targeting their own citizens or attacking other governments, whether for espionage or cyber warfare,” he said, according to The Guardian.

Not every malicious attack, however, falls into the cyber warfare category, which is largely where unwarranted paranoia, misuse and misconceptions of the term arise.

What counts as “cyber warfare” remains an open question, but it does have certain stipulations. A major misconception is that cyber war takes place on a different domain, such as a fifth domain, that is totally separate and disconnected from all other forms of warfare, be it land, sea or air.

However, rather than being disconnected from all other types of warfare, the “cyber” world of bytes is an integral part of all other domains. It penetrates all the levels and dimensions of warfare, with cyber components prevalent in weaponry, communications, equipment and other war-related items.

Any future crisis, even one not deemed a cyber war per se, is likely to involve a cyber component. It would be tough to avoid it, particularly in major wars between developed countries. Cyber is the only realm that allows attackers to have an impact on all other dimensions.

Cyber components may embed submarines and ships; alter airplane functioning and drops; interfere with satellites; cut off the distribution of electricity; affect the performance of smartphones, automobiles and prisons; and engage in a laundry list of additional maneuvers that shut down, deter or otherwise work to destroy an enemy.

While Kaspersky Lab CEO Eugene Kaspersky limits his definition of cyber warfare to activity that uses cyber weapons to cause physical damage, only Stuxnet fits that definition to date.

But cyber weapons can also be deployed to disrupt command-and-control without physical destruction. For example, a country impoverished by erased banking records could very well be a victim of cyber warfare, although no physical damage has been done.

An attack that qualifies of cyber warfare must, however, occur in the political and strategic context of warfare.

“War is thus an act of force to compel our enemy to do our will,” says the famous formulation of Prussian military strategist Carl von Clausewitz. Chinese military general Sun Tzu's idea of warfare was “to subdue the enemy without fighting.”

Neither case necessarily involves physical destruction, although both function as a means to achieve a political aim. The same holds true with cyber warfare. The cyber instrument may have its own grammar, but its logic is that of war as a whole.

The ongoing and sophisticated online conflict in Syria serves as a prime example of cyber warfare. While the efforts from the Syrian government, as well as its opponents, are meant to “sabotage, disrupt and destroy,” it doesn't necessarily involve physical destruction. One of the cyber war weapons was a destructive trojan known as Dark Comet.

The digital rights group Electronic Frontier Foundation described it as “a remote administration tool that allows an attacker to capture webcam activity, disable the notification setting for certain antivirus programs, record keystrokes, steal passwords and more — and sends that sensitive information to an address in Syrian IP space.”

While it is painfully clear Syria is in the midst of an ongoing civil war, many other nations are instead in a blurred gray area that is neither in a state of war nor a state of peace. Cyber reality further blurs the boundaries between war and peace, adding a dangerous new dimension of instability. Instead of being an obvious form of war, future conflicts involving cyber warfare may instead become vague, with no clear beginning or end.

The cyber warfare victims may not even be conscious of being in conflict with someone, just acutely aware that unpleasant, tangible things “just happen.” Those unpleasant events may be a regular occurrence or they may crop up at random and infrequent intervals. Although such events may seem to have neither rhyme nor reason, they could in fact be part of a larger strategy in the cyber warfare game.

Cyber warfare is happening, but it should not be the catch-all phrase for any malicious computer-related activity. Distributed denial-of-service (DDoS) attacks that have no physical impact should not be considered cyber warfare, nor should activities such as espionage. If cyber warfare were used to classify every malicious attack or unpleasant event, we would be a war-torn world indeed. Additionally, there would be no term remaining to describe severely devastating and debilitating cyber warfare when it did occur.

Defining what qualifies as war and what does not is challenging in the cyber realm, but to qualify as official warfare, the term needs to be put into the right context as a part of the strategic and political decision making process. We can also take one more cue from Clausewitz who said, “War is the continuation of politics by other means.”

To qualify as cyber war, the means may be virtual, but the impact should be real.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.