The use of cyberspace as a tool of war has changed the nature of conventional warfare. This not only poses problems in terms of how to respond to those threats but also how to develop agreements among countries to curtail its use.
Richard A Clarke, former counterterrorism adviser on the National Security Council defined “cyberwarfare” in his book Cyber War as “actions by a nation state to penetrate another nation’s computers or networks for the purpose of causing damage or disruption.”
The Lipman Report, which offers insights from private sources on national security risks, warns that several sectors of the US economy are seriously endangered, including cyber threats to public and private facilities, banking and finance, education and government, and other sectors which depend on computers for daily operations.
Cyber attacks can wreck havoc in a country’s defense system and on its economy. One of the best known incidents was perhaps the one caused on Iran’s centrifuges by the Stuxnet worm in its Natanz nuclear enrichment facility, which probably delayed its nuclear development activities by several months. Many consider this worm the most advanced piece of its kind, one that significantly increases the profile of cyberwarfare.
There are also potential problems with this kind of warfare, however. Malware modeled after Stuxnet could also be used to target critical infrastructure in the US such as electrical power grids and water-treatment plants, in addition to Department of Defense facilities and banks. All these actions could adversely affect security installations and cause enormous economic damages.
According to Defense officials, Pentagon computers are targeted about 5,000 times per day. Although so far the extent of the damage has been controlled, there are no assurances that in the future this kind of activity may not cause significant and long-lasting effects. In a public notice, the North American Electric Reliability Corporation (NERC) has alerted that the US electrical grid is exposed to cyberattacks, which could cause enormous damage.
Because the U.S. has proved unable to prevent sophisticated cyberattacks, a US Congressional group has suggested that US-based companies “hack back” to recover stolen data, making these attacks more costly to carry out. US laws don’t allow corporations or private citizens to carry out retaliatory cyberattacks.
China, along with Russia, Iran and North Korea have reportedly developed plans to disrupt the critical infrastructure of electrical grids, water purification plants, air traffic control units, subways systems and telecommunications.
The real dilemma is how to reach international agreements to limit military attacks in cyberspace. A Ukrainian professor of international law, Alexander Merezhko, has developed a project, the International Convention on Prohibition of Cyberwar in Internet, and an American General, Keith B. Alexander believes that talks should be carried out between the US and Russia on ways to avoid military attacks in cyberspace.
In September 2015, President Barak Obama and China’s President Xi Jinping, agreed that neither country would carry out cybertheft of intellectual property for commercial gains. They also agreed to work together with other countries to establish international rules for conduct in cyberspace. Unless agreements among the leading world powers are reached soon, the consequences on international commerce and world peace will be devastating.
This article has been excerpted from: ‘Cyberspace: The New Field for War in the XXI Century’.