Cyber war: Different look, same aim

Like it or not, militaries around the world are building cyber weapons. Hyped or not, concerns about the security of vital computer systems are driving this push.

Black Hat (Hacker) conference attendees listened to a speech By the head of the NSA July 31 in Las Vegas.

Isaac Brekken/AP

September 21, 2013

War is an overused word. Real war – as opposed to “war” in the form of a football game, neighborhood spat, political debate, or public campaign against litter, illiteracy, poverty, or mosquitoes – is humanity at its worst. I’ve never fought in a war, but I have seen it up close on several occasions, most vividly in Lebanon in 1982. If civilization is the year-by-year building of families, communities, commerce, and art – the hum of life at cafes and shops, schools and playgrounds – then war is anti-civilization. It is a machine that hurts people and breaks things.

Because large portions of life now take place on the Internet, the introduction of war into cyberspace was perhaps inevitable. In a Monitor cover story, Anna Mulrine examines the Pentagon’s increasing emphasis on cyberwarfare. The number of specialists able to defend US computer networks – and thus the power grids, financial systems, and critical infrastructure of the nation – and also, if necessary, attack the networks of rivals, is programmed to increase fivefold by 2015. 

As with most Defense Department projects, spending on cyberwar is ballooning under the “better safe than sorry” rubric. No one wants to be caught by surprise. And as with nuclear missiles, aircraft carriers, and drone fleets, the more impressive the cyberwarfare capabilities, the more they serve as a deterrent and persuader, even if never activated.

What’s not clear is whether the threat of cyberwarfare is still largely science fiction. Most hostile cyber-acts so far have been small and hard to pull off. The Stuxnet computer worm that infected Iranian centrifuges in 2010 was cleverly configured (probably by Israeli and American intelligence agencies). Stuxnet may have set Iran’s nuclear program back by a year or so, but it didn’t stop it. Iran in all likelihood now has taken countermeasures. Similarly, denial-of-service attacks that bring down websites by flooding them with traffic are a nuisance but hardly the stuff of shock and awe. The hacks carried out by groups such as Anonymous and the Syrian Electronic Army are more vandalism than acts of war.

Most experts see cyberwarfare circa 2013 as a niche capability. Referring to what is believed to have been an Israeli air raid on a Syrian nuclear facility in 2007, a recent RAND Corp. strategic study described cyber capabilities as “better suited to one-shot strikes (e.g., to silence a surface-to-air missile system and allow aircraft to destroy a nuclear facility under construction) than to long campaigns (e.g., to put constant pressure on a nation’s capital).” 

Wars don’t always start dramatically, as World War II did for the United States on Dec. 7, 1941. They more often evolve, as they have in Syria since 2011, one bad deed leading to another. What we’re seeing with the new emphasis on cyberwarfare looks like the early days of air warfare in World War I – when fragile biplanes carried out showy, ineffective attacks. But as with any warmaking skill, cyberwar is likely to become more efficient and deadly in time. The US Cyber Command and the 24th Air Force have, in effect, added a fifth theater to the military’s land, sea, air, and space capabilities.

War is something that humans still have to learn – at the least, for self-defense and to halt injustice. But war, even in cyberspace, still has one age-old purpose: to hurt people and break things.  

John Yemma is editor of the Monitor. He can be reached at editor@csmonitor.com.