For the past few years, there has been an explosion of ways in which countries can engage in destructive behavior. The use of cyberspace as a tool of war has changed the nature of conventional warfare. This not only poses problems in terms of how to respond to those threats but also how to develop agreements among countries to curtail its use.
Richard A. Clarke, former counterterrorism adviser on the National Security Council defined “cyberwarfare” in his book Cyber War as “actions by a nation state to penetrate another nation’s computers or networks for the purpose of causing damage or disruption.”
The Lipman Report, which offers insights from private sources on national security risks, warns that several sectors of the U.S. economy are seriously endangered, including cyber threats to public and private facilities, banking and finance, education and government, and other operations which depend on computers for daily operations.
In February 2010, several U.S. lawmakers stated that “the threat of a crippling attack on telecommunications and computer networks was sharply on the rise.” To underscore those dangers even more, the former Director of National Intelligence, Vice Admiral Michael McConnell (Ret.) stated bluntly before the U.S. Senate in 2010, “If we were in a cyberwar today, the United States would lose.” His testimony, however, may represent a conflict of interest considering his participation as director of defense programs in Booz Allen Hamilton, a firm which provides technology services to the U.S. government.
It is evident, nonetheless, that cyber attacks can wreck havoc in a country’s defense system and on its economy. For example, in July 2011, the South Korean company SK Communications was hacked. As a result, important personal details of up to 35 million people were stolen, a part of what seems to have been a broader, concerted hacking effort.
The best well known -the mother of all attacks- was perhaps the one caused on Iran’s centrifuges by the Stuxnet worm in its Natanz nuclear enrichment facility, which probably delayed its nuclear development activities by several months. Many consider this worm the most advanced piece of its kind, one that significantly increases the profile of cyberwarfare.
“We have entered into a new face of conflict in which we use a cyberweapon to create physical destruction, and in this case, physical destruction in someone else’s critical infrastructure,” declared Ret. Gen. Michael Hayden to the CBS news magazine “60 minutes.” Hayden, who served as CIA director under President George W. Bush, acknowledges that he knows more about the attack on Iran that he is willing to discuss publicly.
There are also potential problems with this kind of warfare, however. Malware modeled after Stuxnet could also be used to target critical infrastructure in the U.S. such as electrical power grids and water-treatment plants, in addition to Department of Defense facilities and banks. All these actions could adversely affect security installations and cause enormous economic damages.
According to Defense officials, Pentagon computers are targeted about 5,000 times per day. Although so far the extent of the damage has been controlled, there are no assurances that in the future this kind of activities may not cause devastating effects. The North American Electric Reliability Corporation (NERC) has alerted in a public notice that the U.S. electrical grid is exposed to cyberattacks, which could cause enormous damage.
In this regard, Richard A. Clarke stated to National Public Radio (NPR) in 2010, “We’re probably doing things on lot of networks around the world to get ready for cyberwar, and yet we don’t have a military strategy that has been shared with the Congress or the public. And I suspect we don’t really have a military strategy at all.” And he added, “We have extremely good cyber-offensive capabilities – and almost nothing in the way of cyberdefense.”
The real dilemma is how to reach international agreements to limit military attacks in cyberspace. A Ukrainian professor of International Law, Alexander Merezhko, has developed a project, the International Convention on Prohibition of Cyberwar in Internet, and an American General, Keith B. Alexander believes that talks should be carried out between the U.S. and Russia on ways to avoid military attacks in cyberspace.
Together with unparalleled technological advances, human beings are constantly developing new and original ways to destroy each other. If only that energy and creativity were used for more constructive purposes.
Dr. Cesar Chelala is a co-winner of an Overseas Press Club of America award.