There has been some robust debate happening on a corner of the Internet. I’ve written before about some of my concerns about the rhetoric of “cyber” war in the past (Related pieces here and here), but recently I was compelled to write in to the Lowry Interpreter, commenting on a piece by cyber security expert Ian Wallace. Ian was discussing the coming age of cyberwarfare and new cyberweapons, and I expressed some skepticism as to exactly what these ‘things’ are, requesting some clarification.
“I found the recently published post by Ian Wallace another example of a somewhat frustrating article on ‘cyber’ warfare.
That there is some kind of ‘warfare’ taking place on telecommunications networks (outside of fictional networked video games) is increasingly becoming a taken-for-granted fact. Espionage, crime – sure – but warfare? Unless the definition of warfare has changed substantially, I’m still unsure how an actor might actually use the Internet to gain strategic or tactical advantages in the field of war. Yet articles like the one Ian Wallace has published indicates that there is, or there might be, such uses for the Internet .
Questions I’d love answered include: have there been recorded cases of states or non-state actors using networked technology for a strategic or tactical advantage in war? Or, in what circumstances can an actor gain advantage in war through use of cyber ‘weapons’ (whatever they might be) that couldn’t be gained using preexisting ‘conventional’ weaponry?
It seems to me that those advocating the existence of cyber war (or its possibility) do a poor job of articulating the utility of cyberspace as a domain of conflict outside of describing it in terms more relevant to espionage or crime. Call me paranoid, but the increasing rhetoric of ‘cyber’ warfare seems more about consolidating state power over the Internet than it has to do with actual important security concerns.”
Unexpectedly, the Interpreter published it and the original author wrote back with a much more detailed and, I think, better response via the Lowry Interpreter which is linked here. I particularly am drawn to this point
“How should governments deal with cyber acts that have a national security impact (espionage, sabotage and subversion, if you will) but which fall below the threshold of ‘war’, especially when the perpetrators are based overseas and often beyond the reach of law enforcement?”
…which I think is a very legitimate concern.
Other people have written in to share their views, such as engineer Tony Healy who opens up with a discussion of Stuxnet making some excellent points and pointing out some key challenges for security. For the record, I don’t disagree that cyber threats don’t exist, I’m essentially engaging in a argument of the appropriateness of the term ‘cyber warfare’.
To briefly clarify, I’m aware of the potential for using networked technologies to gain advantages in ‘war’ however I’m still skeptical as to the current level of utility networked technologies, or technologies or methods that exploit networks have over conventional methods of ‘doing war’. No doubt this viewpoint will change as technology gets even more advanced and integrated and perhaps after our view on what constitutes ‘cyber’ and what doesn’t as it still seems to me that ‘cyber’ is a blanket term used to describe acts of war that might use some aspect of newer technology.